Report on Corporate Governance and Shareholding Structure

Banca Ifis | Report on Corporate Governance and Shareholding Structure 2020

Report on corporate governance and ownership structures

2020

Pursuant to Article 123-bis of the TUF (traditional administration and control model) Website: www.bancaifis.it Document approved by the Board of Directors during the session of 11 March 2021

Banca Ifis S.p.A - Registered office in Via Terraglio 63 30174 Venice - Mestre - Italy. Entry number in the Venice Business Register and Tax. Ref. no. 02505630109 VAT number 04570150278- REA number: VE – 0247118 Share Capital Euro 53,811,095 fully paid in - Registered in the Bank Register under no. 5508 Parent Company of the Banca Ifis Banking Group S.p.A, registered in the Banking Group Registry – Member of the National Guarantee Fund and the Interbank Deposit Protection Fund, of the Italian Bank Association, the Italian Association for Factoring and Factors Chain International.

Summary

Summary	4
Glossary	7
1. Profile of the Issuer	8
Profile and structure Shareholders Corporate governance model Shareholders' Meeting Board of Directors Board committees Board of Statutory Auditors	9 10 10 11 12 12 13
2. Information on ownership interests as at 31st December 2020	14
2.1 Structure of the share capital	14
2.2 Restrictions on the transfer of titles	14
2.3 Relevant equity investments	14
2.4 Titles that confer special rights	15
2.5 Employee ownership scheme: a mechanism for the exercise of voting rights	15
2.6 Restrictions to voting rights	15
2.7 Agreements between shareholders	15
2.8 Change of control clauses and takeover-related provisions of the Articles of Association	15
2.9 Proxies for increase of the share capital and authorisations for the acquisition of treasury shares	15
2.10 Management and administration activities	16
3. Compliance	16
4. Board of Directors	16
4.1 Appointment and replacement Succession plans	16 18
4.2 Composition	18
Diversity criteria and policies	23
Maximum number of posts held in other companies	24
Induction Programme	27
4.3 Role of the Board of Directors	28
Meetings and operation	28
Tasks	29
Self-assessment	31

Civil Code 4.4. Delegated bodies

	32
Chief Executive Officers	32
Chairman of the Board of Directors	35
Information to the Board	35
4.5. Other Executive Directors	35
4.6. Independent Directors	35
4.7. Lead Independent Director	36
5. Processing corporate information	37
6. Internal Board Committees	37
7. Appointments Committee	38
Composition and role of the Appointments Committee	38
Duties of the Appointments Committee	39
8. Remuneration Committee	40
9. Directors' Remuneration	40
10. Risk Management and Internal Control Committee	40
Composition and role of the Risk Management and Control Committee	41
Duties of the Risk Management and Internal Control Committee	42
11. Risk management and internal control system	44
a. Key characteristics of the current risk management and internal control systems in relation to the financial reporting process	51
a.1. Introduction	51
a.2. Description of key characteristics of the current risk management and internal control systems in relation to the financial reporting process (the "System")	52
a.2.1 Phases of the risk management process regarding inaccurate financial reporting	52
a.2.2 Roles and Departments involved	52
11.1. Director in charge of the risk management and internal control system	53
11.2. Head of the Internal Audit Department	53
11.3. Organisational Model ex-(It.) Legislative Decree no. 231/2001	55
11.4. External Auditor	56
11.5. Financial Reporting Officer responsible for preparing company accounts and other roles and company functions	56
11.6. Coordination between individuals involved in the risk management and internal control system	57
12. Directors' interests and related-party transactions	58
13. Appointment of Statutory Auditors	59

14. Composition and role of the Board of Statutory Auditors	60
Diversity criteria and policies	64
15. Relations with shareholders	66
16. Shareholders' Meetings	66
17. Further corporate governance practices	68
18. Changes since the end of the reference financial year	68

Glossary

Code/Corporate Governance Code: the "Corporate Governance Code for Listed Companies", version applicable as of July 2018, approved by the Corporate Governance Committee and promoted by Borsa Italiana S.p.A., ABI [Italian Banking Association], ANIA [Italian National Association of Insurance Companies], Assogestioni [National Association of Asset Management Companies], Assonime [Association for Italian Public Limited Companies] and Confindustria [Italian Manufacturing Companies Association].

Civil Code/C.C.: the (It.) Civil Code.

Board: the Issuer's Board of Directors.

Issuer: the issuer of securities to which the Report refers.

Financial Year: the corporate financial year to which the Report refers.

CONSOB Issuer Regulation: the Regulation issued by CONSOB with decision no. 11971 of 1999 (as subsequently amended) regarding issuers.

CONSOB Market Regulation: the Regulation issued by CONSOB with decision no. 20249 of 2017 on markets.

CONSOB Related Parties Regulation: the Regulation issued by CONSOB with decision no. 17221 of 12 March 2010 (as subsequently amended) on related party transactions.

Report: the report on corporate governance and company shareholding structure that companies are obliged to prepare pursuant to Article 123-bis of the Consolidated Law on Finance.

Consolidated Law on Finance (TUF): (It.) Legislative Decree of 24 February 1998, no. 58, as subsequently amended.

Consolidated Law on Banking (TUB): (It.) Legislative Decree of 1st September 1993, no. 385, as subsequently amended.

1. Profile of the Issuer

Banca Ifis is subject to the provisions contained in the Supervisory Provisions issued by the Bank of Italy (Circular no. 285/2013) and, in particular, with regard to the matter of corporate governance pursuant to the provisions contained in the aforementioned Circular in Part I, Heading IV, Chapter 1. It is qualified as a bank of larger size or operational complexity, as it is listed and included in the Less Significant Institutions that are supervised directly by the Bank of Italy. Banca Ifis does not fall under the definition of SME, pursuant to Article 1, paragraph 1, letter w-quarter. 1) of the TUF and Article 2 ter of the CONSOB Issuer Regulation. Since 2001, the company has adhered to the Corporate Governance Code which indicates the corporate governance standards and best practices recommended to Italian listed companies by the Corporate Governance Committee, to be applied in accordance with the "comply or explain" principle, which requires companies to explain in their corporate governance report the reasons for a possible failure to comply with one or more recommendations contained in the principles or the application criteria.

• The Committee drafts, annually, a Report on the Code's application, accompanied by a letter by the President of the Corporate Governance Committee, which indicates the possible areas of improvement with regard to the governance of listed companies.

The Committee prepared the recommendations for 2021 taking into account the results of the report for 2020 and considering that 2021 will be the first year of application of the new Code, and decided it would be useful to reconsider all the recommendations given in the last four years. It drafted specific recommendations for the areas where there continue to be significant elements of weakness, which must be overcome in the interest also of better applying the most innovative aspects of the new edition.

The recommendations concern:

1) The theme of sustainability:
- a. assess the sustainability of business activities in the definition of strategies, the risk management and internal control system and remuneration policies, also based on an analysis of the importance of factors that may impact the generation of value in the long term.
2) Pre-contractual information:
- a. explicitly determine the terms deemed appropriate for sending the documentation;
  - b. provide in the corporate governance report a clear indication of the terms identified and their effective compliance;
  - c. not provide that such terms may be derogated for mere reasons of confidentiality.
3) Application of the independence criteria:
- a. always justify on an individual basis the possible non-application of one or more independence criteria;
- b. define in advance the quantitative and/or qualitative criteria for the assessment of the importance of the relationships being examined.
4) Self-assessment by the directors:
- a. assess the board's contribution to the definition of strategic plans;
- b. oversee the board review process.
5) Appointment and succession of directors:
- a. report promptly on the activities carried out by the appointments committee in the event that it is unified with the remuneration committee or its functions are attributed to the full board of directors;
- b. ensure the completeness and timeliness of the resolution proposals functional to the process of appointing the corporate bodies and express, at least in non-concentrated ownership companies, an orientation on the optimal composition;
- c. provide, at least in large companies, a succession plan for executive directors that identifies at least the procedures to be followed in the event of early termination of office.
6) Remuneration policies:
- a. provide clear indications on the identification of the weight of the variable component, distinguishing between components linked to annual and multi-year time horizons;
- b. strengthen the link between variable remuneration and long-term performance objectives, including, where relevant, also non-financial parameters;
- c. limit to exceptional cases, after adequate explanation, the possibility of disbursing sums not linked to predetermined parameters (i.e. special bonus);
- d. define criteria and procedures for the assignment of end-of-office indemnity;

e. verify that the amount of remuneration awarded to non-executive directors and members of the supervisory body is adequate for the competence, professionalism and commitment required by their office.

The letter of the President of the Committee and the annual report formed the subject of a specific information notice by the Chief Executive Officer of the Board of Directors (meeting of 14th January 2021).

Banca Ifis annually draws up the Report on Corporate Governance and ownership structures and this document was approved by the Board of Directors during the meeting of 11 March 2021 and was published at the same time as the Management Report on the company website.

Unless otherwise specified, the information contained in the Report refers to the date of its approval.

Profile and structure

Banca Ifis is the parent company of Banca Ifis Banking Group, an active player in specialty finance. Its core businesses are the offer of lending services and solutions to undertakings, and acquiring/servicing non-performing loan portfolios.

The increasing ability to provide financial support to small and medium enterprises and to transform insolvent individuals into solvent debtors and potential receivers of new credit, as well as the continuous increase of the number of its employees, complete the Group's ability to meet the expectations of its stakeholders.

Banca Ifis is a company that, since 2003, has been listed in the Milan Stock Exchange (STAR segment); aside from banking, it manages and coordinates the financial and related companies that belong to Banca Ifis Group and are controlled, directly and indirectly, by the bank.

As at the date of approval of the Report, the following companies are also members of the Banking Group:

Cap.Ital.Fin. S.p.A., financial intermediary registered in the Order art. 106 of the Consolidated Law on Banking, which represents the business branch of the Group dedicated to consumer credit, specialised in particular in the assignment of salary and pension-backed loans;
Credifarma S.p.A., financial intermediary registered in the Order art. 106 of the Consolidated Law on Banking for pharmacies, to which it offers advances and short and medium-long term loans to pharmacies that have already started up, and loans for the purchase of new pharmacies. In agreement with Banca Ifis, it also offers equipment leasing and financial and payment services;
Farbanca S.p.A., a licensed banking company authorised to provide investment services, specialised in the pharmacy sector, supporting pharmacist entrepreneurs to encourage development in the sector by

increasing opportunities for operational growth and future income. It offers financial products over the short and medium term that meet the needs of pharmacies such as financing for the purchase and renovation of premises, liquidity in advance against the presentation of receivables due from the ASLs (Local Health Service Agencies), debt consolidation towards suppliers, restructuring of outstanding debt with banks and financial companies, loans for the purchase of technical equipment. It also offers computerised payment services for pharmacists.

Ifis Finance IFN S.A., a financial company under Romanian law, with the aim of supporting both the domestic market and Romanian companies to whom amounts are due from foreign customers. It supports company growth and innovation processes with various factoring solutions.
Ifis Finance Sp. Z o.o., a Polish-law financial company specialising in factoring services, which include trade credit financing, payment management and covering of credit risk to customers;
Ifis Npl Investing S.p.A., financial intermediary registered in the Order art. 106 of the Consolidated Law on Banking and active investor in the Italian market of non-performing loans. The company purchases Npl portfolios, mainly originating from financial institutions and banks, and creates opportunities for the Group to invest in fund units and securitisation notes, issued by vehicles investing in impaired loans; the company supports the Group in senior financing and special lending transactions on distressed portfolios. Ifis Npl Investing S.p.A. controls Ifis Npl Servicing S.p.A., a financial intermediary registered in the Order art. 106 of the Consolidated Law on Banking, that manages and integrates the various platforms for the management and recovery of non-performing loans, both with its own portfolio and on behalf of third parties.

Ifis Npl Servicing S.p.A. controls Ifis Real Estate S.p.A., a non-regulated company that provides consulting for the management of NPLs with underlying property and the valuation and marketing of properties.

With the structure described above, at the end of 2020 the authorisation process was completed for the process of corporate integration and reorganisation of the entire structure of Non Performing Loans (formerly Ifis Npl S.p.A., formerly FBS S.p.A. and formerly FBS Real Estate) which envisaged the creation of a vertical chain aimed at guaranteeing the separation and independence between the activities of credit purchase and management and recovery.

Furthermore, Banca Ifis S.p.A. controls Ifis Rental Services S.r.l., an unregulated company specialising in the operating lease segment, not included in the Banking Group.

Shareholders

The share capital of Banca Ifis as of 31 December 2020 is represented by 53,811,095 ordinary shares with a nominal value of 1 Euro issued in dematerialised, indivisible and freely transferable form.

Corporate governance model

Banca Ifis adopts the traditional model of administration and control, believing it to be the most suitable for its business to ensure efficient administration and effective control.

For Banca Ifis, the traditional model of administration and control has so far yielded good results in terms of creating value for shareholders, strengthening capital and ensuring financial balance. The stability of the Bank and the Group, which is also evident from the comprehensive and fruitful dialogue with the Supervisory Authorities, has, in turn, confirmed the choice of the traditional model.

The traditional model appears, including from a future viewpoint, to be the most suitable to secure a harmonious and orderly development for the Group, in that it places strategic supervision, administration and control skills within a structure that has so far proved to be effective and efficient, facilitating a clear definition of responsibilities, a streamlined decision-making process and effective dialogue between the bodies themselves.

In the model adopted by Banca Ifis:

strategic supervision is carried out by the Board of Directors;
the Chief Executive Officer has been identified as the Body with management function. The General Manager participates in management;
control is performed by the Board of Statutory Auditors.

Shareholders' Meeting

The Shareholders' Meeting is a decision-making collective body composed of the shareholders of the Bank and/or their representatives; its decisions, adopted in accordance with the Law and the Articles of Association, are binding for all shareholders, even if they are absent or of a different opinion. The Shareholders' Meeting is ordinary and extraordinary pursuant to the Law and may be convoked also outside the company's registered office, as long as it is held in the country.

The ordinary Shareholders' Meeting is convoked at least once a year, within 120 days from the end of the financial year, to deliberate on the matters under its purview, as per the regulatory framework in force and the Bank's Articles of Association.

In particular, the ordinary Shareholders' Meeting:

approves the financial statements;
appoints (using the list vote mechanism) and removes members of the Board of Directors, establishing their remuneration;
appoints (using the list vote mechanism) the members and the President of the Board of Statutory Auditors, establishing their remuneration;
may appoint, also not from among the members of the Board of Directors, an Honorary President, chosen from among the people who have significantly contributed to the Company's reputation and development;
approves the remuneration and incentive policies concerning the Board of Directors, the General Manager, the Board of Statutory Auditors, the General Manager and the rest of the personnel;
approves any remuneration plans based on financial instruments;
approves the criteria to determine the remuneration to be paid in the case of an early termination of an employment relationship or early termination of an office, including the maximum limits set for this remuneration in terms of annual fixed amount and the maximum amount deriving from their application;
has the right to decide the ratio between the variable and the fixed component of individual remuneration of personnel that exceeds 100%, but which, in any way, may not exceed the limits set forth by the applicable legal and regulatory provisions pro tempore (currently equal to 200%, a ratio of 2:1). The proposal may be deemed to have been approved validly with the majority envisaged by the regulatory framework that applies at any given time.

The extraordinary Shareholders' Meeting deliberates on amendments to the Articles of Association and on other matters under its purview in accordance with the Articles of Association or the law.

For more information on the Shareholders' Meeting, please see Section 16

Board of Directors

The Company is managed by a Board of Directors made up of five to fifteen members, elected by the Shareholders' Meeting. On 11th March 2021, the number of directors was 12 and their mandate will expire on the date of the Shareholders' Meeting convoked for the approval of the 2021 financial statements.

The appointment of the members is based on lists presented by the shareholders; candidates are listed in sequential order and their number must not exceed the maximum number of Members established by the Articles of Association. Only shareholders who, alone or together with others, own at least 1% of ordinary shares at the time of submission have the right to submit lists.

The Articles of Association set forth that: at least one quarter of the members must fulfil the requirements of independence and such members must be placed, on the list, among the first four posts of the sequential order; at least one third of candidates must belong to the least represented gender, an exception being made for lists that present fewer than three candidates; one director must be taken from the second list by number of votes.

The Board elects a President and may elect a Vice-President; in addition, it appoints a Chief Executive Officer, tasked with performing the company's operations with the aim of following the lead and achieving the strategic corporate objectives decided by the Board of Directors, and establishes their management powers.

For more information on the Board of Directors please see Section 4

Board committees

Also in compliance with the provision of the Corporate Governance Code, three committees have been established within the Board of Directors; these committees, which have powers of investigation, consultation and proposal, allow the body tasked with strategic supervision to adopt its decisions with a better knowledge of the facts:

Risk Management and Internal Control Committee;
Appointments Committee;
Remuneration Committee.

The members, manner of operation and responsibilities of the Board Committees are governed by the Regulations of the Board of Directors, the Board Committees and the Supervisory Body and in the General Regulations.

For more information on the Board Committees please see Section 6

Board of Statutory Auditors

The Board of Statutory Auditors is composed of three standing and two alternate auditors. They are appointed based on lists presented by the shareholders, in which the candidates are listed in sequential order; their number may not exceed that of the members of the body to be elected. Each list is made up of two sections, one for candidates for the standing auditor post and one for candidates for the alternate auditor post. The mandate of the Statutory Auditors will expire on the date of the Shareholders' Meeting convoked to approve the 2021 financial statements.

The Articles of Association envisage that two standing auditors and one alternate will be elected from the list that obtained the majority of votes; one standing auditor and one alternate will be elected from the second list in number of votes. The standing auditor elected from the minority list shall be declared President of the Board of Statutory Auditors.

The means of operation and the powers of the Board of Statutory Auditors are regulated by the Articles of Association and the General Regulation.

For more information on the Board of Statutory Auditors please see Sections 13 and 14

2. Information on ownership interests as at 31st December 2020

2.1 Structure of the share capital

On 31st December 2020, the capital subscribed and paid up amounted to €53,811,095.00, subdivided in 53,811,095 ordinary shares of a par value of €1, as shown in Table 1:

Table 1

	STRUCTURE OF THE SHARE CAPITAL
	Number of shares	% with regard to the share capital	Listed (market) / unlisted	Rights and obligations
Ordinary shares	53,811,095	100%	Listed (MTA)	Each ordinary share grants the right to one vote

As at 31st December 2020, no other financial instruments that attribute the right to subscribe newly-issued shares had been issued.

For own shares to be attributed as variable remuneration to the Chief Executive Officer and the General Manager and, possibly, to other employees on the list of "Key Personnel", please see the Report on remuneration, drafted pursuant to Article 123-ter of the TUF, and the Document of information on compensation plans based on financial instruments drafted pursuant to Article 114 bis of the TUF and 84 bis of the CONSOB Issuer Regulation; the documents are available on the website www.bancaifis.it under "Corporate Governance" and "Shareholders' Meeting" and implement the amendments decided by the extraordinary Shareholders' Meeting of 23/04/2020.

2.2 Restrictions on the transfer of titles

There are no restrictions to the transfer of titles, with the exception of retention periods foreseen for the portion of the variable remuneration to be paid in shares to the Chief Executive Officer and to the General Director, as well as to any other employees who are included in the list of "most relevant personnel". For details on the shares to be assigned to such company personnel, please see the Report on remuneration drafted pursuant to Article 123-ter of the TUF.

2.3 Relevant equity investments

Based on the communications made pursuant to article 120 of the TUF, and on the communications made by Key Personnel pursuant to Article 152-octies of the CONSOB Issuer Regulation, Table 2 below shows the persons who, as at 31st December 2020, directly or indirectly own shares with voting rights exceeding 3% of the share capital.

Table 2

RELEVANT EQUITY INVESTMENTS
Declarant	Direct shareholder	Share % on ordinary capital	Share % on voting capital
Ernesto Fürstenberg Fassio	La Scogliera S.p.A.	50.50%	50.50%

We believe that it is worth pointing out that:

La Scogliera aims to ensure the compactness and continuity of the management of its controlling investment on Banca Ifis S.p.A., pursuant to Article 2359 of the (It.) Civil Code;
Even though it is the majority shareholder, La Scogliera S.p.A. does not perform any management and administration activity regarding Banca Ifis S.p.A.;
The corporate object of La Scogliera S.p.A. expressly excludes the activities of management and administration of the financial companies and banks in which it participates.

2.4 Titles that confer special rights

No titles that confer special controlling rights have been issued.

2.5 Employee ownership scheme: a mechanism for the exercise of voting rights

Any employees holding shares of the Company exercise their shareholder rights in the same way as other shareholders.

2.6 Restrictions to voting rights

On the approval date of the Report, the company did not have restrictions to voting rights.

2.7 Agreements between shareholders

No agreements between the company's shareholders exist at the Board of Directors of Banca Ifis S.p.A. 122 TUF. Conversely, the Bank has stipulated, on acquisition, shareholder agreements with the minority shareholders of Credifarma.

2.8 Change of control clauses and takeover-related provisions of the Articles of Association

Banca Ifis knows of no significant agreements between its shareholders that take effect, are modified or cease in the event of a change in control of its contracting company.

However, with reference to restrictions on the transfer of shares, please note that the agreements stipulated between Banca Ifis and Federfarma on acquisition of control of Credifarma S.p.A. by the Bank (July 2018) set forth that the two shareholders may not transfer, in whole or in part, the Credifarma shares they hold at any given time until expiry of the 5th year following the date on which the agreement was stipulated; one of the Parties may transfer shares to companies it controls.

The Articles of Association of Banca Ifis S.p.A. do not contain derogations from the provisions on the passivity rule of Article 104 paragraphs 1 and 1-bis of the TUF, nor do they envisage the application of the neutralisation rules set forth by Article 104-bis, paragraphs 2 and 3 of the TUF.

2.9 Proxies for increase of the share capital and authorisations for the acquisition of treasury shares

As at 31st December 2020, no proxies for the increase of the share capital pursuant to Article 2443 of the (It.) Civil Code or for the issue of equity financial instruments had been conferred to the Board.

The Shareholders' Meeting did not authorise the acquisition of treasury shares, pursuant to Articles 2357 et seq. of the (It.) Civil Code and Article 132 of (It.) Legislative Decree 58/98.

2.10 Management and administration activities

La Scogliera S.p.A., despite being a majority shareholder, does not manage and coordinate Banca Ifis S.p.A. In this regard, as mentioned above, please note that the corporate object of La Scogliera S.p.A. expressly excludes the activities of management and administration of the financial companies and banks in which it participates.

Please note that:

the information required by article 123-bis, first paragraph, letter i) ("the agreements between the company and the directors ... which provide for compensation in the event of resignation or dismissal without just cause or if their employment relationship ceases following a takeover bid "), are contained in the Remuneration Report published pursuant to art. 123-ter of the TUF;
the information required by Article 123-bis, paragraph 1, letter l) ("rules applicable to the appointment and replacement of Directors […] as well as any amendment of the Articles of Association, apart from supplementations resulting from additional legislative and regulatory provisions"), is illustrated in the section of this Report dedicated to the Board of Directors (Section 4.1).

Banca Ifis is the Parent Company of the Banking Group and controls, other than the companies that belong to said group, also other companies that form part of the so-called Economic Group.

Pursuant to the TUB, it manages and coordinates the companies that belong to the Banking Group and issues them with the directives necessary for the transposition of the decisions of the Parent Company in the controlled companies.

