REPORT ONCORPORATEGOVERNANCE ANDOWNERSHIPSTRUCTURES

Pursuanttoart.123-bisoftheCFA (traditionaladministrationandcontrolmodel)

2017

Approvingdate:6thMarch2018

www.bancaifis.it

BancaIFISS.p.A-RegisteredofficeinViaTerraglio63,30174Mestre,Venice-RegistrationnumberintheCompanies RegisteredofVeniceandTaxCode02505630109-VATnumber02992620274-REA(AdministrativeEconomicIndex) number:VE-0247118-Fullypaid-upsharecapitalEuro53.811.095-RegistryofBanksno.5508-ParentCompanyof theBancaIFISBankingGroupS.p.A,enrolledintheregistryofBankingGroups-MemberoftheInterbankDeposit ProtectionFund,oftheItalianBankingAssociation,oftheItalianFactoringAssociation,ofFactorsChainInternational. MemberoftheNationalCompensationFund.

	Glossary 3
1.	Issuer profile 4
	Governance 4
	Mission 6
	Corporate social responsibility 6
2.	Information on the shareholding structure (as per Article 123-bis, para. 1, CFA/TUF) 7
	a) Structure of share capital (as per Article 123-bis, para. 1, letter a), CFA/TUF) 7
	b) Restrictions on the transfer of shares (as per Article 123-bis, para. 1, letter b), CFA/TUF) 7
	c) Significant shareholdings (as per Article 123-bis, para. 1, letter c), CFA/TUF) 8
	d) Shares granting special rights (as per Article 123-bis, para. 1, letter d), CFA/TUF) 8
	e) Employee shareholdings: mechanism for exercising voting rights (as per Art. 123-bis, para. 1, letter e), CFA/TUF) 8
	f) Restrictions on voting rights (as per Article 123-bis, para. 1, letter f), CFA/TUF) 8
	g) Shareholder agreements (as per Art. 123-bis, para. 1, letter g), CFA/TUF) 9
	h) Change-of-control clauses (as per Article 123-bis, para. 1, letter h), CFA/TUF) and statutory provisions on takeover bids (as per Articles 104, para. 1-ter, and 104-bis, para. 1) 9
	i) Delegations of power to increase share capital and authorizations to buy treasury shares (as per Article 123-bis, para. 1, letter m), CFA/TUF) 9
	l) Management and coordination activity (as per Article 2497 et seq, Italian Civil Code) 9
3.	Compliance (as per Art.123-bis, para. 2, letter a), CFA/TUF) 10
4.	Board of Directors 10
	4.1. Appointment and substitution (as per Article 123-bis, para. 1, letter l), CFA/TUF) 10
	4.2. Composition (as per Article 123-bis, para. 2, letter d), CFA/TUF) 12
	4.3. Role of the Board of Directors (as per Article 123-bis, para. 2, letter d), CFA/TUF) 19
	4.4. Delegated Bodies and Officers 24
	4.5. Other Executive Directors 26
	4.6. Independent Directors 27
	4.7. Lead Independent Director 27

5. Processing of corporate information 28
5.1 Adopted definitions 29
5.2 Internal management and external communication of Privileged Information, Delayed Privileged Information and Systemically Important Privileged Information. 30
5.3 Internal management and external communication of Obligatory Information (other than Privileged Information) 31
5.4 Meetings with the financial community 31
6. Internal Board Committees (as per Article 123-bis, para. 2, letter d), CFA/TUF) 32
7. Appointments Committee 32
8. Remuneration Committee 34
9. Directors' Remuneration 34
10. Risk Management and Internal Control Committee 34
11. Risk Management and Internal Control System 37
11.1. Head of the Risk Management and Internal Control System 43
11.2. Head of Internal Audit 43
11.3. Organisational Model as per Italian Legislative Decree no. 231/2001 46
11.4. External Auditor 48
11.5. Financial Reporting Officer responsible for preparing company accounts and other roles and company functions 49
11.6. Coordination between parties involved in the Risk Management and Internal Control System 50
12. Directors' interests and related-party transactions 51
13. Appointment of Statutory Auditors 52
14. Composition and functioning of the Board of Statutory Auditors (as per Article123-bis, para. 2, letter d), CFA/TUF) 55
15. Relations with shareholders 59
16. Shareholders' Meetings (as per Article 123-bis, para. 2, letter c), CFA/TUF) 59
17. Further corporate governance practices (as per Article 123-bis, para. 2, letter a), CFA/TUF) 62
18. Changes since the end of the financial year 62
19. Considerations on the letter of 13 December 2017 from the President of the Corporate Governance Committee 62