In addition and pursuant to Articles 2497 et seq. of the (It.) Civil Code, it manages and coordinates the companies that belong to the Economic Group.

3. Compliance

Banca Ifis S.p.A. has adopted the Corporate Governance Code for Listed Companies, as indicated under point 1.0, Issuer Profile.

The Corporate Governance structure of Banca Ifis is not influenced by the provisions of non-Italian laws.

Ifis Finance Sp. Z o.o., a factoring company 100% controlled by the Issuer, is a company under Polish law and is therefore subject to Polish legislation.

Ifis Finance I.F.N. S.A., a financial company established in 2020, 99.99% controlled by the Issuer, is a company under Romanian law and is therefore subject to Romanian legislation.

These circumstances, however, also due to the limited size of the subsidiaries compared to the Parent Company, do not in any way affect the corporate governance structure of Banca Ifis S.p.A ..

4. Board of Directors

Strategic supervision is performed by the Board of Directors, which, pursuant to the Provisions, is called upon to decide on the strategic guidance of the bank and to continuously check that it is implemented.

4.1 Appointment and replacement

The Articles of Association envisage that the Directors are appointed based on the mechanism of voting lists by the Shareholders' Meeting, in compliance with the applicable legal and regulatory provisions (professionalism and authoritativeness) and in compliance with the composition criteria that relate to the presence of minority and independent directors, with respect for gender balance.

In order to encourage that the best candidates are put forward for the renewal of the Administrative Body, in support of the Shareholders and in compliance with the Vigilance Provisions for banks in matters of Corporate Governance, the Board of Directors identifies preventively what is deemed its optimal qualitative-quantitative composition, identified and justifying

the theoretical profile of candidates. The analyses performed were reported in the document "Optimal qualitativequantitative composition of the Board of Directors of Banca Ifis", approved by the Board of Directors on 11th February 2019 and published on the bank's website, together with the documentation concerning the Shareholders' Meeting of 8th March 2019, so that the assessments made by the outgoing Board of Directors could reach the Shareholders, leaving them time to present the lists.

The bank's organisational and governance structures must guarantee conditions of healthy and prudent management, the objective of the regulation, of the supervisory bodies and of all stakeholders; therefore, the composition of the administrative body is of paramount importance for the efficient performance of the tasks entrusted thereto by law, by the supervision provisions and by the Articles of Association.

The candidates are listed in sequential order and their number may not, in any case, exceed the maximum number of members set forth by the Articles of Association (fifteen). The right to present a list is only granted to shareholders who, at the time of delivery of the list, own, alone or jointly, a stake of at least 1% of ordinary shares or other minimum ownership threshold that - pursuant to the applicable regulatory framework - must be indicated in the notice of convocation of the Shareholders' Meeting which is called upon to deliberate on the appointment of the members of the Board of Directors.

A shareholder may not present or vote more than one lists, even through a third party or a trust company. Shareholders belonging to the same group and shareholders who have stipulated a shareholder agreement related to shares of the Company may not present or vote more than one lists, even through a third party or a trust company. A candidate may only be present on one list, on pain of ineligibility.

The lists are deposited at the registered office of the Company by the twenty-fifth day before the date of the first-call Shareholders' Meeting and are made available to the pubic at the registered office of the company, on the Company's website and by the other means set forth by the applicable regulatory framework, at least twenty days before the date of the first-call Shareholders' Meeting.

In order to prove the ownership of the number of shares necessary to present the lists, the shareholders may produce the related certificate even after the deposit, on the condition that this is done within the deadline foreseen for the publication of the lists by the Company.

The lists must be accompanied:

by information relating to the identity of the shareholders who presented the lists, with indication of the percentage of the total stake held;
a declaration of the shareholders other than those who hold, including jointly, a controlling or relative majority shareholding, certifying the absence of relationships with the latter, as indicated in Article 147-ter of the TUF, and Article 144-quinquies of the CONSOB Issuer Regulation;
exhaustive information on candidates' personal and professional characteristics, as well as a declaration by the candidates themselves confirming certifying possession of the requirements established by law and their acceptance of candidacy.

Candidates who do not meet the requirements of professionalism, integrity and independence, or the criteria of competence and correctness, and are not able to dedicate the time necessary to the effective performance of the assignment, in order to guarantee the sound and prudent management of the assignment in accordance with Article 26 of Legislative Decree no. 385/1993, cannot be included on the bank's lists of candidates.

Each list must also indicate:

at least a quarter of the members (if this ratio is not an integer, round it down to the next lowest whole number if the first decimal is less than or equal to 5; otherwise round it up to the next highest whole number) that meet the independence obligations provided for both by the Corporate Governance Code for Listed Companies required by Borsa Italiana S.p.A. and Article 148, paragraph 3 of (It.) Legislative Decree no. 58/1998. These candidates must be the first four names on the list in sequential order;
at least a third of the list must be made up of candidates representing the least represented gender, except for lists containing fewer than three candidates.

Members of the Board of Directors are elected as follows:

1. all directors bar one are selected from the list which, during the Assembly, obtained the highest number of votes, based on the progressive order in which they are indicated in said list;
1. one Director is elected from the list obtaining the highest number of votes at the Shareholders' Meeting and who, pursuant to Article 147-ter, paragraph 3 of the TUF, is in no way connected, not even indirectly, with the shareholders who submitted or voted for the list that came first in terms of the number of votes obtained.

Should this selection criteria fail to ensure proper gender balance to the extent established on a case by case basis by Italian Law, a sliding mechanism is applied to the selection from the list which obtained, during the Shareholders' Meeting, the highest number of votes based on the sequential order in which the candidates are indicated. This mechanism excludes the candidate or candidates of the most represented gender and selects the candidate or candidates of the unrepresented gender.

If just one list of candidates is submitted, the names indicated on that list will be elected as Members of the Board of Directors, up to the number of Directors to be elected less one, who shall be elected by the Shareholders' Meeting there and then, based on a simple majority but excluding from the vote the shareholders who submitted the single list, and based on the proposal of the shareholders not excluded from the right to vote.

If, during the year, less than a quarter of the Directors are found to meet such requirements, the Board will resolve to terminate the role of one or two of its Members who have ceased to meet such requirements, based on a criterion of shorter tenure, or, in the case of equal tenure, lower age, and will co-opt one or two independent members.

The laws in force, without the involvement of list voting, shall govern any replacement of Directors, except in the event that all Directors cease their roles.

To guarantee the presence of the director selected from the list that did not obtain the majority vote, in case they cease their role, the Board will first check the continued availability of the candidates included on the list, according to the its sequential order, and will co-opt members based on this criterion of preference.

If a Director belonging to the least represented gender ceases, the co-opted Director shall be of the same gender.

Succession plans

The Board has assessed the adoption of a succession plan for executive directors and, as a consequence of this, the Appointments Committee prepared in 2020 an organic succession plan for top management following the presentation of the 2020-2022 Business Plan. To delineate the succession plans, the Board has deemed it useful to perform an internal reorganisation, identifying the activity sectors and the business areas that are believed to be strategic interest to the Group's future.

Therefore, once the activities of analysis and definition of the succession plan have been launched, it will be prepared during the 2021 financial year and in any case following the planned new organisational and corporate structures of the Group, the preparation of the new strategic planning and the next changes in terms of governance already communicated to the market.

4.2 Composition

In accordance with the Company's Articles of Association, the Board of Directors is composed of a minimum of five up to a maximum of fifteen members, elected by the Shareholders' Meeting.

The ordinary Shareholders' Meeting of the Shareholders of 19th April 2019 set the composition of the Board of Directors to 12 and fixed the duration of the mandate to three financial years (2019-2021); the mandate will expire on the date of the Shareholders' Meeting convoked for the approval of the financial statements for the financial year 2021.

Four lists were deposited and published within the deadlines and in the manner laid down by the applicable provisions and by the Articles of Association for the election of the Board of Directors at the Shareholders' Meeting of 19th April 2019:

List 1 (LA SCOGLIERA S.P.A.);
List 2 (Bossi, Maderna, Alchimia S.p.A.);
List 3 (Assogestioni) on behalf of the following group of investors:
- i) Arca S.G.R., manager of the fund Arca Economia Reale Equity Italia, Arca Economia Reale Bilanciato Italia 30;
- ii) Eurizon Capital S.G.R. S.p.A., manager of the Eurizon Pir Italia 30 funds, Eurizon Progetto Italia 20, Eurizon Progetto Italia 70, Eurizon Equities PMI Italia, Eurizon PIR Italia Actions and Eurizon Progetto Italia 40;
- iii) Eurizon Capital SA, Eurizon Fund-Equity Small Mid Cap Italy fund manager;
- iv) Fideuram Asset Management (Ireland), Fonditalia Equity Italy fund manager.
- v) Fideuram Investimenti SGR S.p.A., Fideuram Italia, PIR Piano Azioni Italia, PIR Piano Bilanciato Italia 50 and PIR Piano Bilanciato Italia 30 fund manager;
- vi) Interfund Sicav InterfundEquity Italy;
vii) Generali Investiments Luxembourg S.A., GSmart PIR Evoluzione Italia, GSmart PIR Valore Italia and Gis European Eqty Recov fund manager;
viii) Mediolanum Gestione Fondi SGR S.p.A., Mediolanum Flessibile Futuro Italia and Mediolanum Flessibile Sviluppo Italia fund manager.
List 4 (Preve Costruzioni S.p.A.).

As well as the lists, the following document were also deposited and published:

Certification attesting the ownership of shares in number sufficient for the presentation of a list and possible absence of the relationship of Article 147-ter of the TUF and 144-quinquies of the Issuer Regulation;
Declaration with which each candidate: accepts their candidacy, attests that they meet the requirements of professionalism, integrity and independence envisaged by the applicable regulatory framework and the absence of causes of ineligibility and/or incompatibility; CV and list of offices held

Table 3 shows the list of candidates, the list of those elected and the percentage of votes obtained compared to the voting capital:

LIST	LIST OF CANDIDATES	LIST OF CANDIDATES ELECTED	PERCENTAGE OF VOTES OBTAINED
1	Simona Arduini Antonella Malinconico Beatrice Colleoni Monica Billio Sebastien Egon Fürstenberg Ernesto Fürstenberg Fassio Luciano Colombini Alessandro Csillaghy de Pacser Luca Lo Giudice Daniele Umberto Santosuosso Divo Gronchi Ferruccio Di Lenardo	Simona Arduini Antonella Malinconico Beatrice Colleoni Monica Billio Sebastien Egon Fürstenberg Ernesto Fürstenberg Fassio Luciano Colombini Alessandro Csillaghy de Pacser Luca Lo Giudice Daniele Umberto Santosuosso Divo Gronchi	69.55%
2	Giuseppe Benini Renato Giovannini		10.83%
3	Roberto Diacetti Alessandra Giuseppina Barzaghi	Roberto Diacetti	16.25%
4	Riccardo Preve Giovanni Angioni		3.18%

Table 3

The composition of the Board was found to agree with the composition identified in advance as optimal in the document "Optimal qualitative-quantitative composition of the Board of Directors of Banca Ifis"; the declarations provided on the requirements of professionalism, integrity and independence, and on the limit of accumulation of offices were found to have been complied with.

All directors declared their ability to dedicate sufficient time to the proper performance of their mandate and all the areas of competence identified in the self-assessment process of 2018 were found to be well represented in the Board (Banking Business and activities and banking and financial products (7); Dynamics of the economic/financial system (5); Industry regulations (5); Internal control systems and systems for the methodology of risk management and control (9); Risk management and control methodology (6); Corporate governance (8); Corporate management processes (8); Knowledge of the organisational structure and IT systems (2); Accounting and financial information statement (9)).

Following the resignation of the Director Alessandro Csillaghy de Pacser, effective from 31st March 2020, the Shareholders' Meeting of 23rd April 2020, in order to reinstate the composition of the Board, elected Mr. Riccardo Preve.

At the start of financial year 2021, the Director Divo Gronchi resigned (effective from 14 January 2021) and the Board, with the support of the Appointments Committee, after verifying compliance with the necessary requirements and consistency with the qualitative and quantitative composition deemed to be optimal, co-opted Mr. Frederik Herman Geertman on 11th February 2021.

The composition of the Board of Directors, at the date of approval of the Report, is therefore shown in table 4 below:

Table 4

		In office		First	List		Non	Indep.	Indep.	% particip.
Role	Components	from	to	appointment date	(M/m)*	Exec.	Exec.	Code	TUF	BoD meetings**
President	Sebastien Egon Fürstenberg	19/04/2019	Approval of 2021 financial statements	1983	M		X			55.6
Vice-President	Ernesto Fürstenberg Fassio	19/04/2019	Approval of 2021 financial statements	2019 M X				100
Chief Executive Officer	Luciano Colombini	19/04/2019	Approval of 2021 financial statements	2019 M X				100
Director	Frederik Herman Geertman	11/02/2021	Approval of 2020 financial statements	2021	n.a.		X			n.a.
Director	Riccardo Preve	23/04/2020	Approval of 2021 financial statements	2005	n.a.		X			91.7
Director	Daniele Umberto Santosuosso	19/04/2019	Approval of 2021 financial statements	2013	M		X	X	X	100
Director (LID)	Simona Arduini	19/04/2019	Approval of 2021 financial statements	2019	M		X	X	X	100
Director	Monica Billio	19/04/2019	Approval of 2021 financial statements	2019	M		X	X	X	94.4
Director	Antonella Malinconico	19/04/2019	Approval of 2021 financial statements	2016	M		X	X	X	100
Director	Roberto Diacetti	19/04/2019	Approval of 2021 financial statements	2019	m		X	X	X	100
Director	Beatrice Colleoni	19/04/2019	Approval of 2021 financial statements	2019	M		X	X	X	100
Director	Luca Lo Giudice	19/04/2019	Approval of 2021 financial statements	2019	M		X			100
Directors who ceased to hold office during the Financial Year 2020
Director	Alessandro Csillaghy De Pacser	19/04/2019	31/03/2020	1995	M		X			100
Directors who ceased to hold office during the Financial Year 2021
Director	Divo Gronchi	19/04/2019	14/01/2021	2019	M		X	X	X	94.4
Quorum required for the presentation of the lists by minorities for the election of one or more members (pursuant to Article 147-ter TUF): 1%
No. of meetings held during the financial year of reference: 18
Notes:
* This column indicates the list from which each director was selected ("M": majority list; "m"; minority list). ** No. of presences/no. of meetings held during the effective time in office of the subject during the Financial Year.

Below is a breakdown of the members of the Board of Directors as of 31st December 2020 by gender and age groups which are the same as at the date of approval of the Report:

Information relating to the personal and professional characteristics of each director in office on the date of approval of this report may be found below:

President of the Board of Directors - Sebastien Egon Fürstenberg

Mr. Sebastien Egon Furstenberg has operated in the factoring sector for more than 30 years; in 1983 he founded the company I.Fi.S. S.p.A. – Istituto di Finanziamento e Sconto (now Banca Ifis S.p.A.).

He is currently the Chief Executive Officer and the President of the Board of Directors of La Scogliera S.p.A., a company whose objective is the acquisition, management and divestment of participations in banks and financial companies, and which holds the majority of the capital of Banca Ifis S.p.A.

Vice-President - Ernesto Fürstenberg Fassio

He graduated in Law from the University of Padua; he is currently studying towards the MA in Accounting and Control at Bocconi University. In 2009, he joined the Board of Directors of La Scogliera S.p.A., the financial holding company that controls Banca Ifis S.p.A., where he has been Chief Executive Officer since 2018.

At Banca Ifis S.p.A. he is in charge of promotion of the brand and of the implementation of the company's operational and management and control processes.

Since 2019 he has been President of the Board of Directors of Ifis Npl Servicing S.p.A.

Chief Executive Officer - Luciano Colombini

He graduated in Law and started his professional career at the Banco di Roma; in 1984, he joined Banca Popolare di Vicenza where for twenty years he took on positions of increasing responsibility culminating in his appointment as General Manager in 2005. In October 2007, he left the Banca Popolare di Vicenza and, in subsequent years, was General Manager for various banks (Banca Popolare di Verona San Geminiano and San Prospero - Banca Popolare Group, Unipol Banca - Unipol Group, and Banca Desio e Brianza Group); in July 2016 he was appointed Chief Executive Officer of Banca Finint Group.

In April 2019 he became Chief Executive Officer of Banca Ifis S.p.A. and, within the Group, he holds the positions of President of the Board of Directors in Farbanca S.p.A., Chief Executive Officer of Ifis Npl Servicing S.p.A. and Director of Ifis Npl Investing S.p.A.

Director – Frederik Geertman

He graduated in Chemical Engineering from Delft University of Technology in the Netherlands, and took an MBA at INSEAD in France.

In 2016 he became Deputy General Manager and Chief Commercial Officer of UBI Banca, coordinating national economic and industrial recovery operations. Previously he had spent almost ten years with the UniCredit international banking group, occupying such roles as Head of Global Marketing and Segment Management for several European countries and as Head of the Italian branch network for Families and SMEs. He began his work at a leading strategic consulting firm, McKinsey & Co., first in the Netherlands and then in Italy. Over the course of his career, Geertman has led the multi-channel digitalisation of customer relationships, while increasing the commercial productivity of the companies in which he has operated by redesigning their organisation and commercial processes.

Director - Daniele Santosuosso

Having graduated in Commercial Law, he pursued an academic path as honorary fellow and visiting fellow in various foreign universities, and then researcher, associate professor of Commercial Law at the University "La Sapienza" of Rome and, lastly, professor pro tempore and then full professor at the department of Commercial Law at the same university. He has authored numerous notes, articles, essays and books; he has also contributed to certain scientific journals and collaborates with Il Sole 24 Ore, as well as being the founder and director responsible for the "Rivista di diritto societario" [Journal of Corporate Law]. He has been enrolled in the Italian Register of Lawyers since 1992, has his own law firm and has held various institutional and corporate management posts (including as a Member of the Government Commission for the reform of company law in 2003 and the Government Commission for the reform of the law on distressed businesses – the so-called "Rordorf Reform") and corporate management offices.

Director - Simona Arduini

She is a professor in the scientific disciplinary sector of Corporate Economy at the Department of the same name of the Roma Tre University. In 2016-2019 she was the Chair of the School of Economy and Corporate Studies. She teaches Financial Statements, and Business Valuation. She is a member of the Board of Statutory Auditors of Rentokil Initial Italia S.p.A.; in 2019, she was appointed by Mibac [Ministry of Cultural Heritage and Activities and Tourism] to the Board of Auditors of Rome's Special Superintendency for Archaeology, the Arts and the Landscape, and she has been a member of the Supervisory Committee of Veneto Banca S.p.A. in L.C.A. since April 2018. She was a member of the Board of Statutory Auditors of Nuova Cassa di Risparmio di Ferrara S.p.A. and of Poste Vita S.p.A. She was a member of the supervisory committee of various administrative liquidation and extraordinary administration procedures of banks and financial entities. She has performed expert assessment of the economic capital for leading Italian companies. She has been a consultant at the Civil Court of Rome since 1999.

Director - Monica Billio

She graduated in Economy and Commerce from the Università Ca' Foscari Venezia and was awarded a PhD in Applied Mathematics from the Université Paris IX Dauphine (France).

Since 2006 she has been Full Professor of Econometrics at Ca' Foscari University. She has published numerous articles in internationally recognised econometrics and finance journals, with applications to the measurement and management of financial risks, the analysis of the financial system and sustainable finance.

She participates in numerous research projects financed by the European Commission, the European Investment Bank, the World Bank, Eurostat and the Italian Ministry of Universities and Research. She is currently a member of the Board of Directors of the European Financial Management Association (EFMA) and a member of the scientific committee of the Associazione Italiana Financial Industry Risk Managers (AIFIRM).

She was an independent member of the Board of Directors of Banco delle Tre Venezie S.p.A. and member of the Board of Directors of Contarina S.p.A.

Director - Antonella Malinconico

She graduated in Economy and Commerce from the Università Federico II of Naples and was awarded, from the same university, a PhD in Financial Science for Companies. She is currently full professor of the Economy of financial intermediaries at the Università degli Studi del Sannio. She has authored numerous studies and publications on subjects such as Risk Management in banks, Management of Non Performing Loans, Prudential Vigilance, Relationship between Banks and Undertakings.

She has been a licensed Accountant since 1995 and is a consultant on financial matters for numerous banking institutions, where she also provides training. Over the years she has held various professional posts, among which the post of member of the Board of the Bank of Italy (Naples branch) from 2009 until she was co-opted in the Board of Directors of Banca Antonio Capasso S.p.A., of which she was a member from 2014 to 2016.

Director - Roberto Diacetti

He graduated in Law from the Università LUISS-Guido Carli of Rome. He has accumulated significant managerial experience in the public and private sector. Over the years he has been Chief Executive Officer of Resources for Roma Spa and ATAC Spa, President of EUR Spa and Roma Convention Group Spa. He was Vice-President of World Food Programme Italia and Visiting Lecturer in Planning and Control at the Università degli Studi di Cassino for over ten years. He is currently General Manager of Fondazione Enpaia. He is also Vice President of Ifis Npl Servicing S.p.A. and member of the Board of Directors and member of the Control and Risk Sustainability Corporate Governance Committee of Pirelli S.p.A.

Member of the Board of Directors - Riccardo Preve

Holder of a degree in Sociology, he founded Preve Costruzioni S.p.A., an undertaking for the construction of infrastructure on public works contracts, which controls other road sign and construction Companies. He is active in the real estate sector and has invested in the photovoltaic business. He currently holds the office of President, CEO and Technical Director of various industrial Companies, and he is a Member of the Managing Board and Executive Committee of Confindustria [CBI] Cuneo.

He was re-elected to the Board of Directors of Banca Ifis on 23 April 2020, after being a Director of Banca Ifis from 2005 to April 2019.

Director - Beatrice Colleoni

She graduated in Economy and Commerce from the Università Cattolica del Sacro Cuore of Milan; since 2002 she has been an accountant, mainly busy with corporate, administrative and strategic consultancy, national and international taxation, drafting of financial statements, extraordinary operations, organisation of labour.

During her career, she collaborated with the firms IBI Consulting Srl and Andersen Legal and, since 2002, she has been working for Gruppo Colleoni, also holding the post of member of the Boards of Directors of certain companies.

Director - Luca Lo Giudice

He graduated in Law from the Università Cattolica del Sacro Cuore of Milan in 1996; he has been practising law since 1999 and has been a Supreme Court attorney since 2011.

A legal consultant with over 20 years of experience in corporate, banking and insurance issues regarding corporations, insurance companies, banks and investment funds both on a permanent basis and in the context of operations of corporate reorganisation, securitisation and restructuring of financial debt. In certain outstanding cases, he held the office of director, on the instruction of the main national credit institutions.

Diversity criteria and policies

The Board of Directors, when its mandate was renewed, invited Shareholders to consider, for the purposes of submitting lists of candidates, the Board's needs in terms of professionalism and skills (including managerial skills) deemed to be necessary to ensure that the composition of the Strategic Supervisory Body is optimal, as shown in the report on "Optimal Qualitative and Quantitative Composition of Banca Ifis's Board of Directors" approved by the Board of Directors on 11th February 2019 and made available at the company's registered office, "Borsa Italiana S.p.A." and the authorised storage mechanism , as well as the Company's website. This document will be updated annually to support the self-assessment carried out by the Directors.