Tables	57
TABLE 1: STRUCTURE OF THE BOARD OF DIRECTORS AND ITS COMMITTEES 57
TABLE 2: POSITIONS HELD BY MEMBERS OF THE BOARD OF DIRECTORS IN OTHER COMPANIES 58
TABLE 3: STRUCTURE OF THE BOARD OF STATUTORY AUDITORS 59
TABLE 4: POSITIONS HELD BY THE MEMBERS OF THE BOARD OF STATUTORY AUDITORS IN OTHER COMPANIES 60

Glossary

Code/Corporate Governance Code: the Corporate Governance Code of listed companies approved in July 2015 by the Corporate Governance Committee and promoted by Borsa Italiana S.p.A., ABI, Ania, Assogestioni, Assonime and Confindustria.

Cod. civ./c.c. Italian Civil Code.

Board: the Issuer's Board of Directors.

Issuer: the issuer of securities to which this report refers.

Financial year: the company's financial year to which this report refers.

Consob Issuer Regulations: regulations issued by Consob [Italian Securities and Exchange Commission] with resolution no. 11971 of 1999 (as amended) in respect of issuers.

Consob Market Regulations: regulations issued by Consob with resolution no. 16191 of 2007 (as amended) in respect of markets.

Consob Related Parties Regulations: regulations issued by Consob with resolution no. 17221 of 12 March 2010 (as amended) concerning related-party transactions.

Report: the report on corporate governance and company shareholding structure that companies are required to prepare pursuant to Article 123-bis of CFA/TUF.

CFA/TUF: Italian Legislative Decree no. 58 of 24 February 1998 (in English: Consolidated Finance Act/in Italian: 'Testo Unico della Finanza' – TUF).

CBA/TUB: Italian Legislative Decree no 385/1993 of 1 September 1993, implementing EU Directive 1989/646/EC (in English: Consolidated Banking Act/in Italian "Testo Unico Bancario" – TUB).

1. Issuer profile

Governance

Banca IFIS is the Parent Company of the Banca IFIS Banking Group and applies the traditional model of administration and control, believing it to be the most suitable way to ensure efficient management and effective controls.

For Banca IFIS, the traditional model of administration and control has so far yielded excellent results in terms of value creation for shareholders, strengthening of capital and financial balance. The presence of minority shareholders within the Corporate boards, thanks to the slate vote mechanism included for some time in the Articles of Association, the growing capacity to provide financial support for SMEs and to bring insolvent individuals back into the fold of solvent borrowers and potential borrowers of new credit, as well as the steady growth in the number of employees complement the Group's ability to meet the expectations of its stakeholders. The stability of the Bank and of the Group, which is also evident from the overall fruitful dialogue with the Supervisory Authorities, has, in turn, confirmed the choice of the traditional model.

Ultimately, the traditional model appears to be the most suitable to promote a harmonious and orderly development of the Group, as it places the skills relating to strategic supervision, management and control within a structure that has so far proved effective and efficient, facilitating clear definition of responsibilities, a streamlined decision-making process and an effective dialogue between the bodies themselves.

In the model applied by Banca IFIS:

Strategic supervision is performed by the Board of Directors;
The management function has been assigned to the CEO. The General Manager also performs management functions;
Control is performed by the Board of Statutory Auditors.

Today, the overall structure of corporate governance is represented as follows:

Regarding the Bank of Italy's supervisory provisions on corporate governance (circular no. 285 of December 17, 2013 (as amended), Banca IFIS falls into the category of larger or operationally complex banks trading as a listed company.

In 2017, IFIS Factoring S.r.l. and Interbanca S.p.A., acquired the previous year from the GE Capital Interbanca Group, were merged for incorporation into the Parent Company. On 5th December, the company IFIS NPL S.p.A. was formed and, on 2 nd February 2018, the process to acquire Cap.Ital.Fin S.p.A. was concluded.

Therefore, the Banking Group is currently made up of:

Parent Company Banca IFIS;
IFIS Finance Sp. z o.o., a finance company pursuant to Polish law, already 100% controlled by Banca IFIS;
IFIS Leasing S.p.A., a finance company pursuant to Article 106 of CBA/TUB specialising in Financial Leasing, 100% controlled by Banca IFIS, which will be merged with Banca IFIS in 2018;
Cap.Ital.Fin. S.p.A., a finance company pursuant to Article 106, CBA/TUB, specialising in salary-backed loans, 100% controlled by Banca IFIS S.p.A.

Banca IFIS also controls a non-financial company specialising in operational leasing, IFIS Rental Services S.r.l., which is not included within the scope of the Banking Group, as shown in the figure below:

On 5th December 2017, IFIS NPL S.p.A. was also established, a wholly-owned subsidiary of Banca IFIS S.p.A.; the new company will be registered in the Companies Register following the authorization by the Bank of Italy to grant financing pursuant to Bank of Italy Circular no. 288/2015. In consideration of this, the positions held by the members of the Board of Banca IFIS in IFIS NPL were not considered for completing Tables 2, 3 and 4 of this Report.

On 3rd January 2018 the binding agreements for the acquisition of a controlling interest in Credifarma S.p.A. were also signed with Federfarma, Unicredit and BNL - Gruppo Paribas.

Mission

The Banking Group's activities are currently conducted in the following business areas:

financial support, principally to SMEs, through factoring activities conducted in Italy and abroad, carried out both through the Parent Company's internal structures (International Area) and through the subsidiary, IFIS Finance;
leasing: with the acquisition of the ex Interbanca Group, Banca IFIS has also entered the financial leasing (managed by IFIS Leasing) and operational leasing (managed by IFIS Rental Services) markets, with particular reference to the transportation, instrumentation and technology sectors;
corporate banking (managed by Banca IFIS), aimed at supporting companies over the course of developing internal or external business lines and, in particular, in extraordinary operations aimed at repositioning, expanding, and/or developing alliances or integrations;
outright purchase, which mainly concerns receivables claimed against Italian National Health Service suppliers and through the packaging of solutions proposed to pharmacists, which include instalment financing for the consolidation of current loans;
the non-recourse purchase of non-performing loans (due almost exclusively from individuals) from other intermediaries (mainly consumer credit companies and banks) and management of the associated credit value chain, from assisting borrowers in drawing up sustainable repayment plans through a variety of communication channels (call centre, professional agents and external debt collection companies) to the collection of such loans (also through enforced recovery where borrowers have the economic, financial and asset resources to be able to pay but are unwilling to do so);
purchase and management of tax receivables;
retail financing through INPDAP or INPS pension-backed loans, salary-backed loans (for public, state or private employees) and salary deductions;
online retail savings and deposits developed through the Rendimax savings account and the Contomax current account; although these tools do not represent a specific business line for the bank, they are fully entitled to be classified among the Bank's operational segments thanks to the type of activity involved and the size of the savings and deposits.

In June 2016, the Bank was also authorised to carry out investment services and activities pursuant to Article 19, paragraph 4, of the CFA/TUF.

Complementary to these activities are activities related to corporate treasury whose contents, even those that are occasionally significant, do not change the Banking Group's mission described above.

Corporate social responsibility

The Bank introduced its Code of Ethics following the Board resolution passed on 4 July 2003 and last updated on 22 September 2016. This Code states the rights, duties and responsibilities of the Group's components regarding all parties with whom they have dealings to accomplish their corporate purpose (customers, borrowers, suppliers, employees and/or external collaborators, shareholders, supervisory bodies, institutions). It is therefore a directive with rules of conduct that must be kept in mind when carrying out daily operations, in compliance with the legislation and regulations in force in the countries where the Group operates. The Code establishes standards and rules of conduct designed to reinforce corporate decision-making processes and guide the conduct of all collaborators of the Group's companies.

The Code of Ethics requires consistent behaviour from management and other collaborators, i.e. actions which do not, even if only in spirit, differ from corporate ethical principles. Each Collaborator must respect the rules contained in this Code of Ethics during their activities.