The process of selecting Board members ensures that the Board is diverse, guaranteeing that the Body has an adequate degree of diversification in terms of abilities, which must be extensive and diversified from both a managerial and technical perspective (in terms of legal, accounting, tax, financial, risk management and control, corporate governance, IT process, business organisation and human resources knowledge).

In order to guarantee a fruitful internal dialogue and to contribute to the adoption of decisions that align with the Bank's interests, the Board of Directors must ensure that its members have significant and consolidated experience in the management, administration, control activities of banks and/or undertakings.

As a matter of fact, performance of the functions assigned to the strategic supervision body requires the presence of persons who:

are fully aware of the powers and obligations inherent to the roles they are each called upon to carry out (executive and non-executive duties, independent members, etc.);
have a level of professional skill that is appropriate for the role, including with regard to the Board's internal committees, and adjusted to the operating characteristics and size of the bank;
have skills that are different from yet complementary to those of the other members, in order to ensure that each member contributes, with the other members, within committees they are a part of and in collective decisions, to identify and pursue suitable strategies and to assure effective risk management in all areas of the Bank;
dedicate the necessary time and resources to their office limits to the number of positions possible to hold remaining firm;
focus their actions on pursuing the overall interests of the bank, regardless of the corporate structure that voted for them or the list from which they are taken;

• guarantee compliance with operation and judgement independence.

These skills are monitored annually through the self-assessment process, which requires each Director to judge their own level of technical-regulatory competences in relation to the Bank's business and any other subjects deemed necessary considering the Bank's activities.

The Bank is also aware that an appropriate degree of diversification in terms of age, gender and geographic origin gives a plurality of approaches and perspectives in analysing problems and taking decisions, avoiding the risk of behaviour that aligns with a dominant position, within or outside the Bank. Objectives regarding diversity in the composition of the Board must be pursued considering the skills and professionalism requirements which all directors must possess.

To this end, the adopted Board member selection process protects and promotes their diversity right from the nomination phase, as the list vote mechanism governed by the Articles of Association ensures that at least one Director is chosen from minority shareholdings and that the regulatory provisions on the number of candidates belonging to the least represented gender are complied with; As already mentioned, at least a third of the Board of Directors must be made up of the least represented gender.

As a result, the Bank does not consider it necessary to adopt additional specific diversity policies relating to the composition of the strategic supervisory body.

***

Banca Ifis has also adopted measures to promote equal opportunity and treatment of gender within the entire business organisation. The Group firmly condemns any discrimination against employees or applicants based on gender, age, religious or political beliefs and trade union affiliation, as well any form of nepotism and preferential treatment.

As the Code of Ethics—the Group's main reference for standards of conduct and ethics—clearly states, all Group employees shall maintain the highest standard of conduct, integrity, transparency and practicality. These rules apply also to Collaborators.

It is possible to report any conduct contrary to these principles, with the guarantee that the personal data of the complainant and the alleged offender will remain confidential, through the Whistleblowing mechanism, which is available to employees as well as collaborators and independent contractors working with the Group on a regular basis. No incidents of discrimination were reported in 2020.

As for the composition of staff, we can see that, as at 31st December 2020, 52.39% of the employees of Banca Ifis are women and that 40% of management personnel (Senior and Middle Managers) are women.

The differences in average remuneration between men and women range from 9.36% to 2.84% in favour of men, in accordance with grade.

Maximum number of posts held in other companies

The "Regulation on the maximum number of posts held in other companies by company officers" was approved by the Shareholders' Meeting of 30th June 2009.

This Regulation first of all establishes that:

"The Officers of Banca Ifis S.p.A. accept their post and hold it insofar as they believe themselves able to dedicate the necessary time to the diligent performance of their tasks, taking into account both the number and the quality of posts held in the administration and control bodies of other companies and the commitment required of them by their other professional activities and by associated posts held".

To calculate the limits on the maximum number of posts in other companies as governed by the "Regulation", the following are considered significant:

a) companies with shares listed in Italian or foreign regulated markets;
b) Italian or foreign companies, with shares not listed in regulated markets and that operate in the insurance, banking and financial sector, in general. As regards the latter sector, the only financial companies considered significant are those subject to prudential supervision by the Bank of Italy and registered on the list of financial intermediaries as set out in Article 106 of (It.) Legislative Decree no. 385/1993. An equivalent assessment is made for foreign companies;

c) "companies of significant size" (that is, those that have individual net equity of at least a hundred million euros based on the last approved financial statement).

Offices held within the Banca Ifis Group or in companies other than those listed above, are not considered significant.

In the Regulation, the term "executive posts" refers to the following posts:

Chief Executive Officer
General Manager
Member of the Management Board
Member of the Executive Committee.

The terms "Non-executive Director or controlling posts" refer to the following posts:

Member of the Board of Directors without powers
Standing Auditor on the Board of Statutory Auditors
Member of the Supervisory Board.

In addition to the post held at the Bank, an Executive Director:

may not hold other executive posts in the companies identified, in terms of type or size, as significant per the Regulation;
may hold up to a maximum of five posts as Non-executive Director or Statutory Auditor in these companies.

In addition to the office held at the Bank, a Non-executive Director cannot hold more than ten posts as Director or Statutory Auditor in other companies identified, in terms of type or size, as significant per the Regulation, of which not more than two can be Executive posts.

Candidates for appointment as Director or Statutory Auditor of Banca Ifis S.p.A. must provide the Bank with an updated statement of the administration, management and control posts held by each of them.

Following their appointment, the Company's Directors and Statutory Auditors must promptly notify the Banca Ifis S.p.A.'s Corporate Affairs Department of any changes regarding the posts held by them in the administration and control bodies of other companies.

Banca Ifis S.p.A.'s Board of Directors has the authority to grant exceptions, including temporary ones, to the maximum limit set out in the Regulation. As of the date of this Report, no such exceptions have been granted.

When appointment lists were submitted by the Shareholders' Meeting on 19th April 2019, all candidates declared – when accepting their candidacy and possible appointment – to have read the "Regulation" and to have declared that they do not hold a number of posts in other companies that exceed the prescribed limits; the same declaration was issued by the directors who took office in 2020 and 2021.

Tables 5 and 6 below shows the number and type of posts held by the Directors of Banca Ifis on the date this Report was drafted, based on information provided thereby. In addition, in order to comply with the requirements of Bank of Italy Circular no. 285/2013 (Section VII, Chapter 1, Heading IV, Part One), evidence was also provided of the number and type of posts held by each Director in other companies or bodies even if not considered significant for the purposes of the "Regulation on the maximum number of posts held in other companies by company officers".

Table 5

POSTS HELD BY THE MEMBERS OF THE BOARD OF DIRECTORS IN OTHER COMPANIES
				COMPANY POSTS RELEVANT FOR THE PURPOSES OF THE REGULATION ON LIMITS ON THE NUMBER OF POSTS HELD	BY THE DIRECTORS	COMPANY POSTS NOT RELEVANT FOR THE
	POSTS IN THE GROUP			Companies listed in regulated markets, also abroad	Financial, banking, insurance corporations			Companies of relevant size	PURPOSES OF THE REGULATION ON LIMITS ON THE NUMBER OF POSTS HELD BY THE DIRECTORS		TO TA L
	E.	N.E.	E.	N.E.	E.	N.E.	E.	N.E.	E.	N.E.
Sebastien Egon Fürstenberg									1	2	3
Ernesto Fürstenberg Fassio		1				1			1		3
Luciano Colombini	1	2									3
Frederik Herman Geertman		1									1
Riccardo Preve		1							5	2	8
Daniele Umberto Santosuosso										10	10
Simona Arduini		1								6	7
Monica Billio		2									2
Antonella Malinconico											n.a.
Roberto Diacetti		1		1					1		3
Beatrice Colleoni											n.a.
Luca Lo Giudice		2								3	5

Table 6.

Director	List of posts	Undertakings belonging to the Banca Ifis Group
		NO	Banking group	Non banking Group
Sebastien Egon Fürstenberg	President of the Board of Directors of La Scogliera S.p.A. Chief Executive Officer of La Scogliera S.p.A. Limited Partner of AB.CO s.a.s.	X X X
Ernesto Fürstenberg Fassio	Chief Executive Officer of La Scogliera S.p.A. President of the Board of Directors of Ifis Npl Servicing S.p.A. Director of Aidexa S.p.A.	X X	X
Luciano Colombini	President of the Board of Directors of Farbanca S.p.A. Director of Ifis Npl Investing S.p.A. Chief Executive Officer of Ifis Npl Servicing S.p.A.		X X X
Frederik Herman Geertman	Director of Ifis Npl Investing S.p.A.		X
Riccardo Preve	President of the Board of Directors of Ifis Rental Services S.p.A. President of the Board of Directors of Preve Costruzioni S.p.A. Chief Executive Officer of Preve Costruzioni S.p.A. Managing Partner of Prefin sas Managing Partner of Alfra 94 S.S. Managing Partner of Emmegi 89 S.S. President of the Board of Directors of SEP S.r.l.	X X X X X X		X

Director	List of posts	Undertakings belonging to the Banca Ifis Group
		NO	Banking group	Non banking Group
	Director of SEP S.r.l.	X
Daniele Umberto Santosuosso	Bankruptcy trustee of Costruzioni Paoloni s.r.l. in liquidation Bankruptcy trustee of Eredi Vincenzo Mandara & C. s.n.c. Bankruptcy trustee of Casale Immobiliare s.r.l. Bankruptcy trustee of Multitele s.r.l. Bankruptcy trustee of MA.PE. 2003 s.r.l. Liquidator of Columbus Ilmi s.r.l. in liquidation Liquidator of Columbus Baga s.r.l. in liquidation Judicial liquidator of Dima Gest s.r.l. in liquidation Bankruptcy trustee of Vini Internazionali s.r.l. in liquidation Alitalia's extraordinary Commissioner	X X X X X X X X X X
Simona Arduini	Director of Ifis Npl Servicing S.p.A. Member of the Supervisory Committee of Veneto Banca S.p.A. in l.c.a. Member of the College of Auditors of the Special Superintendence of Archaeology, Fine Arts and Landscape of Rome. Member of the Supervisory Committee of Orconsult Capital Management Italia S.p.A. in l.c.a. Member of the Supervisory Committee of Europeenne de Gestion Privee S.A. – Italian branch in l.c.a. Member of the Supervisory Committee of Province Calabre s.c.p.a. in l.c.a. Member of the Board of Statutory Auditors of Rentokil Initial Italia S.p.A.	X X X X X X	X
Monica Billio	Director of Farbanca S.p.A. Director of Ifis Npl Investing S.p.A.		X X
Antonella Malinconico	Director of ADISURC (Company for the Right to Education of the Campania Region)	X
Roberto Diacetti	Vice President of Ifis Npl Servicing S.p.A. Director of Pirelli & C. S.p.A. Chief Executive Officer of the ENPAIA Foundation	X X	X
Beatrice Colleoni Luca Lo Giudice	President of the Board of Directors of Ifis Npl Investing S.p.A. President of the Board of Directors of Ifis Real Estate S.p.A. President of the Board of Directors of CISFI S.p.A. Director of INTERPORTO CAMPANO S.P.A. Director of CALVI HOLDING S.p.A.	X X X	X	X

The Directors must also take into account the provisions of Article 36 of (It.) Legislative Decree 201/2011 ("prohibition of interlocking"), converted with amendments by (It.) Law 214/2011, which forbids persons holding posts in the management, supervisory and control bodies and the executives of undertakings or groups of undertakings operating in the credit, insurance and financial markets from assuming or exercising similar posts in competing undertakings or groups of undertakings.

Induction Programme

During the meetings of the independent directors (pursuant to application criterion 2.C.5 of the Corporate Governance Code) and of the Appointments Committee, also in light of the informal discussions with the president, the advisability of a training plan for directors and statutory auditors was confirmed. This training plan includes initiatives aimed at providing information on the Bank's business sectors and on the company dynamics and their evolution, also with a view to pursuing the sustainable success of the Company, as well as the principles of correct risk management and the regulatory and selfregulatory framework of reference.

The training plan, the resources and the time to devote to training of the Board will be defined by the same, with the support of the Appointments Committee, taking into consideration its overall composition, the role covered by each Director and the areas of greatest importance in light of the Company's typical operations and the training needs that may emerge following the self-assessment process.

In the 2020 financial year, the areas of in-depth study and interest were identified and, as regards the methods of use, the directors decided to organise an induction course to support some internal teaching, carried out by Company Executives, with external teaching entrusted to a primary training company.

4.3 Role of the Board of Directors

The Board of Directors defines the strategic guidelines and continuously checks their implementation, guaranteeing healthy and prudent management. Its composition, manner of operation, the powers and duties assigned to the Board of Directors are set forth by the law and the Bank's Articles of Association.

Meetings and operation

In 2020, 18 meetings were held the average duration of which was 3 hours and 42 minutes. The presence percentages are shown in Table 4, on page 20.

Since the start of 2021 and until the date of approval of this document, the Board has held 4 meetings, including the one during the "Report" was approved. We foresee that the number of Board of Directors meetings in 2021 will be in line with that of the previous financial year.

To meet the obligations established for listed issuers by Article 2.6.2 of the Market Regulations of Borsa Italiana S.p.A., the Board of Directors annually approves the Corporate Events Calendar, to be notified to Borsa Italiana for disclosure to the public, within 30 days of the end of the previous financial year.

The Transparency Directive II (2013/50/EU), implemented in Italy by Italian Legislative Decree no. 25 of 15th February 2016, removed the obligation to publish interim management reports but retains the right to reintroduce periodic information in addition to financial and six-monthly reports, albeit only under certain conditions and subject to regulatory impact analysis and to cost/benefit analysis. This provision has been integrated into the CONSOB Issuer Regulations through the inclusion of the new Article 82-ter, in view of which Banca Ifis has announced its choice to continue preparing and publishing quarterly information, in accordance with previous practice, in accordance with the Borsa Italiana regulations for the STAR segment and in order to ensure continuity and regularity of information made available to the financial community.

Therefore, the dates fixed for the Shareholders' Meeting to consider the financial statement and the Board of Directors meetings to approve the draft financial statement and the quarterly/half-yearly financial reports have been included on the Calendar.

The "Regulations of the Board of Directors, of the internal Board Committees and of the Supervisory Body" last updated on 23rd April 2020 sets forth the following:

the documentation supporting discussion of agenda items is made available to each Director and Statutory Auditor, via a web portal, by the end of the third working day prior to the date fixed for the meeting, except in urgent cases when documentation is made available by the end of the day before the meeting and in any case as soon as possible;
this documentation is to be sent or made available, at the President's request, by the Bank's Corporate Affairs Department;
where the President deems it advisable in relation to the topics in question and related resolution, and in order to avoid the risk of disclosing confidential information, which may be possible given the means of communication used and regardless of the intentions of those concerned, the information documentation can be provided directly at the meeting, advising Directors and Statutory Auditors of this prior to the deadline indicated above so that, if they deem it appropriate, they can access the information at the Company's registered office by the end of the day before the meeting and in any case as soon as it is available.

The methods and time limits for sending the documentation to the Board as described above were normally complied with during the financial year 2020. The situation whereby the President deemed it appropriate to provide documents directly during a meeting almost never arose. This occurred in negligible percentage terms compared with the total number of issues addressed by the Board, mainly to provide more accurate versions of communications on periodic financial

notices, and as regards negotiations concerning potential extraordinary transactions discussed within Banca Ifis during the year.

In accordance with the Articles of Association, Board meetings are attended by the General Manager in a consulting role. The Board, pursuant to Article 12 of the Articles of Association, appointed the Head of the Legal Department as Secretary of the Board of Directors and the Head of Corporate Affairs was nominated as his alternate. In addition, pursuant to the aforementioned "Regulation", the President and/or the Chief Executive Officer may invite to the meetings of the Board of Directors managers or other Company employees or other subjects or external consultants, whose presence is deemed useful with regard to the subject to be discussed.

During 2020, the Head of the Legal Department and some Corporate Affairs organisational unit staff attended the meetings.

Participants also included:

the Financial Reporting Officer, the Accounts Manager and the Investor Relations Officer, the Investor Relator and the Head of Communication, Marketing and External Relations, especially where financial reporting documents and the related press releases were presented;
numerous managers of the Bank, among whom the Head of Central Operations Directorate, the Head of Doubtful Credits, the Head of Corporate Finance, the Head of the Capital Markets Division, the Head of Planning, Control and Annual Business Plan Development, the Head of Large Risks and Monitoring, the Head of Operations Assessment and other heads of department on the occasion of the examination of subjects relating to their activities and responsibilities.

The Head of Internal Audit, the Chief Risk Officer and the Heads of Compliance and Anti-Money Laundering explain directly to the directors their reports and their policies in compliance with the applicable vigilance regulatory framework issued by the Bank of Italy.

Lastly, since April 2019, Giuseppe Rumi, attorney-at-law with the Bonelli Erede Legal Firm has participated in his capacity of external legal consultant of the Bank.

Tasks

Pursuant to art. 14 of the Articles of Association, besides the duties that cannot be delegated by law, the matters deemed to be the exclusive prerogative of the Board of Directors include:

the business model, the strategic lines and operations, as well as business and financial plans;
the internal control system guidelines, ensuring that the system is in line with established strategic and risk appetite measures as well as being able to stay up to date with the company's risks as they evolve and the interaction between them;
the criteria for identifying large transactions to be submitted for prior approval by the risk control department;
the compliance of the Statute with the provisions of the regulatory framework;
the merger by incorporation of companies in the cases set forth by Articles 2505 and 2505 bis of the (It.) Civil Code;
reducing the share capital in the event of withdrawal;
an indication of which directors, in addition to those indicated in the Articles of Association, are the company's representatives;
the formation of internal committees within the Board of Directors;
the Risk Appetite Framework and the risk management policies as well as, after having heard the opinion of the Board of Statutory Auditors, assessing the completeness, suitability, functionality and reliability of the risk management and internal control system as well as the suitability of the organisational, administrative and accounting structure;
determining the Bank's general organisational structure and the subsequent internal regulations;
opening and organising, including for the purposes of setting out the right of signature, of Subsidiary Offices, Branches, Agencies, Information Points, Contact Addresses, Representative Offices, in Italy and abroad, as well as closing them;
transferring the company's registered office within national territory;
acquiring and disposing of shareholdings, businesses and/or business divisions leading to changes in the Group, or investments or disinvestments exceeding 1% (one percent) of the shareholders' net equity reported in the Company's latest approved financial statements;
determining the criteria for carrying out the Bank of Italy's instructions;

appointing, dismissing and remunerating the General Manager;
remuneration and incentive policies to be submitted to Shareholders' Meeting, reviewing these policies, at least annually, and being responsible for their correct implementation, with the task of ensuring that the remuneration policy is adequately documented and accessible within the corporate structure;
the formation of the company control bodies, their tasks and responsibilities, the methods of administration and collaboration, information flows between these departments and between them and management;
the appointment of the heads of control departments, after having heard the opinion of the Board of Statutory Auditors;
the risk management process and assessing its compatibility with the strategic guidelines and risk management policies;
the policies and the processes for assessing company activities, and, particularly, financial instruments, ensuring that they are always suitable and also establishing the Bank's maximum exposure limits to financial instruments or products that are uncertain or difficult to value;
the process to develop and validate the internal systems to measure risks not used for regulatory purposes and periodically assessing that they function correctly;
the process for approving new products and services, starting new operations, and entering new markets;
the corporate policy on the outsourcing of corporate functions;
the code of ethics which management personnel and employees are obliged to comply with to mitigate the Bank's operating and reputational risks and to promote a culture of internal audit.

Based on the Board of Directors' strategic indications, as well as size objectives and additional qualitative-quantitative elements set out in the Strategic Plan, the Risk Appetite Framework, the ICAAP and ILAAP Reports are drawn up and approved annually by the Board of Directors. In accordance with the requirements of the Supervisory Provisions for banks, as defined by Bank of Italy Circular no. 285, the ICT Strategic Plan is also approved.

As in previous years, in 2020, the Board of Directors approved some documents that are part of the review process of organisational and informational structures.

The Board will assess the general management performance when analysing the Financial Report required by Article 154 ter of the TUF, the comparison between the plan objectives and the results achieved (this analysis is forecast to occur after the half-yearly report is approved), and other documents required by the strategic planning process.

The Board also continually assesses, as part of its responsibilities, the suitability of the Bank's general organisational, administration and accounting structure.

The suitability of the organisational, administration and general accounting structure of the Bank's subsidiaries is assessed by the Board of Directors by using corporate governance and control tools, identified in the Group Regulations which define the roles of the Parent Company and its Subsidiary Companies, as well as the management/administration activities as part of strategic management and technical-operational control activities.

When negotiating regarding the acquisition of new companies, the Bank's Board of Directors has all the tools required to assess the future subsidiary's structures and whether they are in line with the system adopted by the Bank. These reflections lead the Board to issue a special directive, following acquisition, to adapt the new subsidiary's structures and internal control systems to those of the Banking Group.

A description of the organisational model characteristics of the Group's internal control system and of the activities carried out by the Group's control units (that is, as part of the Parent Company's management and administration activities over its Subsidiary Companies) is contained in the "Group internal control system guidelines" and in the regulations governing control organisational units.

In accordance with the provisions of the Articles of Association highlighted earlier, the Board has the power to review and give prior approval for the Issuer's transactions and those of its Subsidiary Companies, when these transactions are of significant strategic, economic, capital or financial importance. In this case, the Board of Directors will be convoked by the President at the start of negotiations with the selling counterparty and/or liaison with the Supervisory Authority, thus being able to guide negotiations until they are concluded, until necessary authorisations are obtained and until closing.

The Board has not established general criteria to identify transactions of significant strategic, economic, capital or financial importance for the Bank, since these operations can only be approved by the Board itself, as part of the planning process or, as has occurred so far, as part of the key points that modify the strategic objectives and risk appetite that have already been approved.

The general criteria for identifying transactions with associated parties that have a significant strategic, economic, equity or financial importance for the Bank, instead, are set out in the "Procedure for the management of transactions with affiliated parties" which was updated, together with the internal Policy on the control of risk activities and conflicts of interest in relation to related parties, during the meeting of 21 December 2020, in order to adapt the contents of the

regulations on related party transactions of the Banca Ifis Group to the new provisions, 33rd update to the Bank of Italy Circular no. 285/2013, for adapting the national legislation on "risk assets and conflicts of interest in relation to related parties" covered up to now in Circular no. 263/2006 to the evolution of the European regulatory framework.

Since this is a review of the legislation dictated by the need to adapt the contents to the new provisions set out above, the Financial Reporting Officer, having taken note of the new contents, did not consider it necessary to issue a reasoned opinion as the review carried out did not involve changes to the strategic guidelines of the Group and did not take the form of a three-year review of the "Policy governing the control of risk activities and conflicts of interest with associated parties"; having acknowledged the decisions of the Financial Reporting Officer, the Board of Statutory Auditors and the Risk Management and Control Committee expressed their favourable opinion.

Under these Procedures, the following are considered to be significant:

a) all Transactions dealt with exclusively by the Shareholders' Meeting or the Board of Directors by law or under the Articles of Association;
b) all transactions not classed as minor transactions.

In any case, the Board of Directors, based on appropriate considerations, has the right to classify which transactions carried out by the Bank or its Subsidiary Companies are significant.

Significant Transactions are divided into:

a) Transactions of greater importance, that is, those that exceed the threshold of 5% of either equivalence value significance index, asset significance index or liabilities significance index;
b) Transactions of lesser significance, those transactions where one of the indices mentioned above, to be applied depending on the specific transaction, is less than or equal to the 5% threshold and whose equivalence value exceeds:
- o to EUR 50,000 in the case of purchase of goods and/or services;
- o €250,000 for granting loans.

Self-assessment

During the meeting of 28th May 2020, the Board concluded the periodic self-assessment process relating to the operation of the Board and its Committees, as well as their size and composition. The assessment process, which coincided with the start of the second year of office, was conducted with the sending out, in the previous weeks, of the "Self-assessment questionnaire of the Board of Directors and Internal Committees - year 2020" which differed in some ways according to the role held (e.g. Chairman of the Board of Directors, members of the Internal Committees).

The self-assessment process was carried out taking into due consideration the rules, principles and Guidelines drawn up at international and European level, as well as the recommendations of the Supervisory Authority issued from time to time, which govern the role and operation of the administrative and control bodies and their relationship with the corporate structure.

This process concerned aspects relating to the composition, from a qualitative and quantitative point of view, and aspects relating to the operation of the Board of Directors and the related Internal Committees with specific reference to the carrying out of meetings, the methods of collaboration between the directors and items on the agenda relevant to the activities carried out by Banca Ifis and, in particular, those relevant for the purposes of sound and prudent management. Finally, the process assessed the personal skills of each director, also for the purpose of effectively planning training for the members of the administrative body.

With reference to the methods of carrying out the process, the Board, after consulting the Appointments Committee, first resolved not to resort to an external professional for carrying out the process, and appointed the internal staff to coordinate it, bearing in mind the criteria in the Bank's Regulations on the self-assessment process.

The process was divided into the following phases:

preliminary investigation: during which information and data are collected through questionnaires;
processing: the analysis of the data provided by the subjects who participated in the investigation phase is processed;
preparation of results of the process: the strengths as well as the possible weaknesses relating to the composition and operation of the Board of Directors were identified on the basis of the results of analysis of the data collected;

collective discussion of the results and preparation of any corrective measures deemed appropriate. The Board of Directors carefully examined the results of the self-assessment process, examining the evidence that emerged and identifying the necessary adjustments to address the weaknesses. The elements that emerged as weaknesses will be subject to careful monitoring and remediation actions.

The results of the self-assessment referring to the 2020 financial year indicate largely satisfactory operation of the Board of Directors and the Committees.

In particular, the following strengths emerge from the results:

the Directors consider the quantitative composition of the Board to be adequate;
the members of the Board Committees have positively assessed the role played by the President of the Committee, the independence of the Committee and the internal dialogue;
the evaluation of the work of the President, the Chief Executive Officer and all the Committees is positive;
the involvement of non-executive directors is positive.

Among the issues brought to the attention of the Board are:

compliance with the timescales for making the documentation available for the meetings and the balance between detail and summary in the documentation;
more in-depth analysis of certain issues on the agenda;
in a strategic context, the request to dedicate more time to discussing the long-term future and the contribution to the definition of strategies and approval processes for new products.

The Shareholders' Meeting did not authorise derogations from the prohibition of competition set forth by Article 2390 of the (It.)

Civil Code 4.4. Delegated bodies

Chief Executive Officers

In the model adopted by Banca Ifis:

strategic supervision is carried out by the Board of Directors.
the Chief Executive Officer has been identified as the Body with management function. The General Manager participates in management.

The managerial powers concern the following main fields:

staff management;
granting and use of credit;
treasury;
acquisition and disposal of goods and services;
management of shareholdings in non-financial businesses and indirect equity investments.

Management powers are distributed at a decreasing rate in accordance with the management level, from the Board of Directors down to operating units.

The most significant limits, in terms of value and subject, applied to the Chief Executive Officer's powers are summarised below, notwithstanding the fact that systematic information flows are required concerning the exercise of powers at any given time, and related quantitative limits must be observed:

		ASSUMPTION OF THE CREDIT RISK		Limits of the power
		Granting overdrafts on factoring operations		Up to 30m per overdraft, with and without recourse
		Financing of risk category 1 operations (Opening credit in current account; Amortising/bullet loans; Loans on signature; Direct reimbursement of non-notification factoring with non-channelled payment; Minibonds)	Up to 10m
Trade Credits and Corporate Finance		Financing of risk category 2 operations (Medium/long-term loans assisted by a guarantee fund; Advance on Contract with assignment; Non notification factoring with channelled payment; Infra-group factoring; Advances on future receivables under maturation; Leasing - Equipment Finance; High-risk non-notification tax receivables)	Up to 20m
		Financing of risk category 3 operations (Notified factoring of ordinary loans; Leasing - Transportation; Tax receivables at high risk with notification; Tax credits at low risk non-notification)	Up to 40m
		Financing of risk category 4 operations (PA recognised and/or certified factoring; Tax receivables at low risk with notification)		Up to 60m
		Structured finance transactions		Up to 20m
		Acquisition and disposal of shareholdings	up to €5m per acquisition/disposal of non qualified shareholdings and €7.5m for qualified shareholdings as part of the business managed by the Equity Investment BU
	Special Situation			Up to 5m
	Problem Loans			Up to 20m
	the following powers:	As part of risk positions falling within the scope of or assumed by the Board of Directors, the Chief Executive Officer is also granted
•		to suspend, revoke and resume operations;
•		to change the amount of risk, convert its technical form and change its operational characteristics without worsening the overall risk position;
•		to distribute risk in terms of "joint overdrafts", loan duration, credit maximum (for individual or group debtors) and
multiple group overdraft. MANAGEMENT OF THE CREDIT RISK				Limits of the power

		Negative balances and/or temporary unplanned overdrafts (Euros)		Max 20% of the overdraft
		Waiving of credit for principal, interest and/or fees		Up to 500 thousand
	and/or release of debtors	Suspension/restoration of credit lines, unloading management, management of blocked positions and reassignment
	Repositioning maturity dates and/or defining repayment plans (with obligation to report to the direct manager) up to 4m and for a maximum term of 12 months
		Repositioning of maturity dates and/or definition of repayment plans (with report to direct Head required)	Up to 10m
		Principal loan waiver deriving from out-of-court activities		up to 100% of the nominal value of the credit provided that it is within the carrying amount estimated on a case by case basis
Trade receivables	Large Public Administration clients	Waiving of credit for default interest and/or extension calculated using the rate set out in (It.) Legislative Decree 231/2002		up to 100%

Waiving of credit for default interest resulting from out-of-court no limit activity, and waiving of credit for default interest for which legal
Pharma action has begun as part of the business financing operations managed by the Pharma BU
Waiving of credit Up to 500,000
Corporate Finance
Transactions with no predefined limits and, in any case, with a maximum loss (in relation to the greater between the Tax receivables amortised cost and the price paid) of €500,000
Loan waiver for principal, interest and/or expenses: Up to 500,000
Repositioning of maturity dates and/or definition of repayment Maximum amount 4,000,000
plans (with report to direct Head required) Maximum term 60 months with single signature
Unlimited minimum extension rate
Non-Performing Loans Temporary concession of credit on loans granted as part of the business financing operations to undertakings managed by the Problem Credits BU	Up to a maximum of 20% of the overdraft granted
Suspension of/abstention from legal action Up to 10m
Acceptance of a creditors arrangement, filing proof of claim Up to 4 million
Standstill (with reference to Special Situation Transactions and Up to 10m Structured Finance)
Suspension/restoration of credit lines, unloading management, management of blocked positions and reassignment and/or release of debtors
Financing granted to employees, in derogation from the Regulations governing the concession of loans to Banca Ifis Group employees, requires the joint signature of the Head of Human Resources and the Chief Executive Officer
CAPITAL MARKETS
PROPERTY PORTFOLIO: Increase up to €3.1bn of the maximum investable Liquidity POSITIONS IN FOREIGN CURRENCIES: Exceeding the individual imbalance limit up to a maximum of 2% of the Total Own Funds at consolidated level
STAFF MANAGEMENT
Decisions concerning the start, management and cessation of managers' employment contracts, subject to the authority maintained by the Board for the contracts of key managers and/or those who are on staff on the Board and notwithstanding the fact that the Board retains prerogatives regarding managers of control functions established by the supervisory provisions for Banks.
DELEGATED POWERS REGARDING THE PURCHASE AND SALE OF GOODS AND SERVICES
Authorisation of all types of expenditure up to €1,000,000 (only for suppliers who are not associated persons) Decisions regarding lease assets and liabilities, whose annual fee is up to €200,000 Disposal of goods whose original cost is up to €150,000 Appointing external auditors for activities whose costs are lower than €50,000
INVESTMENTS IN SHAREHOLDINGS

NON-QUALIFIED	QUALIFIED
Performing non-financial businesses ≤ 5 ml €	≤ 7.5 ml €

Chairman of the Board of Directors

The President of the Council, pursuant to Art. 12 of the Articles of Association, in order to effectively carry out its function, must have a non-executive role and not perform even de facto management functions; during the 2020 financial year he did not receive managerial powers and did not play a specific role in the development of corporate strategies.

Information to the Board

The Chief Executive Officer, pursuant to Article 15 of the Articles of Association, in emergencies may adopt decisions regarding any business or transaction that does not fall under the exclusive purview of the Board of Directors, immediately notifying the President of such decisions and announcing them to the Board at the first subsequent meeting. In all remaining cases, the Chief Executive Officer reports to the Board on their activity with the frequency summarised below:

Privacy Policy	Frequency
Report on liquidity status	monthly
Composition of investment securities portfolio	monthly
Credit-granting activity	monthly
Report on use of Human Resources management powers	half-yearly
Incentive system (report on criteria adopted by Senior Management)	annual

4.5. Other Executive Directors

There are no other directors considered to be Executive Directors because they hold:

the post of Chief Executive Officer or President of a strategically significant Subsidiary Company;
management posts within the Bank or in a strategically significant Subsidiary Company or in the controlling company.

4.6. Independent Directors

The Board carries out its own assessments of the requirements established by the Corporate Governance Code for directors classified as independent at the first meeting after appointment by the Shareholders' Meeting. It also periodically assesses the directors' level of independence. On 19th April 2019, following its appointment, the Board ascertained that seven of its members (Simona Arduini, Antonella Malinconico, Beatrice Colleoni, Monica Bilio, Daniele Umberto Santosuosso, Divo Gronchi and Roberto Diacetti) met the independence requirements as set out in the Corporate Governance Code for Listed Companies, and paragraph 3 of Article 148 of the TUF.

The independence requirements were checked taking into consideration, inter alia, the information concerning the existence of relationships (credit, commercial/professional and employment, as well as relevant offices held) directly or indirectly between the Directors and (i) the Bank, (ii) the Parent Company and/or group company, and (iii) the President of the Board of Directors, the Executive Directors and the Managers with strategic responsibilities of the companies under points (i) and (ii) above.

The Company deemed it appropriate to adopt specific criteria for checking the independence requirements, since such check requires a more extensive assessment that takes into account subjective and objective factors.

The criteria identified for this purpose and established also taking into account best practice included: (i) the nature and characteristics of the relationship; (ii) the amount, in absolute and relative terms, of the transactions; and (iii) the subjective profile of the relationship.

In particular, in assessing the importance of the relationship, the following information was taken into account, if available: 1) for credit relationships, the amount in absolute value of the credit granted, its percentage weight compared to the total value of the borrower's debt and, where appropriate, the economic/financial situation of the latter; 2) for professional/commercial relationships, the characteristics of the transaction/relationship, the amount of the consideration and, where appropriate, the economic/financial situation of the counterparty; 3) for employment relationships, the terms and characteristics of the related relationship and the remuneration envisaged; 4) for posts held at group companies and/or at the parent company, the total amount of the related remuneration and its percentage weight compared to the total economic/assets situation of the director concerned; as well as any other payment and/or remuneration received on any grounds, in the last three financial years, from (i) Banca Ifis, (ii) the parent company and/or the group companies, including any additional remuneration (compared to the "fixed" emoluments of non-executive director and the fee for participation in the committees), also in the form of participation in incentive plans linked to corporate performance, also in the form of shares.

In addition, the Board of Statutory Auditors, in accordance with the application criterion 3.C.5 of the Corporate Governance Code checked, on the same date, the application of the ascertainment criteria and procedures adopted by the Board of Directors to assess the independence of its members, deeming it compliant with the instructions provided by the Corporate Governance Code.

The outcome of the assessments performed was announced by means of a communication to the market issued on the same date, i.e. on 19th April 2019.

At the date of approval of the Report, the number of independent directors on the Board of Directors, as a result of the resignation of the director Divo Gronchi, is six.

The Board of Directors checks, on an annual basis, that the independent directors still meet the independence requirements laid down by the Corporate Governance Code and by Article148, paragraph 3 of the TUF. This check was carried out during the board meeting of 26th March 2020 and is expected to be repeated during an upcoming board meeting.

In compliance with application criterion 3.C.6. of the Corporate Governance Code, two meetings of the independent directors were held in 2020 in the absence of the other directors:

discussed on 22nd April were issues relating to governance, thoughts on the new Code of Conduct for listed companies and considerations on governance indicators used by the World Economic Forum (document "Toward Common Metrics and Consistent Reporting of Sustainable Value Creation").
on 25 November 2020, the independent Directors gave their thoughts on the training programmes for the Directors.

4.7. Lead Independent Director

In line with the guidelines established by the Corporate Governance Code for Listed Companies (application criterion 2.C.4), as the President of the Board of Directors is also the majority shareholder of La Scogliera S.p.A. and thus controls Banca Ifis, the Board of Directors had designated an independent director as Lead Independent Director.

The Lead Independent Director is the point of reference and coordination for (non-executive and, particularly, independent) Directors' requests and contributions and for cooperation with the President of the Board of Directors towards ensuring that information flows between directors are constant and effective.

The Lead Independent Director has the power to convoke, when deeming it appropriate or at the request of other Directors, specific meetings solely for independent Directors for significant matters relating to Board operations and/or to company management in general.

On 19th April 2019, the Board of Directors appointed Professor Simona Arduini as Lead Independent Director for the three years 2019/2021.

After the changes to the figure of the indirect parent company and communicated to the market by La Scogliera S.p.A. on 23rd May 2020, there were no changes to the presence, in the context of the Issuer, of the Lead Independent Director in office.

5. Processing corporate information

The Bank has adopted the "Policy for Managing Inside Information", last updated in September 2019 to reflect a reorganisation of certain stages of the process, pursuant to application criterion 1.C.1., letter j of the Corporate Governance Code.

The Policy governs in detail the identification, internal management and external communication of inside information. In addition, it establishes the duties and responsibilities of the Bank's representatives in the context of the meetings with the financial community.

The policy requires the creation of an inside information register ( RIL) with the aim of mapping in advance the types of inside information which may affect the Bank or its Subsidiary Companies in order to make subsequent continuous identification easier. For each type of significant information, the map indicates the organisational roles who ordinarily have access to it for the purposes of facilitating the compilation of the register of persons who have access to inside information.

In future, information regarding Banca Ifis or a Subsidiary Company will be checked to see if it is significant information and, if so, if it can be classed as inside information.

6. Internal Board Committees

Pursuant to Article 12-bis of the Articles of Association, three committees have been established within the Board of Directors; these committees, which have powers of investigation, consultation and proposal, allow the body tasked with strategic supervision to adopt its decisions with a better knowledge of the facts:

Risk Management and Internal Control Committee;
Appointments Committee;
Remuneration Committee.

The composition, operation and powers of the Board Committees are governed by the General Regulations and the Regulations of the Board of Directors, the Internal Board Committees and the Supervisory Body, most recently updated on 23rd April 2020; the information is reported in the various sessions of the report dedicated to each Committee.

No function has been distributed other than per the recommendations of the Code or reserved for the entire Board.

In line with the provisions of the Corporate Governance Code, on the occasion of the extraordinary Shareholders' Meeting held on 19th December 2019, the new Article 12-bis was introduced, which governs, at Articles of Association level, the Board committees.

Table 7 shows information on the composition of the Committees and the actual participation in meetings of each member.

Table 7						Risk Management and Internal Control Committee	Appointments Committee		Remuneration Committee
Components	Exec	Non Exec.	Indep. Code	Indep. TUF	Post held	% participation in meetings **	Post held	% participatio n in meetings **	Post held	% participation in meetings **
Sebastien Egon Fürstenberg		X
Ernesto Fürstenberg Fassio		X
Luciano Colombini	X
Frederik Herman Geertman		X
Riccardo Preve		X
Daniele Umberto Santosuosso		X	X	X	P*, M	95.24%
Notes			member of the same Committee			President of the Risk Management and Control Committee in office until 15th October 2020, subsequently a

Simona Arduini		X	X	X	M, P*	100%			P*	100%
Notes	Member of the Risk Management and Control Committee until 15th October 2020, subsequently President of the same Committee President of the Remuneration Committee until 12th October 2020, subsequently resigning as both President and member

Monica Billio		X	X	X	M	80.95%	M*	100%
Notes						Member of the Appointments Committee since 14th January 2021 in place of the resigning Divo Gronchi

Antonella Malinconico		X	X	X	M	100%			P*	100%
Notes						President of the Remuneration Committee from 15th October 2020 in place of the resigning Simona Arduini
Roberto Diacetti		X	X	X	M	80.95%	M, P*	100%

	Notes Member of the Appointments Committee with appointment as President as of 15th October 2020
Beatrice Colleoni		X	X	X			M	100%	M	100%
Luca Lo Giudice		X							M	100%
						Members who ceased to hold office during the Financial Year 2020
Alessandro Csillaghy de Pacser		X
						Members who ceased to hold office during the Financial Year 2021
Divo Gronchi		X	X	X			P, M*	100%
Notes	President of the Appointments Committee in office until 15th October 2020, subsequently a member of the same Committee. Resigned on 14th January 2021.
P = President; M = Member * Read the Notes

** Percentage of participations in meetings (no. of presences/no. of meetings held during the effective time in office of the subject during the financial year)

7. Appointments Committee

Composition and role of the Appointments Committee

The Regulation of the Appointments Committee sets forth that it is normally composed of 3 to 5 members chosen from among the non-executive members of the Board of Directors, the majority of whom must be independent; the members must possess skills useful for the performance of their tasks. The Committee's President must be chosen from among the independent directors.

The presidency of the Appointments Committee has a duration of eighteen months from the date of appointment, unless the office of director or member of the Appointments Committee is revoked or resigned. Upon expiry of the presidency, the Board of Directors confers the office of President to a different member of the Appointments Committee in possession of the aforementioned requirements. Without prejudice to the rotation of the office of President, the members of the Appointments Committee may hold the office of President several times, preferably on a non-consecutive basis.

If, for any reason whatsoever, including as a consequence of the termination of the office of director, a member of the Appointments Committee is absent, the Board of Directors shall, without delay, appoint the new member during the first meeting. The members of the Appointments Committee appointed to replace those who have ceased to hold office, cease to hold office at the same time as those in office at the time of their appointment, unless otherwise determined by the Board of Directors. Each member of the Appointments Committee can be revoked by resolution of the Board of Directors, which simultaneously replaces the member. The term of office of the members of the Appointments Committee is equivalent to that of the Board of Directors which established it, and early termination of this, for any reason, determines the simultaneous forfeiture of the Appointments Committee.

The President convenes and chairs the meetings of the Appointments Committee, prepares its work, directs, coordinates and moderates the discussion. The President reports to the Board of Directors on the activities carried out by the Appointments Committee and on the related proposals and guidelines in the most appropriate forms at the first useful meeting. The President signs, on behalf of the Appointments Committee, the reports and opinions to be submitted to the Board of Directors and/or other bodies or functions of the Bank.

The Appointments Committee also meets whenever requested by one of its members who makes a written request to the President, indicating the items to be put on the agenda. The meetings of the Appointments Committee are called with at least three days' notice, indicating the place, day, time and items on the agenda. In case of urgency, the Appointments Committee may be convened with one day's notice prior to the date scheduled for the meeting. In any case, the meeting in which all the members of the Appointments Committee participate, even in the absence of a formal call, is deemed to have been valid. The notice of meeting must be sent to the standing members of the Board of Statutory Auditors and, in copy for information, to the President of the Board of Directors. Any documentation relating to the agenda items is normally made available at the same time as the meeting is convened and in any case with the advance appropriate to the circumstances.

The Regulations provide that the members of the Board of Statutory Auditors and, at the invitation of the Chairman of the Appointments Committee, the Chairman of the Board of Directors, the Deputy Chairman, the Chief Executive Officer and the General Manager of the Bank may attend the work of the Committee. Lastly, the Appointments Committee may avail itself of and/or request the presence of external consultants and any Bank representative or employee of the Bank or other Group company competent in the matter, informing the Chief Executive Officer.

For the meetings of the Appointments Committee to be valid, the presence of the majority of the members in office is required. The decisions/resolutions of the Appointments Committee are adopted on an absolute majority of those present.

The meetings of the Appointments Committee can also be validly held using appropriate audio, video or teleconferencing systems, provided that everyone entitled to attend can do so and be identified. They must also be able to follow the meeting and take part in real-time in the discussion of the issues, as well as to receive, transmit and view documents, implementing contextual examination and decisions/resolutions. The Appointments Committee may meet in any location, provided it is in Italy.

The secretariat of the Committee is provided by the Legal and Corporate Affairs Department. Minutes of the meetings of the Appointments Committee are drawn up by the secretary. The minutes are transcribed in the appropriate book and signed by the chairman of the meeting and the secretary.

The Committee currently in office is composed of the independent directors Roberto Diacetti, with the role of chairman, Beatrice Colleoni and Monica Billio, appointed by the Board of Directors on 14th January 2021 following the resignation of Divo Gronchi.

In the 2020 financial year, the Appointments Committee met 4 times and the meetings recorded an average duration of about thirty minutes. At the date of approval of this Report, the Appointments Committee has met twice and, for the year 2021, 5 meetings have been scheduled.

Duties of the Appointments Committee

The Committee carries out the following investigative functions, of a propositional and consultative nature:

• formulates opinions to the Board of Directors regarding: (a) the size and the qualitative-quantitative composition of the same and makes recommendations regarding the professional figures whose presence within the Board of Directors is deemed appropriate; (b) the maximum number of administration and control offices, in compliance

with industry regulations and internal regulations in force from time to time; (c) the possible evaluation of relevant positions pursuant to Article 2390 of the Civil Code. With reference to the need to ensure an adequate degree of diversification in the collective composition of the body, the Appointments Committee, without prejudice to the obligations imposed by the regulations of listed banks, sets a target in terms of the less represented gender quota and prepares a plan to increase this share up to the set target;

proposes to the Board of Directors candidates for the office of director in cases of co-option;
evaluates, at the request of the Board of Directors, the candidacies of candidates who will hold offices in the subsidiaries;
carries out an investigation into the preparation of succession plans;
oversees the process of self-assessment of company bodies: specifically, it submits proposals to the President of the Board of Directors regarding the staff tasked with the self-assessment process of company bodies with strategic supervision and management functions;
proposes to the board the areas of the training plan that emerged from the execution of the self-assessment process and supervises attendance of the courses selected by the board, providing evidence for the purpose of drafting the Report on corporate governance and ownership structures;
verifying that those individuals with accounting, management and control roles possess the requisites of professionalism, integrity and independence, in accordance with Article 26 of (It.) Legislative Decree no. 385/1993 (TUB);

Furthermore, the Committee:

• assists the Risk Management and Internal Control Committee in finding and proposing suitable candidates to the Board of Directors to be appointed as heads of company control bodies;

During 2020, issues relating to the Board of Directors' Self-Assessment Process, the Succession Plan, the annual verification of the requirements set out in Article 26 of the Consolidated Law on Banking, the annual verification of the requirements of independent Directors, the annual verification of the absence of offices in competing companies or groups of companies, the optimal qualitative and quantitative composition of the Board of Directors.