The Code of Ethics also aims to contribute to greater cohesion among Group Collaborators, making them aware and attentive, within their functions and responsibilities, in pursuing, in different situations, business objectives with correct and fair methods.

Finally, the Code of Ethics assumes that working in an environment that gives equal value to propriety contributes to the growth of the working capacity of the individual and the company.

The document is available on the company website www.bancaifis.it in the "Corporate Governance/The value of ethics" section.

2. Information on the shareholding structure (as per Article 123-bis, para. 1, CFA/TUF)

a) Structure of share capital (as per Article 123-bis, para. 1, letter a), CFA/TUF)

At 31 December 2017, the issued and fully paid-up share capital is equal to € 53,811,095.00, divided into 53,811,095 ordinary shares with a nominal value of € 1, as shown in the table below:

STRUCTURE OF SHARE CAPITAL	No. of shares	% of share capital	Listed (market) / unlisted	Rights and obligations
Ordinary shares	53,811,095	100%	Listed (on MTA Milan electronic equity market)	Each ordinary share confers the right to one vote

At 31th December 2017, there were no other financial instruments issued that attribute the right to subscribe to newly issued shares.

For the shares to be allocated as variable remuneration to the CEO, to the General Manager and to any other person considered as 'key personnel', please refer to the remuneration report under Article 123-ter of the CFA/TUF and the information document on equity-based remuneration plans as per Articles 114-b of the CFA/TUF and 84-b of the Issuer's Regulations. These documents are available on our website www.bancaifis.it in the "Shareholders' Meetings" and "Remuneration" sections.

b) Restrictions on the transfer of shares (as per Article 123-bis, para. 1, letter b), CFA/TUF)

There are no restrictions on the transfer of shares, except for the retention periods set out for shares allocated as variable remuneration to the CEO, to the General Manager and to "key

personnel". For more details on the shares to be assigned to these Corporate Officers, please refer to the remuneration report prepared as per Article 123-ter of the CFA/TUF.

c) Significant shareholdings (as per Article 123-bis, para. 1, letter c), CFA/TUF)

As at 31/12/2017, based on communications issued pursuant to Article 120 of the CFA/TUF and communications issued by relevant entities pursuant to Article 152-octies of the Issuers' Regulations stated that the entities shown in the table below possess, directly or indirectly, shares with voting rights representing more than 3% of share capital:

Declarant	Direct Shareholder	% of ordinary share capital	% of voting capital
FÜRSTENBERG SEBASTIEN EGON	La Scogliera S.p.A.	50.114%	50.114
BOSSI GIOVANNI	Bossi Giovanni	3.443%	3.443

On 8th February, Banca IFIS's and La Scogliera S.p.A.'s Boards of Directors have approved the draft merger plan for incorporating La Scogliera S.p.A. into Banca IFIS S.p.A. The transaction is aimed at rationalising corporate assets and the control chain as well as improving the regulatory ratio resulting from La Scogliera's minorities ceasing to affect the Bank's asset coefficients. This would be a significant advantage for the Banking Group led by Banca IFIS, of which La Scogliera holds 50.114%, and therefore also for the La Scogliera's shareholders.

Regarding the Bank of Italy's delay in issuing authorisation and the consequent completion of the transaction, forecasted for June 2018, it is appropriate to point out that:

the activity of the investment holding company La Scogliera S.p.A. is limited to holding its only significant equity investment – the controlling interest in Banca IFIS S.p.A.;
even though it is the majority shareholder, La Scogliera S.p.A. does not perform any management and coordination activity vis-à-vis Banca IFIS S.p.A.;
La Scogliera S.p.A.'s corporate purpose expressly excludes management and coordination of the financial companies and banks in which it owns equity interests.

d) Shares granting special rights (as per Article 123-bis, para. 1, letter d), CFA/TUF)

No shares have been issued that grant special control rights.

e) Employee shareholdings: mechanism for exercising voting rights (as per Art. 123-bis, para. 1, letter e), CFA/TUF)

Any employees holding shares of the Company exercise their shareholder rights in the same ways as other shareholders.

f) Restrictions on voting rights (as per Article 123-bis, para. 1, letter f), CFA/TUF)