The Committee, in carrying out its functions, can access all the information and company functions relevant to the performance of its duties and can make use of external consultants, within the terms established by the Board of Directors and in compliance with the Group policy for the management of inside information.

The Appointments Committee has autonomous use of a set of financial resources to the limit of €60,000 a year and with the requirement of reporting on the use of funds, at least once a year, usually during the review of the Report on Corporate Governance and Shareholding Structures.

The Appointments Committee prepares mechanisms that guarantee the timely exchange of information with the Board of Statutory Auditors, ensuring the availability of relevant information for the performance of their respective duties and the coordination of activities in common spheres of competence for better efficiency of the systems of internal control.

8. Remuneration Committee

Please refer to the relevant parts of the Remuneration Report published pursuant to Article 123-ter of the TUF.

9. Directors' Remuneration

Please refer to the relevant parts of the Remuneration Report published pursuant to Article 123-ter of the TUF.

10. Risk Management and Internal Control Committee

The Risk Management and Internal Control Committee is responsible for supporting the Board of Directors in making assessments and decisions concerning the internal control and risk system, the approval of periodic financial and non-

financial reports and to support the Board in the analysis of the issues relevant to the generation of long-term value with a view to sustainable success.

The Risk Management and Control Committee is normally made up of three to five members chosen from among the non-executive members of the Bank's Board of Directors, the majority of whom are independent. The members of the Risk Management and Control Committee must possess the knowledge, skills and experience, mainly in the sector in which the Bank operates, required to fully understand and monitor the Bank's strategies and risk guidelines. At least one member of the Risk Management and Control Committee must possess sufficient experience in accounting and financial matters or in risk management, to be assessed by the Board of Directors on their appointment.

Composition and role of the Risk Management and Control Committee

On the date of publication of this Report, and in compliance with Principle 7.P.4., the Committee is composed of 5 Independent and Non-Executive Directors: Simona Arduini (with the office of President from 15th October 2020), Daniele Umberto Santosuosso, Monica Billio, Antonella Malinconico and Roberto Diacetti.

The Risk Management and Control Committee is chaired, in turn, by one of its members chosen by the Board of Directors from among the independent directors with adequate knowledge and experience in accounting and finance or risk management. The presidency of the Risk Management and Control Committee has a duration of eighteen months from the date of appointment, unless the office of director or member of the Risk Management and Control Committee is revoked or resigned. Upon expiry of the presidency, the Board of Directors confers the office of President to a different member of the Risk Management and Control Committee in possession of the aforementioned requirements. Without prejudice to the rotation of the office of President, the members of the Risk Management and Control Committee may hold the office of President several times, preferably on a non-consecutive basis.

If, for any reason whatsoever, including as a consequence of the termination of the office of director, a member of the Risk Management and Control Committee is absent, the Board of Directors shall, without delay, appoint the new member during the first meeting. The members of the Risk Management and Control Committee appointed to replace those who have ceased to hold office, cease to hold office at the same time as those in office at the time of their appointment, unless otherwise determined by the Board of Directors. Each member of the Risk Management and Control Committee can be revoked by resolution of the Board of Directors, which simultaneously replaces the member. The term of office of the members of the Risk Management and Control Committee is equivalent to that of the Board of Directors which established it, and early termination of this, for any reason, determines the simultaneous forfeiture of the same Committee.

The President calls and chairs the meetings of the Risk Management and Control Committee, prepares their work, directs, coordinates and moderates the discussion, reports to the Board of Directors on the activities carried out by the Committee and on the related proposals and guidelines in the most appropriate forms at the first meeting. The President signs, on behalf of the Risk Management and Control Committee, the reports and opinions to be submitted to the Board of Directors and/or other bodies or functions of the Bank. If the President is absent, unavailable or unable to attend, his or her functions are performed by the most senior member of the Risk Management and Control Board.

The Risk Management and Control Committee is convened by the President or, in the event of his absence, impediment or delay in doing so, is convened by the most senior member of the Risk Management and Control Committee; it is also convened whenever requested by one of its members or by the head of the Internal Audit function who submits a written request to the President, indicating the items to be placed on the agenda.

Meetings are convened with at least three days' notice, indicating the place, day, time and items on the agenda. In case of urgency, the Committee can be convened with one day's notice before the scheduled date for the meeting. The notice of meeting must be sent to the standing members of the Board of Statutory Auditors and, in copy for information, to the President of the Board of Directors. Any documentation relating to the agenda items shall normally be made available at the same time as the meeting is convened and in any case with the advance appropriate to the circumstances.

The president of the Board of Statutory Auditors, or another member designated by him, takes part in the work of the Risk Management and Control Committee. Whenever deemed appropriate with regard to the matters to be discussed, the Risk Management and Internal Control Committee and the Board of Statutory Auditors hold joint meetings. The meetings may also be attended, at the invitation of the Chairman of the Risk Management and Control Committee, by the Chairman of the Board of Directors, the Deputy Chairman, the Chief Executive Officer and the General Manager of the Bank. The President of the Risk Management and Control Committee also has the power to invite the director in charge of the risk management and internal control system and the other members of the Board of Directors, the statutory auditor or the representatives of the auditing firm and the members of the administration and control functions of the Group to the meetings for all or some of the items on the agenda, unless issues concerning them are discussed. Lastly, the Risk Management and Control Committee may avail itself of and/or request the presence of independent consultants and any

Bank representative or employee of the Bank or other Group company competent in the matter, informing the Chief Executive Officer.

For the meetings of the Risk Management and Control Committee to be valid, the presence of the majority of the members in office is required and the decisions/resolutions are taken by an absolute majority of those present. In the event that the Risk Management and Control Committee is composed of an equal number of members, in the event of a tie, a subsequent vote will be held in which the decision obtaining the vote of the President will prevail. Proxy votes may not allowed and each member is entitled to one vote.

The meetings of the Risk Management and Control Committee can also be validly held using appropriate audio, video or teleconferencing systems, provided that everyone entitled to attend can do so and be identified. They must also be able to follow the meeting and take part in real-time in the discussion of the issues, as well as to receive, transmit and view documents, implementing contextual examination and decisions/resolutions. The Committee may meet in any location, provided it is in Italy.

The secretariat of the Committee is provided by the Legal and Corporate Affairs Department which drafts the minutes. The minutes are transcribed in the appropriate book and signed by the chairman of the meeting and the Secretary.

During 2020 the Committee met 21 times, including five times jointly with the Board of Statutory Auditors; the average duration of the meetings was approximately two hours and forty-five minutes.

From the beginning of 2021 until the date of approval of this document, the Committee met six times, two of which jointly with the Board of Statutory Auditors; 21 meetings have been scheduled for 2021.

In addition to holding joint meetings with the control body, during its meetings, the Committee also interacted, to address individual subjects, with the Chief Executive Officer, the General Manager, the Financial Reporting Officer (and the Chief Financial Officer), the Heads of Compliance and Anti-Money Laundering, the external auditing firm and the Chief Risk Officer. It systematically interacted with the Head of Internal Audit, who normally attends the Committee's meetings with a view to achieving synergy between the various stakeholders in the internal control system. The Committee also met, to analyse the Board's work, with the Head of Problem Credits, the Head of Accounting, the Head of Monitoring and Control of Financial Information and the Head of Regulatory Reporting, the Head of Operations, the Head of Privacy and Security Management, the Head of Complaints, and the Head of Validation.

Duties of the Risk Management and Internal Control Committee

The Risk Management and Internal Control Committee performs support functions for the body with strategic supervision function regarding risks and the Internal Control System.

The Risk Management and Control Committee carries out the following investigative functions, of a propositional and consultative nature:

evaluate, together with the Financial Reporting Officer, preparation of the corporate accounting documents referred to in Article 154-bis of (It.) Legislative Decree of 24th February 1998, no. 58, as subsequently amended and supplemented (the "Financial Reporting Officer") and after consulting the statutory auditor (or auditing company) and the Board of Statutory Auditors, the correct use of the accounting principles and, in the case of groups, and their homogeneity for the purposes of preparation of the consolidated financial statements;
assess the suitability of periodic financial and non-financial information, to correctly represent the business model, the strategies of the Company, the impact of its business and the performance achieved;
analyse the issues relevant to the generation of long-term value with a view to sustainable success;
express opinions on specific aspects relating to the identification and management of the main business risks;
examine in advance the activity programmes (including the audit plan) and the annual reports of the corporate control functions of the Company and, where present, of the Group companies, concerning the assessment of the risk management and internal control system, as well as those of particular importance prepared by the internal audit function;
monitor the autonomy, adequacy, effectiveness and efficiency of the internal audit function and of the control functions, if any, of the Group companies;
express assessments and formulate opinions to the Board of Directors on compliance with the principles to which the internal control system and company organisation must be standardised and the requirements that must be respected by the corporate control functions, bringing to the attention of the Board of Directors any weaknesses and the consequent corrective actions to be promoted; to this end, it evaluates the proposals of the management body;
ask the internal audit department to carry out checks on specific operational areas, notifying the President of the Board of Statutory Auditors at the same time;

report to the Board of Directors, on the occasion of the approval of the annual and interim financial reports, on the activity carried out as well as on the adequacy of the risk management and internal control system;
assist the Board of Directors in supervising the actual operation of risk management and control processes in compliance with the laws and regulations in force;
support, with adequate preliminary activities, the assessments and decisions of the Board of Directors relating to the management of risks deriving from prejudicial facts of which the Board of Directors has become aware;
identify and propose, with the contribution of the Appointments Committee, the heads of the company control functions to be appointed;
contribute, through assessments and opinions, to defining the company's policy on any outsourcing of company control functions;
ensure that all company control functions correctly in accordance with the indications and guidelines approved by the Board of Directors and assist the latter in developing the coordination document for the control functions and for the company/group internal audit and risk management system in general.

The Risk Management and Internal Control Committee provides its preliminary opinion to the Board of Directors:

on the guidelines of the risk management and internal control system, so that the main risks concerning the Company and its subsidiaries are correctly identified, as well as adequately measured, managed and monitored, also determining the degree of compatibility of the risks with company management consistent with the strategic objectives identified;
on the suitability of the internal audit and risk management system with respect to the company's characteristics and the risk profile assumed, and its effectiveness;
on the activity programmes (including the audit plan) and on the annual reports prepared by the head of the internal audit function and by the heads of the control functions, where present, of the Group companies;
on the description, in the Report on corporate governance and ownership structures, of the main characteristics of the risk management and internal control system and the methods of coordination between the parties involved, including the assessment of its adequacy;
on the results presented by the external auditor (or independent auditor) in the letter of recommendations, if any, and in the report on the main issues which came up during external audit.

With reference to the appointment, revocation, adequacy of the resources assigned for the performance of its functions as well as the fixed and variable remuneration of the head of the internal audit function of the Bank and, where present, of the Group companies, the Committee supports the Board of Directors in its decisions also by issuing preventive opinions where required by the legislation in force from time to time or by the Board of Directors.

With particular reference to the tasks relating to managing and controlling risks, the Committee acts as support to the body with strategic supervisory function:

in the definition and approval of strategic risk governance guidelines and policies. As part of the RAF, the Risk Management and Internal Control Committee carries out the evaluation and proposal activities necessary for the Board of Directors to define and approve the risk objectives and the tolerance threshold;
in the verification of the correct implementation of strategies, risk management policies and the RAF;
in defining the evaluation policies of business activities, including verifying that the price and terms of transactions with customers are in line with the business model and risk strategies.

Without prejudice to the powers of the Remuneration Committee, the Risk Management and Internal Control Committee ensures that the incentives underlying the company's remuneration and incentive system are consistent with the RAF.

In carrying out its functions, it can access all the information and company functions relevant to the performance of its duties and can make use of external consultants, within the terms established by the Board of Directors and in compliance with the Group policy for the management of inside information.

The Risk Management and Control Committee carries out its activities using, in an ordinary way, the information contributions of the Board of Directors, of the director in charge of the risk management and internal control system, of the head of the internal audit function and the other control functions, of the Financial Reporting Officer, of the supervisory body envisaged by (It.) Legislative Decree of 8th June 2001, no. 231, as subsequently amended and supplemented, and the statutory auditor or the representatives of the auditor, as well as the results of the activities carried out by the other committees set up by the Board of Directors.

It prepares mechanisms that guarantee the timely exchange of information with the Board of Statutory Auditors, ensuring the availability of relevant information for the performance of their respective duties and the coordination of activities in common spheres of competence for better efficiency of the systems of internal control.

The Risk Management and Control Committee has autonomous use of a set of financial resources to the limit of €60,000 a year, established by the Board of Directors, and with the requirement of reporting on the use of funds, at least once a year, usually during the review of the Report on Corporate Governance and Shareholding Structures.

On the subject of transactions with related parties and/or associated persons, the Risk Management and Internal Control Committee, in its component consisting solely of independent directors, also performs the roles assigned to it by the Board of Directors, as governed by the current internal regulations.

During 2020, the Committee's activity concerned the following key guidelines:

updating of the list of "connected entities".
discussions with the heads of Intenal Audit, Risk Management, Anti-Money Laundering and Compliance on their respective plans and annual reports, on the quarterly Tableau de Bord then sent to the Bank of Italy;

investigation on the work of the Board of Directors for matters concerning:

quarterly assessments of receivables and other financial statement items, in view of the periodic financial reports;
half-yearly complaint management assessments;
dialogue, together with the Board of Statutory Auditors, with the Financial Reporting Officer and with the external auditor;
Transactions falling within the scope of the related parties of the group;
dialogue with the Head of the Business Continuity Plan and with the executives responsible for ICT governance (strategic plan, reports, disaster recovery and business continuity tests and plans);
dialogue with contacts from the Outsourced Essential or Important Functions;
internal regulation (regulations, policies, organisational processes and procedures, methodological manuals, responsibilities).

11. Risk management and internal control system

Indeed, it is a fundamental source of knowledge for corporate bodies so as to ensure full awareness of the situation at hand and effective monitoring of corporate risks and their interrelations; it directs changes in strategic guidelines and corporate policies and enables adaptation of the organisational scenario in a consistent manner; it oversees the functionality of management systems and compliance with prudential supervisory bodies; Furthermore, it encourages diffusion of correct risk culture, compliance with the law and respect for corporate values.

In the document "Group guidelines on the Internal Control system", last updated in December 2020, the Board of Directors defined the guidelines at Group level:

a) the principles underlying the internal control system;
b) the internal control system's development process, with comprehensive division of tasks between the governing bodies regarding the following phases:
- I. design of the internal control system;
- II. implementation of the internal control system;
- III. evaluation of the internal control system;
- IV. external communication concerning the internal control system;
c) the elements that characterise risk governance;
d) the organisational control model;
e) the control roles and tasks assigned to the organisational units that carry out the company control functions;
f) the liaison methods between organisational units that carry out the company control functions;
g) the information flows between the organisational units that carry out the company control functions and between the organisational units and management;
h) the activities for the coordination of Group internal controls.

Banca Ifis pursues the following general principles of organisation:

The decision-making processes and the assignment of tasks to personnel are formalised and allow univocal identification of duties and responsibilities, and are suited to preventing any conflict of interest. Additionally, the necessary separation between operating and control functions is ensured;
The human resource management policies and procedures ensure that all personnel are equipped with the skills and expertise needed to perform the responsibilities assigned to them;

The risk management process is effectively integrated. Indeed: a) a common language is used in risk management at all levels; b) the methods and instruments used to identify and assess risks are consistent with each other; c) risk reporting forms are clearly defined, in order to encourage understanding and proper assessment of these, also considering the global risk; d) moments dedicated to coordination and liaison are set aside in order to carry out the relative activities effectively; e) there are continuous information flows between the various functions in connection with the results of the pertinent control activities; e) the identified corrective actions are shared;
The processes and methods for evaluating corporate assets and liabilities, also for accounting purposes, are reliable and integrated with the risk management process. To this end: definition and validation of valuation methods are entrusted to different units; the valuation methods are robust, tested under stress and do not rely excessively on any single source of information; valuation of financial instruments is entrusted to an independent unit rather than the unit trading said instrument;
The operating and control procedures minimise the risks related to fraud or employee disloyalty, prevent, or where this is not possible, mitigate, potential conflicts of interest and, furthermore, prevent involvement, even unconsciously, in money laundering, usury or terrorism financing;
The IT system complies with the requirements of supervisory regulations currently in force;
The guaranteed levels of business continuity are suitable and comply with the requirements of supervisory regulations currently in force.

Banca Ifis also establishes:

Formalised coordination and connection procedures between the Group's components and the Parent Company for all areas of activities subject to direction and coordination;
Duties and responsibilities of the control bodies and functions within the Group, the coordination procedures, the organisational reporting levels, the information flows and the relevant liaisons;
Integration mechanisms of IT systems and data management processes, including for the purpose of ensuring reliability of the measurements on a consolidated basis;
Periodical information flows that allow the various forms of control to be actually exercised over the Group's components;
Procedures that guarantee, at centralised level, an effective unitary management process of the Group's risks at consolidated level;
Systems for monitoring financial flows, credit relationships (especially the granting of guarantees) and the other relationships existing between subjects belonging to the Group;
Checks on the achievement of IT security and business continuity objectives defined for the entire Group and for the individual components.

Banca Ifis formalises and informs the Subsidiaries of the criteria governing the various phases that make up the risk management process and validates the risk management processes within the Group. The Parent Company decides on the adoption of internal risk measurement systems, and it determines their basic characteristics, assuming responsibility for project execution as well as for supervising the proper functioning of said systems and their constant adjustment from a methodological, organisational and procedural standpoint.

The Bank also issues guidelines to the Group's Subsidiaries for designing their Internal Control System. These companies equip themselves with an Internal Control System that is consistent with the Group's strategy and policy on the subject of controls, without prejudice to compliance with any regulations that may apply at individual level. In any case, the Parent Company is required to adopt, in compliance with local constraints, all initiatives suited to ensure control standards and monitoring processes comparable to those required by Italian supervisory provisions, even where foreign regulations do not provide for similar levels of attention.

Banca Ifis defines the process of development of the Group Internal Control System through a cyclical process subdivided into the following steps:

1. planning
1. implementation
1. evaluation
1. communication outside the organisation.

The Parent Company's Board of Directors, in the exercise of its strategic supervisory function, designs the Internal Control System and in this respect:

1. It defines and approves:
2. a) the Group business model, being aware of the risks to which this model exposes Banca Ifis and its Subsidiaries and understanding the ways in which these risks are detected and assessed;

b) the Group strategic lines, updated in connection with the evolution of the company activity and of the external context;
c) risk objectives, the tolerance threshold (where identified) and risk management policies;
d) the group RAF, taking into account the specific operations and related risk profiles of both Banca Ifis and its Subsidiaries, in order to ensure their consistency and integration. The Board of Directors of each Subsidiary is responsible for implementing the Group's RAF as concerns the aspects pertaining to its company situation;
e) the guidelines for the design of the internal control system;
f) The criteria for identifying "Most Significant Transactions" to be submitted to the Parent Company's Risk Management Office for prior approval, as well as approval of those defined by the Subsidiaries, as per the Policy governing transactions of greater importance;
g) the process for assessing the Group's liquidity adequacy (ILAAP), promoting the full use of the related results for management purposes;
h) the Contingency Funding Plan (hereinafter the "CFP"), which defines the actions to be taken in the event of market crises or specific situations in the Group;
i) the process of managing crisis situations to which the Parent Company and its Subsidiaries could be exposed and the Recovery Plan;
j) the organisational structure, ensuring on an ongoing basis that the tasks and responsibilities are clearly and appropriately allocated and ensuring that the operational functions are separate from those of Control;
1. it approves:
2. a) the establishment of the corporate control departments of the Parent Company, the related tasks and responsibilities, the methods of coordination and collaboration, the information flows between these departments and between them and the corporate bodies;
3. b) internal systems for reporting violations;
1. it develops, submits to the Shareholders' Meeting and reviews, at least annually, the Group's Remuneration and incentives policy;
1. at least once a year, it approves the Action Plan, including the Annual and the Long-term Audit Plan drawn up by the Parent Company's Internal Audit Office, and it examines the annual reports prepared by the Parent Company's Control Functions;
1. it defines the guidelines for the design of the internal control system of the Subsidiaries.

On the proposal of the Chief Executive Officer of the Parent Company, it also approves:

a) the group risk management process, assessing its compatibility with strategic lines and risk governance policies;
b) the group process for the development and validation of internal risk measurement systems, even if not used for regulatory purposes, but exclusively for management;
c) The reference organisational and methodological framework for the analysis of the Group IT risk, encouraging the opportune use of information on the technological risk within the ICT Department and the integration with risk measurement and management systems (specifically: operating, reputation and strategic risks);
d) the group's IT risk appetite, as regards internal services as well as those offered to the clients, in compliance with risk objectives and the reference framework for determining the risk appetite defined at Group level;
e) the IT security policy;
f) the Group policy on the subject of outsourcing company functions;
g) the group anti-money laundering policy;
h) distribution of responsibilities and decision-making powers (both for the Parent Company and the companies making up the Group) which is consistent with the strategic lines and the focus on risk established, verifying their implementation;
i) the Group policies and processes for evaluating corporate assets and, in particular, financial instruments, continuously checking their suitability; It also sets the Group's maximum risk exposures, both for the Group as a whole and for the individual companies of the Group, where the evaluation of the financial tools and products involved is difficult or uncertain;
j) the group process for approving new products and services, starting new activities and entering new markets; the process for approving new products and services, starting new activities, entering new markets
k) the code of ethics which the members of the corporate bodies and the employees of the Group are required to comply with in order to mitigate operational and reputational risks;
l) as regards credit and counterparty risks, the general lines of the system used to manage the risk mitigation techniques which oversees the entire acquisition, evaluation, control and realisation process of the risk mitigation instruments used.

In reference to the Internal Control System of each Subsidiary, the applicable body responsible for strategic supervision, after conducting due evaluations for the purpose of safeguarding the interests of the company and within the scope of the prescriptions received:

adopts the group strategic lines and business model, with specific reference to the part that pertains to them;
adopts, insofar as it pertains to them, the Group's RAF;
adopts the guidelines issued by the Parent Company for the design of the corporate Internal Control System;
defines any modifications to be made to its own Internal Control System, in line with internal regulations on the subject of direction and coordination defined by the Parent Company.

The Board of Directors of the Parent Company delegates adequate powers to the Chief Executive Officer so that they, as a management body, implement the internal control system, both of the Group and the company, in line with the choices made in the planning phase. Specifically, the powers granted to the Chief Executive Officer by the Board of Directors are such as to allow the Chief Executive Officer to:

implement the strategic guidelines, the group RAF and risk governance policies;
adopt the measures needed to ensure compliance by the organisation and the Internal Control System with the applicable regulatory requirements and principles, monitoring their constant observance.