There are no restrictions on the Company's voting rights.

g) Shareholder agreements (as per Art. 123-bis, para. 1, letter g), CFA/TUF)

The Board of Directors of Banca IFIS S.p.A. knows of no agreements between the Company's shareholders as defined by Article 122 of the CFA/TUF.

h) Change-of-control clauses (as per Article 123-bis, para. 1, letter h), CFA/TUF) and statutory provisions on takeover bids (as per Articles 104, para. 1-ter, and 104-bis, para. 1)

Neither Banca IFIS S.p.A. nor its subsidiary companies have concluded significant agreements that take effect, are modified or lapse if change of control of the contractual party occurs.

Banca IFIS S.p.A.'s Articles of Association do not contravene the passivity rule laid down by Article 104, paragraphs 1 and 2, of CFA/TUF nor do they envisage the application of the neutralisation rules laid down by Article 104-bis, paragraphs 2 and 3, of CFA/TUF.

i) Delegations of power to increase share capital and authorizations to buy treasury shares (as per Article 123-bis, para. 1, letter m), CFA/TUF)

As at 31st December 2017, the Board was not empowered to increase share capital pursuant to Article 2443 of the Italian Civil Code, i.e. to issue equity securities.

The Ordinary Shareholders' Meeting of 21 st April 2017 has not authorised the purchase of treasury shares, pursuant to Articles 2357 et seq. of the Italian Civil Code and Article 132 of Italian Legislative Decree 58/98.

l) Management and coordination activity (as per Article 2497 et seq, Italian Civil Code)

Even though it is the majority shareholder, La Scogliera S.p.A. does not perform any management and coordination activity in Banca IFIS S.p.A. In this regard, as already mentioned, it is noted that the corporate purpose of La Scogliera S.p.A. expressly excludes management and coordination of the financial companies and banks in which it owns equity interests.

Note that:

the information required by Article 123-bis, paragraph 1, letter i) ("agreements between the Company and its Directors … entailing indemnities in the event of resignation or dismissal without just cause or if the employment relationship ceases following a takeover bid"), can be found in the remuneration report published pursuant to Article 123-ter of CFA/TUF;
the information required by Article 123-bis, paragraph 1, letter l) ("rules applicable to the appointment and substitution of Directors … as well as any amendment of the Articles of Association, if different from additional legislative and regulatory rules applicable"), are illustrated in the section of this report dedicated to the Board of Directors (Section 4.1).

Please also note the information in section c) "Significant shareholdings regarding the merger to incorporate La Scogliera S.p.A. into Banca IFIS S.p.A." for 2018.

3. Compliance (as per Art.123-bis, para. 2, letter a), CFA/TUF)

Banca IFIS S.p.A. complies with the Corporate Governance Code of listed companies approved in 2006 by the Corporate Governance Committee and promoted by Borsa Italiana S.p.A., last updated in July 2015.

The Code is available to the public on the Corporate Governance Committee's website at the following link:

http://www.borsaitaliana.it/borsaitaliana/regolamenti/corporategovernance/codice2015.pdf.

Banca IFIS's Corporate Governance structure is not influenced by non-Italian laws.

IFIS Finance Sp. z o.o., a factoring company wholly owned by the Issuer, is a Polish legal entity and is therefore subject to Polish legislation. This, however, also because of the subsidiary's limited size in relation to the Parent Company, in no way affects Banca IFIS S.p.A.'s Corporate Governance structure.

4. Board of Directors

4.1. Appointment and substitution (as per Article 123-bis, para. 1, letter l), CFA/TUF)

Members of the Board of Directors are appointed based on lists presented by shareholders. Candidates are listed in sequential order and their number must not exceed the maximum number of Members established by the Articles of Association (fifteen).

Only shareholders who, alone or together with others, own at least 1% of ordinary shares at the time of submission have the right to submit lists. A lower ownership threshold is possible and – as per current legislation – must be indicated in the notice convening the Shareholders' Meeting called to vote to appoint the Board of Directors.

A shareholder can neither submit nor vote for more than one list, not even via agents or fiduciary companies. Shareholders belonging to the same group and shareholders forming part of a shareholder agreement concerning the Company's shares cannot submit or vote for more than one list, not even via agents or fiduciary companies. A candidate may only appear on one list or they are considered ineligible.

Lists must be submitted to the Company's registered office at least twenty-five days prior to the date set for the Shareholders' Meeting in first call, and must be made available to the public at the Company's registered office, on the Company's website and according to other methods provided for by regulations in force at least twenty-one days prior to the date set for the Shareholders' Meeting in first call.

Ownership of the minimum number of shares needed for presentation of the lists is determined by taking into account the shares recorded in favour of the individual shareholder or multiple shareholders jointly on the day in which the lists are submitted to the Company. To substantiate the ownership of the number of shares necessary for presentation of the lists, shareholders may exhibit the relevant certification, even after submission of the lists, provided this is within the term set for publication of the lists by the Company.

The lists must be accompanied by:

information regarding the identity of shareholders who have presented lists, stating the percentage of shares held;

a declaration by shareholders other than those who own, singly or jointly, a controlling or significant majority interest, certifying the absence of connections with the latter, as indicated in Article 147-ter of CFA/TUF and Article 144-quinquiesdecies of Consob's Issuers' Regulations;
comprehensive information on candidates' personal and professional characteristics, as well as a declaration by the candidates themselves certifying possession of the requirements established by law and acceptance of their candidacy.

Candidates who do not meet the requirements of integrity, professionalism and independence established by Article 26 of Italian Legislative Decree no. 385/1993 cannot be included in the list. Please note that Italian Legislative Decree 72/2015 initiated a comprehensive reform of the regulations of the requirements of corporate officers, intended to integrate the objective requirements of integrity and professionalism with criteria of competence and propriety that will be incorporated in secondary legislation to be issued by the Ministry of Economy and Finance. As of the date of this report, the new legislation has not been defined by the Ministry.

Each list must also indicate:

at least a quarter of the members (if this ratio is not an integer, round it down to the next lowest whole number if the first decimal is less than or equal to 5; otherwise round it up to the next highest whole number) that meet the independence obligations provided for both by the Corporate Governance Code of listed companies required by Borsa Italiana S.p.A. and by Article 148, paragraph 3 of Italian Legislative Decree no. 58/1998. These candidates must be the first four names on the list in ascending order;
at least a third of the list must be made up of candidates representing the least represented gender, except for lists containing fewer than three candidates.

Board Members are elected as follows:

1) all Directors except one are elected from the list obtaining the highest number of votes at the Shareholders' Meeting, according to the ascending order in which they are indicated on the list,
2) one Director is elected from the list obtaining the highest number of votes at the Shareholders' Meeting that, as per Article 147-ter, paragraph 3 of CFA/TUF, is in no way connected, not even indirectly, with the shareholders who submitted or voted for the list that came first in terms of the number of votes.

Should this selection criterion fail to ensure proper balance in size of shareholding to the extent established on a case by case basis by Law, a sliding mechanism is applied to the selection from the list which obtained, during the Shareholders' Meeting, the highest number of votes based on the ascending order in which the candidates are indicated. This mechanism excludes the candidate or candidates of the most represented type of shareholding and reselects the candidate or candidates of the unrepresented type.

If just one list of candidates is submitted, the names indicated on that list will be elected as Members of the Board of Directors, up to the number of Directors to be elected less one, who shall be elected by the Shareholders' Meeting there and then, based on a simple majority but excluding from the vote the shareholders who submitted the single list, and based on the proposal of the shareholders not excluded from the right to vote.

In any case, at least a quarter of the Members of the Board of Directors must meet the independence requirements established both by the Corporate Governance Code for Listed Companies required by Borsa Italiana S.p.A. and by Article 148, paragraph 3 of Italian Legislative Decree no. 58/1998.

If, during the year, fewer than a quarter of the Directors are found to meet such requirements, the Board will decide to terminate the role of one or two of its Members who have ceased to meet such requirements, based on the criterion of shorter tenure, or, in the case of equal tenure, lower age, and will co-opt one or two independent Members.

Existing legislation, without the involvement of slate voting, shall govern any replacement of Board members, except in cases involving the termination of all Directors.