With reference to the Internal Control System in each single Subsidiary, the relative Management Body:

• Defines the organisational, methodological and procedural structure for the IT risk analysis process, liaising appropriately with the Parent Company's Risk Management Office as regards processes for assessing operational risks;
• With reference to the ICAAP/ILAAP processes, it provides the necessary support to the Parent Company's Risk Management Office for the parts falling under its competence;
• Implements the initiatives and interventions necessary to continuously guarantee the completeness, suitability, functionality and reliability of its Internal Control System, in line with the internal regulations on management and coordination laid down by the Parent Company. It brings the results of the checks carried out to the attention of the body with strategic supervision function, where there is no coincidence of role between the body with management function and the body with strategic supervision function.

In reference to the Group Internal Control System, the Parent Company's Board of Directors carries out, including through the departments performing company control functions, checks aimed at ascertaining consistency between what was defined and approved and the relevant implementation.

The Parent Company's Chief Executive Officer ensures:

that the Group's risk management processes are consistent with the risk appetite and risk management policies, taking into account the internal and external changes affecting the companies making up the Group;
correct, timely and prudent management of information used for accounting and reporting purposes.

The Parent Company's Board of Statutory Auditors supervises compliance with the relevant legislation, regulations and by-laws, on correct administration and adequacy of the organisational and accounting structures of the Bank.

The Parent Company's Board of Statutory Auditors may work with the internal Control Units and structures of the Bank to perform and direct their own checks and inspections deemed necessary. For this purpose, it receives from these bodies flows of information that are periodic or relevant to specific situations or corporate trends. Due to this close connection, the Board of Statutory Auditors is also specifically consulted, in addition to the decisions concerning the appointment and dismissal of managers of the corporate internal Control Units, on the definition of the essential elements of the overall architecture of the Internal Control System (powers, responsibilities, resources, information flows and conflict of interest management).

The Parent Company's Board of Statutory Auditors checks and explores the causes and remedies of management irregularities, of trend anomalies and of deficiencies relating to the organisational and accounting structures, paying particular attention to compliance with the rules of conflict of interest.

The audits that the Board of Statutory Auditors performs must involve transversely the entire organisation, including audits on systems and procedures, on the various branches of activity and on operations in general. It also verifies the correct exercise of the strategic and management control activities carried out by Banca Ifis on its subsidiaries.

The Parent Company's Board of Statutory Auditors ensures that all the functions involved in the control system are suitable, that the applicable tasks are performed correctly and coordination of the same is appropriate, promoting corrective actions where any shortcomings and irregularities have been detected.

With reference to the audit performed by independent auditors, the Board of Statutory Auditors itself performs those tasks related to the assessment of the adequacy and functionality of the accounting structure, including the relevant information

systems, in order to ensure correct representation of business facts. Also, to this end, it constantly coordinates with the latter.

The Parent Company's Board of Statutory Auditors also

a) reports to the Board of Directors and to the C.E.O. any shortcomings and irregularities detected and, without prejudice to the obligation of reporting to the Bank of Italy, requests the adoption of corrective measures and verifies their effectiveness over time;
b) checks its adequacy in terms of powers, operation and composition, taking into account the size, complexity and the activities carried out by the Bank;
c) is responsible for ensuring the completeness, suitability, functionality and reliability of the Group Internal Control System and the RAF. In carrying out this task, it ensures compliance with the supervisory provisions laid down on a time to time basis, particularly those referring to the Internal Control System and the ICAAP/ILAAP processes;
d) it supervises the completeness, adequacy, functionality and reliability of the Internal Rating System used for the purposes of management and compliance of the same with those requirements that, provided by the regulations for the Internal Rating Systems adopted for regulatory purposes, the Board of Directors of the Bank considered relevant in order to implement compliance to ensure its correct and effective functioning.

With reference to the Internal Control System of each single Subsidiary, the related control body is responsible for monitoring the completeness, suitability and reliability of its own Internal Control System, performing, as applicable, the same functions as those of the Parent Company's Board of Statutory Auditors.

The Board of Directors of Banca Ifis ensures that information is given on the internal control and risk system in all cases envisaged by the regulations, guaranteeing the correctness and completeness of the information provided.

The following control functions are identified and are classified according to the levels envisaged by the supervisory regulations in force:

Third-level controls, carried out by the Internal Audit office. These are aimed at identifying violations of procedures and regulations, as well as to periodically assess the completeness, adequacy, functionality (in terms of effectiveness and efficiency) and reliability of the Internal Control System and IT system (Audit ICT), at fixed intervals according to the nature and intensity of the risks;
Second-level controls, carried out by Risk Management, Compliance and Anti-Money Laundering. They have, inter alia, the objective of ensuring the correct implementation of the risk management process, compliance with the operating limits assigned to the various departments, the compliance of company operations with the rules, including those of self-regulation.
First-level or line controls, aimed at ensuring the correct execution of operations, carried out by the production departments themselves or carried out as part of the back-office activity. The operating departments are primarily responsible for the risk management process: in the course of day-to-day operations, these structures must identify, measure or evaluate, monitor, mitigate and report the risks deriving from ordinary business activities in accordance with the risk management process; they must comply with the operating limits assigned to them in line with the risk objectives and with the procedures that make up the risk management process.

The Head of Internal Audit is placed directly under the body with strategic supervision function. He/she has direct access to the Board of Statutory Auditors and communicates with it without restrictions or intermediaries.

The effective functioning of the planned organisational model, based on making available to the Internal Audit Office information on management and on business trends, is also ensured through the systematic informational liaison with the Parent Company's Chief Executive Officer on the activities carried out.

The Heads of the Risk Management Office, the Compliance Office and the Anti-Money Laundering Office report directly to the Management Body. In any case, they have direct access to the Board of Directors and the Board of Statutory Auditors and communicate with them without restrictions or intermediaries. Specifically, the managers of the second-level Control Units normally report directly to the Board of Directors and to the Board of Statutory Auditors on a quarterly basis or upon the specific request of the Boards and, in any case, whenever the need arises.

The Heads of the Internal Audit Office, the Risk Management Office, the Compliance Office and the Anti-Money Laundering Office:

must possess adequate professional requirements;
are appointed and removed by the Board of Directors, after consulting with the Board of Statutory Auditors;
have no direct responsibility over operational areas subject to control.

The Internal Audit Office, the Risk Management Office, the Compliance Office and the Anti-Money Laundering Office control departments are separate from an organisational standpoint and are not involved in the risk assumption processes. The structures considered involved in risk assumption are those that possess the following characteristics, even if not cumulatively:

a) are empowered to authorise risk assumption;
b) receive remuneration that is tied to company results or their objectives entail the assumption of risks;
c) are coordinated by the subjects included in the previous categories a) and b).

As part of the internal control system, roles and tasks have been assigned to the organisational units responsible for second and third level controls, which are detailed in the relevant organisational Regulations or in the Group's anti-money laundering policy.

Without prejudice to mutual independence and their respective roles, Internal Audit, Risk Management, Compliance, Antimoney Laundering and the Financial Reporting Officer collaborate with each other and with the other organisational units in order to develop their own control methodologies in a manner consistent with company strategies and operations.

In addition, the managers of the organisational units with control functions interact with each other, coordinating and collaborating in order to avoid overlapping, to develop synergies and optimise collaboration.

Emphasis is placed on the information flows relating to the internal control system between the organisational units that carry out the company control functions and between these units and the corporate bodies:

Internal Audit. The frequency with which the Head of the Parent Company's Internal Audit Office has to report to the Board of Directors on its doings must be such as to always allow said Board the possibility of prompt action. Therefore, in addition to periodical and systematic information on a quarterly basis (Tableau du Bord), it is crucial to provide information of an episodic nature aimed at notifying the administrative body of any events which may need quick corrective and/or improvement action. In this context, any outcomes of the checks of a negative nature or showing significant shortcomings are fully, promptly and directly forwarded to the corporate bodies.

With regard to the planning of activities and periodic reporting, the Internal Auditing Office of the Parent company submits to the Parent company's Board of Directors :

The Auditing Action Plan (annual and long-term);
The quarterly tableau de bord;
The Annual report on activities carried out;
The Annual report on investigations carried out on Subsidiaries;
Information on audits carried out regarding compliance of remuneration practices with the applicable policies and regulatory environment;
Information on audits relating to government and management of the liquidity risk;
The Report on important operational functions outsourced to companies not part of the Group;
The annual report on the correct functioning of the internal systems for reporting violations (whistleblowing);
The report on the internal audit activity on investment services.

The Parent Company's Internal Audit Office also promptly sends the Board of Directors the results of assessments having a negative outcome or showing significant shortcomings.

Stable forms of collaboration between the Board of Statutory Auditors, the Risk Management and Internal Control Committee, the Supervisory Body and the Internal Audit Office of the Parent Company are also put in place, which are implemented by means of:

mutual exchange of information;
the possibility for the Board of Statutory Auditors, the Risk Management and Internal Control Committee and the Supervisory Body to request that the Internal Audit Office of the Parent Company conduct audits on specific operational areas or particular corporate operations.

In addition, the Parent Company's Head of Internal Audit:

reports to the Board of Statutory Auditors, the Risk Management and Internal Control Committee and the Supervisory Authority, upon the request of these bodies, in relation to the activity carried out;
draws the attention of the managers of the other Control Units to any inefficiencies, weaknesses or irregularities that became evident during the verification activities carried out that could be of relevance to the activities of each of them;
informs, for the implementation of the relevant interventions of competence, the managers of the organisational structures involved, of any inefficiencies, weaknesses or irregularities that have become evident.

Risk Management. Presents to the Board of Directors for approval (or for final examination, with particular reference to the periodic reports produced) to the Board of Statutory Auditors and to the Risk Management and Control Committee:

the work programmes in which the main risks to which the Group is exposed and the relevant management operations programmed are identified and assessed;
the report on the activities carried out which illustrates the checks carried out, the results that emerged, the weaknesses found and the actions to be taken to remove them (both for Banca Ifis and for the subsidiaries);
the Group's public disclosures;
the Group RAF;
the policies governing risk management;
the Group ICAAP/ILAAP report;
the Contingency Funding Plan;
the Group Recovery Plan;
The quarterly tableau de bord;
the periodic reporting on "Most Significant Transactions" for which the Bank has expressed its opinion of consistency with regard to the RAF, indicating those which, albeit with a negative opinion, are followed by a favourable decision;
the report on the internal audit activity on investment services.

In addition, the Risk Management Office sends to the Risk Management and Internal Control Committee:

periodic reporting on significant risks assumed by the Group with evidence of deviations between actual exposure levels and the risk objectives established;
any specific reports regarding the risks that could potentially be assumed due to the launch of new products and/or as a result of entry into new markets.

The Head of the Risk Management Office informs the managers of the other Parent Company Control Units of the critical issues detected during its verifications that could be of relevance to the activities of each of them.

The reciprocal transmission of the results of the individual interventions performed, usually for information purposes and in relation to the scope of competence, is also carried out.

Compliance. Presents to the Board of Directors for approval (or for final examination, with particular reference to the periodic reports produced) to the Board of Statutory Auditors and to the Risk Management and Control Committee:

the action plan identifying and assessing the main risks of non-compliance with regulations and the necessary interventions planned;
the report that illustrates the checks carried out, the results that emerged, the weaknesses found and the proposed actions to be taken to remove them;
The quarterly tableau de bord;
the report on the overall situation of complaints received, the adequacy of procedures and the organisational solutions;
the report on transparency (Transparency of transactions and of banking and financial services, correctness of relations between intermediaries and clients, investigations on internal procedures);
the report on the investment services and complaints received.

The Head of the Compliance Office informs the managers of the other corporate Control Units of the Parent Company of critical issues detected during its verifications that could be of relevance to the activities of each of them. The reciprocal transmission of the results of the individual interventions performed, usually for information purposes and in relation to the scope of competence, is also carried out.

Anti-Money Laundering Office Presents to the Board of Directors for approval (or for final examination, with particular reference to the periodic reports produced) to the Board of Statutory Auditors and to the Risk Management and Control Committee:

the plan of activities;
The quarterly tableau de bord;
The Annual report on activities carried out;
The document containing the risk self-assessment results and the relative correction plan.

The Head of the Anti-Money Laundering Office informs the managers of the other corporate Control Units of the Parent Company of the critical issues detected during its verifications that could be of relevance to the activities of each of them. The reciprocal transmission of the results of the individual interventions performed, usually for information purposes and in relation to the scope of competence, is also carried out.

Financial Reporting Manager. In compliance with the provisions laid down in Article 154bis of the Consolidated Law on Finance, the Parent company Financial Reporting Officer sees to:

issuing a certificate, together with the Parent Company Chief Executive Officer, certifying:
- o the suitability and effective application of administrative and accounting procedures;
- o compliance of financial documents with the IAS/IFRS principles;
- o correspondence of financial documents with the corporate books and accounting records;
- o the suitability of the same to provide a true and fair view of the equity, financial and economic position of the Bank and its consolidated Subsidiaries;
- o that the "management report" includes a reliable analysis of the trends, results of operations and financial situation of the Bank and Group;
issuing a declaration that the corporate acts and communications disclosed to the market and the relative financial reports, also interim, correspond to the documentary results, books and accounting records of the same (Art. 154 bis, paragraph 2).

Together with what is specifically provided for in the above-mentioned regulations, the Financial Reporting Officer prepares:

the annual plan of his/her activities, in which the perimeter of the analysis to be performed on an annual basis is defined. This document is then submitted to the Chief Executive Officer for sharing purposes, with subsequent presentation to the Risk Management and Internal Control Committee;
the half-yearly report on the results of activities carried out (based on the Annual report and the Consolidated interim report) giving details of such activities to the CEO and to the Risk Management and Internal Control Committee.
specific and dedicated reporting where required and/or requested by Governing bodies.

a. Key characteristics of the current risk management and internal control systems in relation to the financial reporting process

a.1. Introduction

In relation to the financial reporting process, the risk management and internal control system are components of the same overall "System", which is designed, among other things, to ensure the credibility, accuracy, reliability and timeliness of financial reporting.

To ensure appropriate safeguards and correct mitigation against the risk of inaccurate financial reporting, Banca Ifis has a specific analysis framework that crosses the various business processes and aims to identify and control the main risks that the Company is exposed to in carrying out significant transactions that generate the information contained in the financial statements and any other report of a financial nature.

The application of the framework is designed to ensure accuracy, reliability and timeliness of financial reporting, working towards integration with the overall risk management and internal control system.

The provisions in the Articles of Association concerning the Financial Reporting Officer, the appointment of the current Financial Reporting Officer, the Group's Risk Management Policy Regarding Inaccurate Financial Reporting, the updated "Financial Reporting Officer's Scope of Activity" and the "Financial Reporting Officer's Regulations and the Monitoring and Control of Financial Reporting", approved by the Board of Directors, comprise, together with the overall set of administrative and accounting procedures, the collection of measures adopted by the Bank to cover the risk of inaccurate financial reporting.

The framework is made up of several levels of analysis that, together, define adequate Group administrative and accounting procedures. It is inspired by the principles and guidelines defined by the Internal Control - Integrated Framework issued by the Committee of Sponsoring Organisations of the Treadway Commission (known as CoSO) and by the Control Objectives for Information and related Technology (known as CobiT), considered as reference models accepted internationally.

The framework analysis levels are as follows:

• Process-level controls: these are checks carried out at the process level. Their implementation provides evidence that adequate administrative and accounting procedures are applied in order to ensure effective internal control over financial reporting;

• IT General Controls or "ITGC": these are checks that operate at the company level and are specifically related to the Information Technology management processes that support the execution of business processes. They relate, for example, to software acquisition and maintenance, physical and data security management, application development and maintenance.

a.2. Description of key characteristics of the current risk management and internal control systems in relation to the financial reporting process (the "System")

The process of managing the risk of inaccurate financial reporting and the methods of collaboration and coordination between the Monitoring and Control of Financial Reporting department, the Accounting and Financial Statement department and the Bank's other departments and bodies are defined within the Group Policy to manage the risk of inaccurate financial reporting, approved by the Board of Directors. The Accounting and Financial Statement department is required to perform administrative and accounting tasks, as well as producing financial reports with the contribution of the Financial Reporting Officer and certified by the latter pursuant to Article 154-bis of the TUF. 154-bis of the TUF.

a.2.1 Phases of the risk management process regarding inaccurate financial reporting

The operational approach that characterises the overall process of risk management of inaccurate financial reporting is divided, in line with the Bank's risk management process phases, into the following sub-processes:

Identification: the Monitoring and Control of Financial Reporting department, with operational support from the Accounting and Financial Statement section, identifies entities to be included in the scope of verification activities. The significance of Subsidiary Companies is assessed annually on the basis of the criteria adopted.
Risk Assessment: the risks identified are assessed in terms of potential, considering the relative frequency and severity of impact. Subsequently, the Monitoring and Control of Financial Reporting department evaluates the adequacy of the defined organisational safeguards in terms of preventing the risk of inaccurate financial reporting and ensuring compliance with current external legislation, in addition to principal best practice (control design assessment).
Monitoring: The Monitoring and Control of Financial Reporting department, considering the suitability expressed regarding the administrative and accounting procedures, checks that the identified controls are actually put into practice in the manner and frequency prescribed and are tracked by filing the relevant evidence (verifying the effective application of control).
As part of the management and administration actions exercised by the Parent Company over Group companies, the Parent Company's Financial Reporting Officer, by means of the Monitoring and Control of Financial Reporting department, analyses the documentation produced by the contacts at each Subsidiary Company's Financial Office (where considered significant during annual planning) and assesses the results of checks carried out by them for the purposes of accurate consolidated financial reporting. Any problems emerging will be summarised in a report prepared every six months by the Parent Company's Financial Reporting Officer, submitting it for the attention of the Board of Directors.
Mitigation: suitability assessment and checks on effective application can highlight potential deficiencies in organisational safeguards set out to reduce the risk of inaccurate financial reporting. On receipt of the results of Assessment and Monitoring activities, the Organisational Office will define, with the support of the Monitoring and Control of Financial Reporting and Accounting and Financial Statement departments, the necessary corrective action and/or actions to strengthen the existing safeguards.
Reporting: the Monitoring and Control of Financial Reporting department prepares a report every six months which it shares with the Chief Executive Officer and subsequently submits to the Board of Directors, the Risk Management and Internal Control Committee, and the Board of Statutory Auditors. The report shows the checks carried out, their results and any problems encountered. The Financial Reporting Officer uses the suitability and effective application assessments on the administration and accounting procedures to provide the certification required pursuant to Article 154-bis, paragraph 5 of (It.) Legislative Decree no. 58/98.

a.2.2 Roles and Departments involved

In light of the significant responsibilities entrusted to them, the Financial Reporting Officer is attributed appropriate powers and resources to perform their duties, as detailed in paragraph 11.5 of this Report. The Financial Reporting Officer receives all cooperation necessary from all of the Bank's organisational units to carry out the activities of the role, having guaranteed free access to all areas, information, accounting records and documents relating to the role's activities. In addition, if necessary, they may require information or documents held by external suppliers, through the relevant contact point for the outsourced activity. Lastly, the Financial Reporting Officer may agree with each organisational unit involved in the process on the procedures for transmitting the information flows necessary to carry out their duties.

The Financial Reporting Officer, in performing their activities, has access to the Monitoring and Control of Financial Reporting organisational unit. This OU assesses the completeness, suitability, functionality and reliability of the internal control system, focusing on producing financial reports and managing the risk of their potential inaccuracy.

The Monitoring and Control of Financial Reporting section works closely with the Finance, Organisation and Operations organisational units, each in relation to its own activities.

Internal Audit assesses the completeness, suitability, functionality and reliability of the process to manage the risk of inaccurate financial reporting.

As part of the management and administration activities exercised by the Parent Company over Group Companies, the Parent Company's Finance Department issues administrative and accounting guidance by which the organisational units of the Group Companies must abide when carrying out the activities under their responsibility.

In view of the fact that the Group's configuration includes entities considered as significant in defining the scope of the Financial Reporting Officer's activities (the so-called identification phase), Banca Ifis, as part of the management and administration activities it exercises over Subsidiary Companies, requires the following to be carried out, via the Parent Company's Financial Reporting Officer:

The quarterly issue of an appropriate control checklist to the Finance contacts at these entities, so that the Parent Company's Financial Reporting Officer can assess the suitability and effective application of the administrative and accounting procedures for the preparation of financial reports, based on these checks. The evidence produced by the Finance contacts at the subsidiaries, together with the declaration they issue regarding the effective performance of the required checks and application of the Group's accounting policies, is obtained, assessed and stored by the Monitoring and Control of Financial Reporting department. The checklists are reviewed quarterly, when the need arises.
The Monitoring and Control of Financial Reporting department is to carry out assessments at these entities, in accordance with what is set out in annual plans that are ratified by Banca Ifis's Board of Directors.

11.1. Director in charge of the risk management and internal control system

The Board of Directors, appointed by the shareholders at the Shareholders' Meeting of 19th April 2019, has confirmed that the Chief Executive Officer is the director in charge of overseeing the functionality of the risk management and internal control system.

In his managing role, he constantly reported back to the Board of Directors on all aspects of business management, including verification of the overall suitability, effectiveness and efficiency of the risk management and internal control system.

The Chief Executive Officer also:

monitored, through the competent operational units, the need to update the Group Policies for the control and management of the main business risks;
implemented the guidelines, defined by the Board on a case-by-case basis, concerning the risk management and internal control system, constantly checking their suitability and effectiveness;
oversaw the adaptation of the corporate and group internal control system to changes in operating conditions due to the legislative and regulatory frameworks governing them.

11.2. Head of the Internal Audit Department

Since 1st June 2019, Dr. Angelo Ferracchiati has been holding the position of Head of Internal Audit.

Ferracchiati was appointed on proposal of the director tasked with overseeing the functionality of the risk management and internal control system, in the Board meeting of 30th May 2019, with the favourable opinion of the Risk Management and Internal Control Committee and after consulting with the Board of Statutory Auditors.

On his appointment, the Board, on proposal formulated by the Remuneration Committee, requested the Chief Executive Officer, the General Manager and the Head of Human Resources to define his remuneration.

The unit is a staff department of the Board of Directors and it is not responsible for any operational area; from time to time it is provided with resources that are adequate to carry out its own activities.

The positioning of the Internal Audit in the organisational chart as a staff department of the Board of Directors, in addition to assuring its independence – in line with the Bank of Italy's guidance and with sector best practice – facilitates the appropriate exchange of information with the Risk Management and Internal Control Committee, with the Board of Statutory Auditors and, in general, with company bodies and management.

The mission assigned to the Internal Audit by the related regulation, approved by the Board of Directors, includes verifying that the risk management and internal control system is complete, suitable, functional and reliable.

***

The Group's Internal Auditing Regulations require the Parent Company's Internal Audit department to define a plan of activities that is based on a structured process of analysis and prioritisation of the main risks and takes into account the different levels of risk involved in the various activities and structures of the Parent Company and its Subsidiary Companies. Specifically with regard to the companies of the Banca Ifis Group, a contact point of the Internal Audit Department was appointed, that each Subsidiary has outsourced to the Bank; the contact point reports hierarchically to the Head of the Bank's Auditing Department, but functionally to the Subsidiaries' Administrative and Control Bodies.

The Audit Plan lists the controls planned for a three-year period (multi-year plan) and contains a separate and detailed presentation of the activities planned for the first 18 months. A specific section of the Audit Plan is dedicated to ICT auditing.

Subject to the administration of and cooperation with other control functions, taking into account the importance of the activities programmed by second-level control functions, the Audit Plan is not usually submitted until the Parent Company's Risk Management, Compliance and Anti-Money Laundering control units have submitted their own activity programmes to management.

The Audit Plan is forwarded simultaneously to the Board of Statutory Auditors, to the Risk Management and Internal Control Committee, to the President of the Board of Directors, to the director in charge of the risk management and internal control system (who is also the Chief Executive Officer) as well as to the Parent Company's General Manager for subsequent review by the Board of Directors. The Audit Plan is updated as and when it is deemed necessary, upon request from management and/or when proposed by the Head of Internal Audit.

During the financial year 2020, the Board, with the favourable opinion of the Risk Management and Internal Control Committee, approved a new "Audit Plan for 2020-2022". The activities foreseen for 2020 were developed mainly in two directions: a planning direction, for the development of the Department, and one aiming to guarantee continuity in the internal audit of the Group's main processes.

During 2020, the Head of Internal Audit inter alia:

had direct access to all information useful to perform their role;
liaised constantly with the Risk Management and Internal Control Committee, the Board of Statutory Auditors and the Supervisory Board pursuant to (It.) Legislative Decree no. 231/2001 (of which they are a member), reporting on their own work among other things;
submitted reports of all activities to the Board of Statutory Auditors, the President of the Board of Directors and the director in charge of the risk management and internal control system (who is also the Chief Executive Officer), as well as the General Manager;
discussed with the Risk Management and Internal Control Committee and with the Board of Statutory Auditors the quarterly Dashboard, providing, on such occasion, evidence of the main results of the activities carried out in the quarter;
reported on their own work to management providing, in relation to the processes and/or areas subject to audit, adequate information on the activity carried out, as well as assessments of the residual risk and internal control system, including through guidelines on compliance with the plans defined to mitigate risks. The quarterly reports (Dashboard), the Annual Report and any other reports and documents on specific significant topics fall within this scope;
carried out specific activities concerning the reliability of IT and accounting systems.

The main activities carried out by the Head of Internal Audit during 2020 were based on the above Audit Plan and concerned, to varying degrees in accordance with the level of risk, the Parent Company (Banca Ifis S.p.A.) and its Subsidiary Companies.

Audit activities regarding the Polish subsidiary, Ifis Finance Sp. z o.o, were conducted by Internal Audit, either directly or with the cooperation of BDO S.p.A..

The auditing of Group companies mainly referred to the Npl segment with particular attention paid to the main processes of the two Group companies that operated in the sector (Ifis Npl, now Ifis Npl Investing and FBS, now Ifis Npl Servicing), the Bank's commercial segment and, specifically: the leasing and factoring business units, the pharmacy segment, important outsourced operating functions, and management of business liquidity. Audit activities were also carried out on the IT system, the second-level control units and certain transversal corporate processes not directly and uniquely related to specific business areas, in particular, with reference to the process of management of operational continuity, to the compliance of remuneration practices with the regulatory framework.

Alongside the quarterly reports (Dashboard) and the Annual Report on the work carried out, in compliance with the supervisory bodies' provisions, the Head of Internal Audit also prepared specific reports concerning:

assessments on Subsidiary Companies;
remuneration policies;
the ICAAP process;
the government and management of liquidity risk;
outsourced important operating functions;
investment services;
operation of the internal whistleblowing systems.

lastly, Internal Audit liaised with second-level control units regarding the areas of risk they cover, constantly promoting coordination and sharing meetings.

11.3. Organisational Model ex-(It.) Legislative Decree no. 231/2001

Banca Ifis Group, sensitive to the need to ensure conditions of transparency and fairness in conducting its business, in order to safeguard the image of the individual companies that belong to the Group, the expectations of shareholders and of those who work for and with the Group's companies, has deemed it consistent with its corporate policies to implement the Organisational and Management Model provided for by (It.) Legislative Decree 231/2001.

This initiative was also launched in the belief that applying the Organisational Model is a sound means of informing those who work for the Bank, spurring them to act fairly and consistently when carrying out their activities, in order to limit the risk of the crimes set out in (It.) Legislative Decree no. 231/2001 being committed.

The Banca Ifis Group condemns behaviour that is contrary to current legislation and the ethics principles set out in the Bank's Code of Ethics last updated January 2021. In this context, the application and effective implementation of the Model improve the Bank's Corporate Governance, limiting the risk of the crimes set out in (It.) Legislative Decree no. 231/2001 being committed.

On 26th October 2004, the Board of Directors appointed a Supervisory Board with the autonomous powers of initiative and control as per (It.) Legislative Decree 231/2001; in the meeting of 19th April 2019, it confirmed the decision, already adopted by the previous directors, not to entrust the tasks of the Supervisory Board to the Board of Statutory Auditors. The Supervisory Board is composed of an Auditor, by the Heads of the Internal Audit and Compliance Departments, and by two independent directors, one of whom holds the office of President.

In preparing its Organisational Model, last updated on 15th October 2020, Banca Ifis used the ABI's (Italian Banking Association) "Guidelines for the adoption of organisational models regarding a bank's administrative liability". These provide guidance on the interpretation and analysis of the legal and organisational implications resulting from the introduction of (It.) Legislative Decree no. 231/2001.

In preparing its Model, Banca Ifis considered its existing and widely implemented procedures and control systems, in that they are suitable as measures to prevent crimes and to control processes. The Model is part of a broader control system that consists mainly of the Internal Control Systems required by the Bank of Italy and by the Corporate Governance rules that apply to the company.

In addition, viewing its organisational and management model as a key company policy tool, Banca Ifis extends the organisational instruments that form part of the Organisational Model adopted by the Bank to its subsidiaries as applicable.

The Supervisory Board's Regulations are available on the Bank's website, in the section "Corporate Governance – The Value of Ethics".

At present, the rules in question refer to the following types of crime:

crimes against the Public Administration;
conduct attributable to the types of computer crime;
corruption and offences envisaged and punished by Article 25 and 25 ter of (It.) Legislative Decree no. 231/2001
counterfeiting of coins, legal tender, government stamps and instruments or signs of recognition;
conduct attributable to offences against industry and trade and crimes relating to copyright infringement;
some types of corporate crimes;
conduct attributable to organised crime offences; crimes with the purpose of terrorism and subversion of the democratic order; transnational crimes; crimes against the person; crime of induction to not make statements to the legal authorities;
crimes attributable to market abuse;
conduct attributable to the types of offence relating to safety in the workplace;
receiving stolen goods, money laundering and use of money, assets or other benefits of unlawful provenance, as well as self-laundering;
environmental crimes
tax offences

The Supervisory Body is made up of a Statutory Auditor, chosen by the Board of Statutory Auditors, by the Managers while in office, the heads of Internal Audit and Compliance as well as by two independent Directors, chosen by the Board, one of whom with the office of president; the Supervisory Body remains in office for three years and meets at least every six months. The secretariat of the Supervisory Body is provided by the Legal and Corporate Affairs Department and the secretary, on behalf of the President, draws up the minutes of the meetings which are kept by the Legal and Corporate Affairs Department. The President, or other member designated by the President on a case by case basis, reports to the Board of Directors, at its earliest possible meeting, on the activities carried out and, where required, on activities that are on-going and/or planned, and whether it has used any of its independent financial resources.

The Board has autonomous powers of initiative and control, pursuant to (It.) Legislative Decree no. 231/2001 "Governance of administrative liability of legal persons, companies and associations including without legal status".

11.4. External Auditor

The Shareholders' Meeting of 17th April 2014 appointed EY S.p.A. to audit the Company's annual financial statement and the Group's consolidated financial statement as well as the limited auditing of Banca Ifis's half-yearly interim report, for each of the nine financial years with closing dates from 31st December 2014 until 31st December 2022.

EY S.p.A. have also been tasked, by means of separate formalised agreements, with auditing the controlling company's financial statement and those of Banca Ifis's Subsidiary Companies.

11.5. Financial Reporting Officer responsible for preparing company accounts and other roles and company functions

On 12th April 2016, the Board of Directors appointed Mariacristina Taormina as Financial Reporting Officer with effect from 18th April 2016.

Pursuant to art. 19 of the Articles of Association:

the Board of Directors, pursuant to Article 154-bis of (It.) Legislative Decree no. 58/1998, after having received the mandatory opinion of the Board of Statutory Auditors, appoints the Financial Reporting Officer;
the Financial Reporting Officer must be in possession of the integrity requirements set out for election to the role of Statutory Auditor by Article 2 of (It.) Ministerial Decree no. 162 of 30th March 2000 and the professionalism requirements set out for election to the Board of Directors of banks incorporated in the form of a limited company by Article 1, paragraph 1 of (It.) Ministerial Decree no. 161 of 18th March 1998.

The Board of Directors gives the Financial Reporting Officer autonomous spending powers, in accordance with the programmed plan of activities they intend to implement. The Financial Reporting Officer must report periodically to the Board of Directors on the exercise of their spending powers.

The Financial Reporting Officer also has the right to:

acquire from within the Bank information relating to events, risk indicators or proposals for technical or organisational adjustments relating to administrative and accounting procedures;
propose modifications to the system of internal controls when deemed appropriate;
participate in Board of Directors and Board of Statutory Auditors meetings and access the minutes of those meetings where the agenda includes the examination and/or the approval of the economic and financial data of the Bank and the Group.

***

The names of the Heads of the other company functions who have been assigned specific tasks on risk management and internal control are shown below:

the role of head of Risk Management (Chief Risk Officer) was assigned to Walter Vecchiato. For 2020, Risk Management was given a budget of €875,000 for the use of external consultants, which can be used independently;
the role of Head of Compliance has been assigned to Francesco Peluso. Compliance was given for 2020 a budget of €75,000 for the use of external consultants and €15,000 for training, which can be used independently;
the role of Head of the Anti-Money Laundering Unit has been assigned to Giovanna Bazzaro. The Anti-Money Laundering Unit was given a budget for 2020 of €120,000 for the use of external consultants and €15,000 for training, which can be used independently.

The Heads of Internal Audit, Risk Management, Compliance and of the Anti-Money Laundering Unit:

must possess adequate professional requirements;
are appointed and removed by the Board of Directors, after consulting with the Board of Statutory Auditors;
have no direct responsibility over operational areas subject to control.

The duties and responsibilities of the above second- and third-level control functions are in line with the supervisory provisions on internal control systems.

11.6. Coordination between individuals involved in the risk management and internal control system

As part of the Group's internal control system, the Parent Company is responsible for creating a unitary system at Group level that enables the effective control of both the Group's strategic choices as a whole and the balanced management of its individual components.

The correct functioning of the internal control system is based on successful interaction whilst carrying out of tasks (guidance, implementation, verification, assessment) between management, any committees formed within management bodies, external auditors and control functions.

For this reason, in line with what is required by the Corporate Governance Code, the Board of Directors, appointed by the Ordinary Shareholders' Meeting of 19th April 2019, has confirmed that the Chief Executive Officer is the director in charge of overseeing the functionality of the risk management and internal control system.

In addition, fruitful interaction and coordination between the top management involved in the risk management and internal control system is facilitated by cross-membership mechanisms and by a balanced composition of committees and bodies; in particular, the Risk Management and Internal Control System Committee and the Board of Statutory Auditors interact frequently during their meetings, and, whenever necessary, with the Chief Executive Officer, with the Financial Reporting Officer responsible for preparing company accounts, with the External Auditor, with the Chief Risk Officer, with the Head of Compliance and the Head of Anti-Money Laundering. They also systematically interact with the Head of Internal Audit who, usually, attends the meetings of both bodies.

The Supervisory Board ex (It.) Legislative Decree 231/2001 benefits of the same cross-membership mechanisms and similar systematic interaction with the other staff of the risk management and internal control system.

The Heads of the control organisational units liaise with each other, coordinating and collaborating, to avoid overlapping, to develop synergies and to optimise partnership.

At least quarterly, usually on the initiative of the Head of Internal Audit of the Parent Company, the heads of the organisational control units of the Parent Company participate in formalised meetings to discuss and exchange opinions on the following topics:

sharing the planning of the respective main verification/audit activities (also with regards to Subsidiaries);
analysing the main findings from audit activities and remedial actions either under way or requested;
checking the current status of various risk exposure levels;
agreeing on the risk map, also divided per risk-taking organisational unit, and the potential significance of identified risks;
agreeing on reporting systems, methodologies and terminology;
and, in a more general sense, successfully exchanging information and analysing possible ways of collaboration.

The meetings are subject to adequate traceability and representatives of other organisational units may also be invited to participate according to the individual topics under discussion.

The minutes of the meetings and other documents of common interest are subject to:

being stored in an appropriate dedicated network folder to which all control organisational units have access;
subsequently reported to Management, on specific requests and when the "Annual Report on Activities", prepared by second- and third-level control organisational units, are submitted.

12. Directors' interests and related-party transactions

In December 2020, the Board of Directors approved – following favourable opinion from the Board of Statutory Auditors, the Risk Management and Internal Control Committee (composed of only independent directors) – an update to the "Policy to control risk assets and conflicts of interest in dealings with associated persons" and the "Procedure to manage relatedparty transactions" (a definition which includes, in accordance with the Bank of Italy's supervisory provisions, "related parties" and persons "associated" with them). The update was necessary to adapt the contents of the legislation on transactions with related parties of the Banca Ifis Group to the new provisions in the 33rd update to the Bank of Italy Circular no. 285/2013 which incorporated the evolution of the European regulatory framework.

The Policy, which outlines the Bank's approach to achieve effective management of risks associated with conflicts of interest in transactions with related parties and associated persons, and the Procedure, which describes, among other things, the criteria for identifying transactions that must be approved by the Board after receiving opinion from (or involving) the Risk Management and Internal Control Committee, is available on the website www.bancaifis.it (under "Corporate Governance – Corporate Documents – Related Parties and Associated Persons").

The Board has adopted further appropriate operational solutions to identify and adequately manage situations in which a director holds an interest in their own name or on behalf of a third-party. These are the Policy on Personal Transactions (last updated in February 2020) and the Policy on transactions carried out by Key Personnel and by people closely associated with them regarding shares, negotiable instruments and associated financial instruments issued by Banca Ifis (last updated in February 2020).

The Policy on Personal Transactions governs the obligations related to the identification of Key Personnel and to the information that the Bank must provide thereto; the rules with which Key Personnel must comply to report to the Bank Personal Transactions Subject to Notification made on Financial Instruments; the means of maintaining the Key Personnel Register, of the Third Issuer Register, and of the Personal Transactions.

In fact, the Policy on Personal Transactions governs trading in a financial instrument carried out by or on behalf of a key member of personnel (including the members of the Board of Directors), provided at least one of the following conditions is met:

a) the Key Personnel member is acting outside the scope of the activities they carry out as a Key Personnel member;
b) the transaction is carried out on behalf of any of the following people:
- o the Key Personnel member;

o a person related to the Key Personnel member (spouse or living together more uxorio, offspring, any other relative of the Key Personnel member who has cohabited for at least one year with the Key Personnel member as of the date of the Personal Transaction) or closely related to the Key Personnel member;
o a person whose relationship with the Key Personnel member is such that the Key Personnel member has a significant direct or indirect interest in the outcome of the transaction, other than a fee or commission for executing the transaction.

Conversely, the Policy on transactions carried out by Key Personnel and by people closely associated with them regarding shares, negotiable instruments and associated financial instruments issued by Banca Ifis governs matters regarding:

a) the identification of Key Personnel (including members of the Board of Directors) and "closely associated" persons;
b) the management of information regarding transactions above the Minimum Amount Threshold on shares, negotiable instruments or Associated Instruments issued by Banca Ifis, directly or indirectly executed by a Key Personnel member or by a "Closely Associated Person" and subject to notification requirements. These include:
- o transactions contemplated by article 19 par. 7 of EU Regulation 596/2014.
- o transactions foreseen by article 10 of Delegated Regulation EU 522/2016;
c) the management of the so-called "closure periods", that is, those periods in which Key Individuals must abstain from executing transactions in shares and other negotiable instruments issued by Banca Ifis, as well as on financial instruments associated with them.

This document is available on we website www.bancaifis.it (under the "Corporate Governance - Internal Dealing").

13. Appointment of Statutory Auditors

The appointment of members of the Board of Statutory Auditors is regulated by Article 21 of the Articles of Association and is based on lists presented by shareholders on which candidates are listed in sequential order and with a number of candidates not exceeding the number of members to be elected. Each list consists of two sections: one for candidates for the office of Standing Auditor, and the other for candidates for the office of Alternate Auditor.

A list can be presented by the shareholder or shareholders who, at the time of submission, own an equity interest equal to at least 1% of ordinary shares, or to another lower ownership threshold that – pursuant to current legislation and regulatory provisions – must be indicated in the notice convoking the Shareholders' Meeting called to pass a resolution to appoint Statutory Auditors.

Two Standing Auditors and one Alternate Auditor are elected from the list that obtained the highest number of votes, based on the sequential order in which they appear on the list. The candidate who is in first position of the relevant section of the list that obtained the highest number of votes among the lists submitted and voted upon by shareholders who are not associated with the reference shareholders pursuant to Article 148, paragraph 2 of (It.) Legislative Decree no. 58/1998, is elected as Standing Auditor. The candidate who is in first position of the relevant section of that same list is elected as Alternate Auditor.

In the case of a tie between two or more lists, the oldest candidates will be elected as Statutory Auditors.

If the selection criteria do not ensure election of at least one Standing Auditor and one Alternate Auditor belonging to the least represented gender, a sliding mechanism is applied to the selection from the list obtaining, during the Shareholders' Meeting, the highest number of votes based on the sequential order in which the candidates are indicated. This mechanism excludes the candidate or candidates of the most represented gender and selects the candidate or candidates of the missing gender.

The Standing Auditor elected from the minority list mentioned above is appointed as President of the Board of Statutory Auditors.

Outgoing Statutory Auditors can be re-elected, for no more than three mandates, in compliance with the regulatory provisions and the Corporate Governance Code.

If, despite the provisions of the Articles of Association and what is set out above, only one list is presented or only one list receives votes, three Standing and two Alternate Auditors will be elected – on condition that the list in question receives the majority of the votes represented at the Shareholders' Meeting – in the order in which they are indicated on that list for the respective post. The Standing Auditor candidate indicated in first place on the list will be appointed President of the Board of Statutory Auditors.

If a Standing Auditor is to be replaced, their post will go to the Alternate Auditor belonging to the same list as the Auditor who has ceased to hold office.

If it is necessary to appoint Standing and/or Alternate Auditors to supplement the Board of Statutory Auditors following early termination of the auditors in office, the Shareholders' Meeting will act as follows: if auditors elected from the majority list must be replaced, the auditor(s) are appointed by majority vote, without list constraints. If, however, it is necessary to replace a Statutory Auditor designated from the minority list, the Shareholders' Meeting will replace them by relative majority vote, choosing the candidate from among the candidates on the list from which the auditor to be replaced was elected. These candidates will have confirmed their candidacy at least 25 days before the date set for the first-call Shareholders' Meeting, together with statements confirming that no reasons for ineligibility or incompatibility exist, and that they possess the requirements needed to hold the post.

Lists must be submitted to the Company's registered office at least twenty-five days prior to the date set for the first-call Shareholders' Meeting, and are made available to the public at the registered office, on the Company's website and through the other methods provided for by current legislation and regulatory provisions at least twenty-one days prior to the date of the first-call Shareholders' Meeting.

Ownership of the minimum number of shares needed to submit a list is determined by taking into account the shares recorded in the name of the individual shareholder or multiple joint-shareholders on the day lists are submitted to the Company. In order to prove the ownership of the number of shares necessary to present the lists, the shareholders may produce the related certificate even after the deposit, on the condition that this is done within the deadline foreseen for the publication of the lists by the Company.

The lists must be accompanied:

by information relating to the identity of shareholders who submitted the lists, stating the overall percentage of shares held;
a statement from the shareholders other than those who hold, separately or jointly, controlling or relative majority shareholdings, certifying the absence of connections with them as set out in Article 144-quinquies of the "Implementing regulations of (It.) Legislative Decree no. 58/1998 concerning the regulation of issuers", or any other significant relationships;
exhaustive information on candidates' personal and professional characteristics, as well as a declaration by the candidates themselves confirming certifying possession of the requirements established by law and their acceptance of candidacy.

Candidates who already hold the post of auditor in five other listed companies or who do not possess the integrity, professionalism and independence requirements as set out in applicable regulations or that fall within the cases referred to in Article 148, para. 3 of (It.) Legislative Decree no. 58/1998, may not be included in candidate lists.

Each list must contain at least one candidate for the post of Standing Auditor and at least one candidate for the post of Alternate Auditor belonging to the least represented gender. This requirement does not apply to lists with fewer than three candidates.

14. Composition and role of the Board of Statutory Auditors

The composition of the Board of Statutory Auditors in post as at the close of the 2020 financial year is as follows:

President: Giacomo Bugna,
Standing Auditor: Franco Olivetti,
Standing Auditor: Marinella Monterumisi,

Alternate Auditor: Giuseppina Manzo,
Alternate Auditor: Alessandro Carducci Artenisio.

The present Board of Statutory Auditors was elected at the Ordinary Shareholders' Meeting of 19th March 2019 for the 2019, 2020 and 2021 financial years and its mandate will expire on the date on which the Shareholders' Meeting is convoked to approve the 2021 Annual Financial Statements.

Three lists of candidates were presented, deposited and published within the deadlines and in the manner laid down by the applicable provisions and by the Articles of Association for the election of the Board of Statutory Auditors at the Shareholders' Meeting of 19th April 2019; specifically:

List 1 (LA SCOGLIERA S.p.A.);
List 2 (Assogestioni) on behalf of the following group of investors:
- i. Arca S.G.R., manager of the fund Arca Economia Reale Equity Italia, Arca Economia Reale Bilanciato Italia 30;
- ii. Eurizon Capital S.G.R. S.p.A., manager of the Eurizon Pir Italia 30 funds, Eurizon Progetto Italia 20, Eurizon Progetto Italia 70, Eurizon Equities PMI Italia, Eurizon PIR Italia Actions and Eurizon Progetto Italia 40;
- iii. Eurizon Capital SA, Eurizon Fund-Equity Small Mid Cap Italy fund manager;
- iv. Fideuram Asset Management (Ireland), Fonditalia Equity Italy fund manager.
- v. Fideuram Investimenti SGR S.p.A., Fideuram Italia, PIR Piano Azioni Italia, PIR Piano Bilanciato Italia 50 and PIR Piano Bilanciato Italia 30 fund manager;
- vi. Interfund Sicav InterfundEquity Italy;
- vii. Generali Investiments Luxembourg S.A., GSmart PIR Evoluzione Italia, GSmart PIR Valore Italia and Gis European Eqty Recov fund manager;
- viii. Mediolanum Gestione Fondi SGR S.p.A., Mediolanum Flessibile Futuro Italia and Mediolanum Flessibile Sviluppo Italia fund manager.
List 3 (Preve Costruzioni S.p.A.).

As well as the lists, the following document were also deposited and published:

Certification attesting the ownership of shares in number sufficient for the presentation of a list and possible absence of the relationship of Article 147-ter of the TUF and 144-quinquies of the Issuer Regulation;
Declaration with which each candidate: accepts their candidacy for Standing or Alternate Auditor, attests that they meet the requirements of professionalism, integrity and independence envisaged by the applicable regulatory framework and the absence of causes of ineligibility and/or incompatibility; CV and list of offices held.

Table 8 shows the list of candidates, the list of those elected and the percentage of votes obtained with regard to voting capital, while Table 9 provides various information on the Board of Statutory Auditors for the financial year 2020.

List	List of Candidates	List of Candidates Elected	Percentage of votes obtained
1	Standing Auditors: Franco Olivetti Marinella Monterumisi Alternate auditors: Anna Maria Salvador Alessandro Carducci Artenisio	Standing Auditors: Franco Olivetti Marinella Monterumisi Alternate auditors: Alessandro Carducci Artenisio	67.04%
2	Standing Auditors: Giacomo Bugna Alternate auditors: Giuseppina Manzo	President: Giacomo Bugna Alternate auditors: Giuseppina Manzo	22.58%

Table 8

List	List of Candidates	List of Candidates Elected	Percentage of votes obtained
1	Standing Auditors: Franco Olivetti Marinella Monterumisi Alternate auditors: Anna Maria Salvador Alessandro Carducci Artenisio	Standing Auditors: Franco Olivetti Marinella Monterumisi Alternate auditors: Alessandro Carducci Artenisio	67.04%
3	Standing Auditors: Paolo Bifulco Alternate auditors: Giorgio Stefano Marcolongo		5.70%

Table 9

	Components		In office	First	List	Indep.	% particip.
Role		from	to	appointment date	(M/m)*	Code	BSA meetings**
President	Giacomo Bugna	19/04/2019	Approval of 2021 financial statements	2013	m	X	100
Standing Auditor	Franco Olivetti	19/04/2019	Approval of 2021 financial statements	2019	M	X	100
Standing Auditor	Marinella Monterumisi	19/04/2019	Approval of 2021 financial statements	2019	M	X	100
Alternate Auditor	Giuseppina Manzo	19/04/2019	Approval of 2021 financial statements	2019	m	X
Alternate Auditor	Alessandro Carducci Artenisio	19/04/2019	Approval of 2021 financial statements	2019	M	X
Quorum required for the presentation of the lists by minorities for the election of one or more members (pursuant to Article 147-ter TUF): 1%
No. of meetings held during the financial year of reference: 26

Notes:

* This column indicates the list from which each auditor was selected ("M": majority list; "m"; minority list).

** No. of presences/no. of meetings held during the effective time in office of the subject during the Financial Year.

The members of the Board of Statutory Auditors were found to meet the requirements set forth by the applicable regulations; the requirements of integrity, fairness, professionalism, skill and independence and compliance with the interlocking restriction were checked, on the occasion of the renewal of the body, by the Board of Directors on 9th May 2019.

Other than what is laid down by Article 148, paragraph 3 of the TUF and the Code, the assessment of the requirements of all corporate executive included the verification of the requirements based on the Applicable Regulatory Framework in relation to Requirements pursuant to Article 26 of the TUB, also checking the absence of any critical elements related to the criteria set forth by the Draft Decree on the requirements of integrity, fairness, professionalism, skill, independence and independence of judgement.

The personal and professional characteristics of each auditor (pursuant to Article 144-decies of the CONSOB Issuer Regulation), based on the statements provided by each of them and attached to the lists, and on any subsequent updates notified by those concerned, are summarised below.

President of the Board of Statutory Auditors – Giacomo Bugna

He acquired his experience at a leading auditing firm, providing both auditing and advisory services for financial institutions.

In 1997-1998, he was responsible for introducing the certification of financial statements at the Bank of Italy. From 2011, and until April 2014, he was a Member of the Board of the "Fédération des Experts-comptables Européens" (Federation of European Expert Accountants), which groups together the professional associations of the 27 EU Member States.

Standing Auditor - Franco Olivetti

Born in Venice on 6th May 1974, Qualified Auditor and Public Accountant, a member of the Order of Chartered Accountants and Expert Accountants of Venice since 2006, he is the proprietor of the Professional Firm Lex-Tax, with registered office in Treviso. A member of the Board of Directors, Auditor and Standing Statutory Auditors in corporations, financial companies and IPAB [Public Welfare Institutions], he performs his professional activities by providing consultancy on corporate and taxation matters, with skills and experience in the economic/financial restructuring and reorganisation of companies and in assignments for admissions to collective procedures.

Standing Auditor - Marinella Monterumisi

Qualified Auditor and Public Accountant in Rimini, she has been a member of the Order of Chartered Accountants and Expert Accountants of the province of Rimini since 1978.

Since that date, she has performing her professional activities through her own firm, providing consultancy on corporate and taxation matters, with specific skills in the industrial and manufacturing sector. She acts as Independent Technical Consultant and Party-Appointed Expert in arbitration procedures. She is a member of the Board of Directors of companies listed in the STAR segment, S.G. of Credit Institutions and corporations. Auditor and Standing Statutory Auditor in corporations, AIM listed companies, Public Bodies - Municipalities - Municipal Undertakings and Credit Institutions, she audits and controls the approach to taxation with regard to direct and indirect taxes, audit of accounts and financial statements in accordance with the instructions of the Italian Board of Professional Accountants and Auditors.

Alternate Auditor - Giuseppina Manzo

She graduated summa cum laude with a degree in Economy from the Università Bocconi and then went on to obtain the Executive Master in Corporate Finance & Banking from SDA Bocconi. Since 2006, she has worked for Partners S.p.A. where she consolidated her experience in professional consultancy on matters of financial statements and extraordinary finance, in particular handling audits of companies and shareholdings, providing her opinion on the financial statements and the application of accounting standards (OIC and IAS/IFRS), extraordinary transactions, technical consultancy. She is a Qualified Auditor and Public Accountant. Currently she holds the office of statutory auditor in companies of the industrial and service sectors.

Alternate Auditor - Alessandro Carducci Artenisio

An accountant in Milan, he specialises in extraordinary finance and crisis solutions. He is an associate professor at the LIUC University of Castellanza, giving courses on private Equity in cooperation with the AIFI [Italian Private Equity Venture Capital Association]. He was the founding partner of Teca Consulting, a Milan-based company that has been active for over twenty years.

He often golds office in bodies active in the financial sector on behalf of the Bank of Italy.

***

Below please find the division of the current members of the Board of Statutory Auditors by age group and gender.

During the financial year 2020, the Board of Statutory Auditors met 26 times (5 of which were joint meetings with the Risk Management and Internal Control Committee and 1 joint meetings with the Boards of Statutory Auditors of the subsidiaries); the meetings lasted for about 2 hours and 50 minutes on average. On the date of approval of this Report 7 meetings had been held, of which 2 were joint meetings with the Risk Management and Internal Control Committee; 22 meetings have been planned for 2021.

Diversity criteria and policies

The aims of the self-assessment process that the Board of Auditors undergoes on the assignment of its duties include that of checking the correct and effective functioning of the Body and its suitability in terms of composition, skills and professionalism.

The qualitative composition for average age and gender is good, including with regard to the statutory provision which states that at least one standing auditor and one alternate must belong to the least represented gender.

The self-assessment process also highlighted the suitability of professional skills and characteristics, as well as noting that the spread and diversification of skills are in line with the Bank's complexity and its activities.

The diversification of skills and professionalism enables Auditors to make an appropriate contribution to the activities of the Board of Statutory Auditors and promotes multiple approaches and perspectives to analysing problems and making decisions on which actions to carry out.

In this sense, the diversification of Board members' skills was believed to be mostly appropriate in relation to the their main activities, which include:

the internal control system;
the organisational and accounting structures;
the regulation of conflicts of interest;
the systems and procedures for the Bank's activities and operations.

During checks on whether the Auditors possess the professionalism, integrity and independence required of Directors and Auditors, differentiation of expertise was noted; it should also be noted that the independence requirement is subject to the obligation for individuals who perform control functions to be entered in the Register of Auditors (Article 3 of (It.) Ministerial Decree no. 161/98).

Taking all this into account, the Bank is not considering the adoption of additional and specific policies in relation to the diversity of the composition of the supervision body.

***

The criteria adopted correspond to the independence requirements set forth by the Corporate Governance Code and Article 148, paragraph 3 of the TUF; the positive results were notified to the Board of Directors, which informed the public by means of a communication to the market disseminated on the same date, i.e. on 19th April 2019.

The check of the continued presence of the independence requirements took place on 11th March 2020; the results of the check were notified to the Board on 12th March 2020 and, aside from the criteria mentioned above, all the criteria set forth by the Code with reference to directors' independence were applied.

The members of the Board of Statutory Auditors must meet the requirements of integrity and professionalism laid down by the Regulation adopted by decree of the (It.) Minister of Justice no. 162 of 30th March 2000, as well as the independence requirements set forth by (It.) Legislative Decree 58/1998 (TUF) and the Corporate Governance Code (Article 8).

The Board periodically checks the ability of its members to perform the functions of control body with professionalism, availability of time, and independence, as well as the Board's suitability in terms of powers, roles and composition, taking into account the size and complexity of the activities of Banca Ifis.

The remuneration of the Statutory Auditors is in line with the effort requested of them, with the importance of their role and with the company's size and structure.

In line with the provisions of the Corporate Governance Code and also pursuant to the provisions of Article 136, paragraph 1 of the TUB ("Obligations of banking officers"), if a Statutory Auditor, either directly or on behalf of a third party, has an interest in a particular transaction of the Issuer, they must inform the other Statutory Auditors and the President of the

Board of Directors promptly and exhaustively about the nature, terms, origin and extent of their interest. The Statutory Auditors also fall within the scope of the "Procedure to manage related-party transactions" outlined in Section 12.

To coordinate with the other stakeholders of the risk management and internal control system, the Board of Statutory Auditors liaised mostly, as set out by the Corporate Governance Code, with Internal Audit, whose Head normally attends the Board of Statutory Auditors meetings, as well as with the Appointments Committee and the Risk Management and Internal Control Committee and the Remuneration Committee.

In compliance with the requirements of Circular no. 285/2013 of the Bank of Italy (Section VII, Chapter 1, Heading IV, Part One), Table 10 shows the number and type of the assignments of the standing members of the Board of Statutory Auditors of Banca Ifis on the date this Report was approved, based on the information provided by them.

Table 10

POSTS HELD BY THE MEMBERS OF THE BOARD OF STATUTORY AUDITORS IN OTHER COMPANIES
	Management and control posts in the companies of Book V, Heading V, Chapters V, VI and VII of the (It.) Civil Code	Other posts		T O T
	BANKING GROUP Others				A
	E.	N.E.	E.	N.E.	E.	N.E.	L
Giacomo Bugna		2		2*			4
Franco Olivetti		1		3**		1	5
Marinella Monterumisi		2		5		8	15

E.: executive N.E.: non-executive

* Post of President of the Board of Statutory Auditors of Ifis Rental Services s.r.l and Member of the Board of Statutory Auditors of Ifis Real Estate S.p.A. belonging to the Banca Ifis (non-banking) group.

**Post of Standing Auditor of Ifis Real Estate S.p.A. belonging to the Banca Ifis (non-banking) group.

Table 11

Auditor	List of posts	Undertakings belonging to the Banca Ifis Group
		NO	Banking group	Non banking Group

Giacomo Bugna	President of the Board of Statutory Auditors of Cap.Ital.Fin. S.p.A. President of the Board of Statutory Auditors of Ifis Rental Services s.r.l.		X	X
	President of the Board of Statutory Auditors of Ifis Npl Investing S.p.A. Auditor of Ifis Real Estate S.p.A.		X	X
	Auditor of La Scogliera S.p.A.	X
	Auditor of Ifis Real Estate S.p.A.			X
Franco Olivetti	Auditor of Farbanca S.p.A. Auditor of Justlex Italia, a joint-stock law firm	X	X
	Alternate auditor of Cap.Ital.Fin. S.p.A.		X
	Statutory auditor/sole auditor of Atesina San Marco S.r.l.	X
	Director of MARR S.p.A. Alternate auditor of NEODECORTECH S.p.A	X X
	Auditor of Farbanca S.p.A.		X
	Alternate Auditor of Nuova Madonnina S.p.A. in liquidation	X
	Alternate Auditor of Solution Bank S.p.A.	X
	Auditor of Società Agricola Le Cicogne S.r.l.	X
	Auditor of Lugo Immobiliare S.r.l. - In liquidation	X
	Alternate Auditor of Justlex Italia, a joint-stock law firm	X
	Liquidator of Gestioni Cinematografiche - GE.CI di De Sarno Pignano
	Renato, Succi Massimo, Berti Ferruccio, Berti Flavio - S.n.c. (inactive	X
Marinella Monterumisi	company) President of the Board of Statutory Auditors of Promozione
	Alberghiera cooperative	X

List of posts	Undertakings belonging to the Banca Ifis Group
	NO	Banking group	Non banking Group

Bankruptcy trustee of Urru Aldo President of the Board of Statutory Auditors of Industrie Valentini	X
S.p.A.	X
Sole Auditor of SPES S.p.A.	X
Auditor of Pesaresi Giuseppe S.p.A. Partner and liquidator of Team Work di Miria and Marinella	X
Monterumisi S.n.c.	X
Liquidator of Immobiliare Appia s.a.s. di Daniele Bernhard President of the Board of Statutory Auditors of Finanziaria Valentini	X
S.p.A. Sole auditor of Rimini welcome - Destination Management Company	X
Società Consortile a r.l.	X
Alternate Auditor of Ifis Npl Investing S.p.A.		X
Auditor of Ifis Npl Servicing S.p.A.		X

15. Relations with shareholders

During the 2020 financial year, rebranding of Banca Ifis was carried out and a key point of the project was to harmonise the digital infrastructures in order to create a better experience for users who access the channels, as well as making services more easily accessible. The work makes it possible to easily find sections on its website which provide important information for shareholders, in order to enable them to exercise their rights in an informed manner. In particular, it is possible to find the related material under Corporate Governance and Investor Relations.

On 29th November 2018, Andrea Martino Da Rio was appointed as Head of Bank Ifis's Investor Relations department.

Since 2010, for the annual financial statements Banca Ifis has also created an interactive website, to make it possible for the public to use the economic/financial documentation. The sharing of financial subjects also foresees the sharing of the main performance indexes on the publication of the results of the financial year and of the quarterly results on the social network pages and profiles of Banca Ifis.

16. Shareholders' Meetings

The Shareholders' Meeting has adopted "Shareholders' Meeting Regulations", the current version of which was approved on 23rd April 2020, in order to allow the orderly and functional conduct of the Shareholders' Meetings, while guaranteeing, at the same time, the right of each shareholder to discuss the items on the agenda.

The "Regulations", which specify the maximum duration of individual contributions by attendees, their order, the voting procedure, the contributions of Directors and Statutory Auditors, and also the powers to settle and prevent the occurrence of conflicts of interest during Shareholders' Meetings, is available on the website www.bancaifis.it (in the section "Corporate Governance - Shareholders' Meetings").

The Shareholders' Meeting is, usually, chaired by the President of the Board of Directors; the Shareholders' Meeting may hear shareholders with voting rights who have sent to the Company, by the end of the third business day before that fixed by the first-call Shareholders' Meeting, the communication of the authorised intermediary, attesting their legitimation. The communication is made based on the evidence at the end of the seventh accounting day of open trading before the day set for the first-call Shareholders' Meeting.

This is subject to legitimate attendance and the exercising of the right to vote if such communication is received by the Company after the aforementioned deadline, providing this is before the start of the first-call Shareholders' Meeting works.

Anyone entitled to vote may be represented at the Shareholders' Meeting, pursuant to the law, by means of written proxy or proxy granted by electronic means.

Electronic notification of proxy may be made using the special form available on the Company website.

For each Shareholders' Meeting, as indicated in the convocation notice, the Company designates one or more individuals to whom the holders of voting rights can grant, following the methods established by applicable legislation and regulatory provisions, a proxy with voting instructions on all or some of the subjects on the agenda. The proxy is valid only with regard to the subjects for which voting instructions have been provided.

Majorities for the validity of resolutions and the drafting of the minutes are those established by legislation, applicable regulations, the Articles of Association and the Shareholders' Meeting Regulations.

All those who attend have the right to speak on each of the topics discussed. Those with rights may ask questions on the items on the agenda before the Shareholders' Meeting takes place, within the terms set out by current legislation and regulatory provisions and indicated in the convocation notice. Questions received before the deadline indicated in the notice will be answered, at the latest, during the Meeting. A single answer may be given to questions with the same content. Those who intend to speak must ask the President, by written request containing an indication of the topic to which the question refers, after the President has read out the agenda items and until the moment the President declares discussion of the related topic closed. As a rule, the President gives permission to speak according to the chronological order in which requests are submitted. If two or more requests are submitted simultaneously, the President gives permission to speak according to the alphabetical order of the requesters' surnames. The President can authorise the submission of requests to speak by a show of hands. In this case, the President gives permission to speak according to the alphabetical order of requesters' surnames. Members of the Board of Directors, the Board of Statutory Auditors and the Bank's general management, or that of other Group companies, as well as the representatives from the External Auditors and Company and Group personnel may all ask to join the discussion when the President deems it useful in connection with the topic to be discussed.

***

During the Ordinary Shareholders' Meeting held on 23rd April 2020, all members of the Board of Directors were present with the exception of the Chairman and the Directors Roberto Diacetti and Divo Gronchi, who were unable to attend. All members of the Board of Statutory Auditors were also present.

During the Shareholders' Meetings, the Chief Executive Officer, on behalf of the Board of Directors, makes himself available to report on the activity performed and planned by the Board, while observing the rules on inside information. The Board, including through reports made available to shareholders under the terms established by the TUF and through ongoing fine-tuning of the organisation of institutional communication via the website, is committed to ensuring that shareholders receive sufficient information on agenda items to enable them to take informed decisions on the resolutions proposed at Shareholders' Meetings.

During the Shareholders' Meeting held on 23rd April 2020, the shareholders received information from the President of the Remuneration Committee on the means by which the Committee performs its functions in the context of the Report on remuneration.

***

No changes to the control structure of Banca Ifis S.p.A. were made during the financial year.

The market capitalisation of shares recorded the following values at the beginning and end of the period:

Date	Share price	No. of shares making up the share capital	Capitalisation
Monday 30th December 2019	14.00	53,811,095	753.355.330
Wednesday 30th December 2020	9.17	53,811,095	493,447,741.2

The effects on capitalisation reflect the trends observed regarding Banca Ifis shares. There were no resulting assessments on the prerogatives intended to protect minority shareholders, who can designate the President of the Board of Statutory Auditors and one director and exercise company rights based on the large amount of information made available to investors and market operators.

17. Further corporate governance practices

No further committees have been appointed other than those described in the previous sections. Adoption of the Organisational Model pursuant to (It.) Legislative Decree no. 231/2001 is described in the third paragraph of Section 11.

In order to promote a corporate culture of lawfulness, characterised by correct behaviours founded on dignity and respect, the Bank has an internal system whereby employees can report any irregularities or infringements of relevant legislation and regulatory provisions and internal procedures (whistleblowing systems).

This system aims to contribute towards guaranteeing a working environment in which staff may report behaviour they deem illegitimate with peace of mind. The analysis and processing by the competent corporate structures protect confidentiality to prevent reprisals and the discrimination of the person making the report.

In compliance with the provisions of the regulations on personal data protection, the person responsible for the internal reporting systems drafts an annual report on the correct operation of the internal reporting systems, which contains aggregated information on the results of the activities performed subsequently to the reports received, which is approved by the corporate bodies and made available to the Bank's personnel. This system is also accessible from the "Corporate Governance" "The Value of Ethics" section of the Banca Ifis website.

18. Changes since the end of the reference financial year

It should be noted that at the end of 2020, precisely on 21st December, following agreements with the controlling shareholder of Banca La Scogliera S.p.A., the Chief Executive Officer Luciano Colombini announced in a press release his intention to step down as member of the board of directors and also as managing director, as from April 2021 in the Parent Company and from April 2022 in the subsidiaries in which he holds a role. For these reasons, La Scogliera reached the necessary agreements with Frederick Geertman to allow him to join the Board of Directors of Banca Ifis as of February and to be made Chief Executive Officer, subject to confirmation of his appointment to the Board during the Shareholders' Meeting which will be called to approve the Budget as of April 2021.

After the close of the 2020 financial year, the following significant events are reported which have already been made known to the market in press releases:

On 14th January 2021, the Director Divo Gronchi resigned, with immediate effect, from the office of Director and as a member of the Appointments Committee and the Supervisory Body of the Company. The Board of Directors, having acknowledged the resignation, resolved to appoint Monica Billio as a new member of the Appointments Committee and Beatrice Colleoni as a new member of the Supervisory Body.
On 11th February 2021, the Chief Executive Officer, Luciano Colombini, as already announced in December, resigned from the role of Chief Executive Officer and from the position of director of Banca Ifis to take on new professional challenges. The termination of the office will take place at the end of the Shareholders' Meeting held in April to deliberate on the Financial Statements.

Banca Ifis | Report on Corporate Governance and Shareholding Structure 2020

AI Terminal

Banca Ifis

4153_cgr_2021-03-31_cc0af2ef-55d3-494e-b69e-e5000a841c04.pdf

Report on corporate governance and ownership structures

2020

Summary

Civil Code 4.4. Delegated bodies

Glossary

1. Profile of the Issuer

Profile and structure

Shareholders

Corporate governance model

Shareholders' Meeting

For more information on the Shareholders' Meeting, please see Section 16

Board of Directors

For more information on the Board of Directors please see Section 4

Board committees

For more information on the Board Committees please see Section 6

Board of Statutory Auditors

2. Information on ownership interests as at 31st December 2020

2.1 Structure of the share capital

Table 1

2.2 Restrictions on the transfer of titles

2.3 Relevant equity investments

Table 2

2.4 Titles that confer special rights

2.5 Employee ownership scheme: a mechanism for the exercise of voting rights

2.6 Restrictions to voting rights

2.7 Agreements between shareholders

2.8 Change of control clauses and takeover-related provisions of the Articles of Association

2.9 Proxies for increase of the share capital and authorisations for the acquisition of treasury shares

2.10 Management and administration activities

3. Compliance

4. Board of Directors

4.1 Appointment and replacement

Succession plans

4.2 Composition

Table 3

Table 4

President of the Board of Directors - Sebastien Egon Fürstenberg

Vice-President - Ernesto Fürstenberg Fassio

Chief Executive Officer - Luciano Colombini

Director – Frederik Geertman

Director - Daniele Santosuosso

Director - Simona Arduini

Director - Monica Billio

Director - Antonella Malinconico

Director - Roberto Diacetti

Member of the Board of Directors - Riccardo Preve

Director - Beatrice Colleoni

Director - Luca Lo Giudice

Diversity criteria and policies

Maximum number of posts held in other companies

Table 6.

Induction Programme

4.3 Role of the Board of Directors

Meetings and operation

Tasks

Self-assessment

Civil Code 4.4. Delegated bodies

Chief Executive Officers

Chairman of the Board of Directors

Information to the Board

4.5. Other Executive Directors

4.6. Independent Directors

4.7. Lead Independent Director

5. Processing corporate information

6. Internal Board Committees

7. Appointments Committee

Composition and role of the Appointments Committee

Duties of the Appointments Committee

8. Remuneration Committee

9. Directors' Remuneration

10. Risk Management and Internal Control Committee

Composition and role of the Risk Management and Control Committee

Duties of the Risk Management and Internal Control Committee

11. Risk management and internal control system

a. Key characteristics of the current risk management and internal control systems in relation to the financial reporting process

a.1. Introduction

a.2. Description of key characteristics of the current risk management and internal control systems in relation to the financial reporting process (the "System")