In the event of cessation of the Director elected from the list that obtained the highest number of votes at the Shareholders' Meeting and that, as per Article 147-ter, paragraph 3 of CFA/TUF is in no way connected, not even indirectly, with the shareholders who submitted or voted for the list that came first in terms of number of votes, the Board will first check the continued availability of the candidates listed in the list, according to the latter's ascending order, and will co-opt Members based on this criterion of preference.

In case of termination of a Director belonging to the least represented shareholding, the co-opted Director shall in any event belong to the same type of shareholding.

Succession Plans

Our reflections on governance during 2017 led the Board to confirm the decision not to adopt a plan for the succession of Executive Directors, also in light of the interchangeability between the CEO and the General Manager for ordinary management purposes.

4.2. Composition (as per Article 123-bis, para. 2, letter d), CFA/TUF)

As per the Company's Articles of Association, the Board of Directors is composed of a minimum of five up to a maximum of fifteen members, elected by the Shareholders' Meeting. They remain in office for a maximum of three years, established at the moment of election and expiring on the date of the Shareholders' Meeting called to approve the Annual financial statements for their last year of office.

The composition of the Board in office as at the end of 2017, as also shown in Table 1 attached to this report, is as follows:

Sebastien Egon Fürstenberg (President of the Board of Directors);
Alessandro Csillaghy de Pacser (Vice President of the Board of Directors; Executive Director);
Giovanni Bossi (CEO);
Giuseppe Benini (Independent Director, Lead Independent Director);
Francesca Maderna (Independent Director);
Antonella Malinconico (Independent Director);
Marina Salamon;
Riccardo Preve;
Daniele Santosuosso (Independent Director).

The present Board of Directors was elected at the Ordinary Shareholders' Meeting of 22 March 2016 for the years 2016, 2017 and 2018 and will expire on the date in which the Shareholders' Meeting called to approve the Annual financial statements for the year 2018 takes place.

A list of candidates was presented by the majority shareholder "LA SCOGLIERA S.p.A." and a proposal for the appointment of a member of the Board of Directors in the guise of Prof. Daniele Santosuosso from "Studio Legale Trevisan & Associates" on behalf of the following group of investors:

Arca S.G.R., manager of the fund Arca Economia Reale Equity Italia;
Eurizon Capital S.G.R. S.p.A., manager of the funds Eurizon Azioni Italia and Eurizon Azioni PMI Italia;
Eurizon Capital SA, manager of the funds Eurizon EasyFund-Equity Italy LTE and Eurizon EasyFund-Equity Italy;
Fideuram Asset Management (Ireland), manager of the fund Fonditalia Equity Italy.

The Group of shareholders, whose overall shareholding in the Bank was equivalent to 0.38%, confirmed the absence of affiliations and/or significant relationships with shareholders who hold, singly or jointly, controlling or significant majority stakes as set out in Article 147-ter, paragraph 3, CFA and 144-quinquiesdecies of the Issuer Regulations approved by resolution 11971/99 and, more generally, the Articles of Association and current legislation.

The list of candidates, the list of those elected and the percentage of votes obtained in relation to voting capital are shown below:

	List of candidates	List of those elected	Percentage of votes obtained
List submitted by the majority shareholder 'LA SCOGLIERA S.p.A.'	Sebastien Egon Fürstenberg Giuseppe Benini Francesca Maderna Antonella Malinconico Alessandro Csillaghy de Pacser Giovanni Bossi Riccardo Preve Marina Salamon Marzia Scarpa	Sebastien Egon Fürstenberg Giuseppe Benini Francesca Maderna Antonella Malinconico Alessandro Csillaghy de Pacser Giovanni Bossi Riccardo Preve Marina Salamon	97.88%
Proposed for appointment by "Studio Legale Trevisan & Associates" on behalf of a group of investors (total shareholding 0.38%)	Daniele Santosuosso	Daniele Santosuosso	97.11%

Diversity policies

The Board of Directors, on the occasion of its renewal, has invited shareholders to consider, for the purposes of presenting lists of candidates, the Board's needs in terms of skills and competencies (also managerial), deemed necessary for an optimal composition of the Strategic Supervisory Body, as shown in the report on "Optimal Qualitative and Quantitative Composition of Banca IFIS's Board of Directors" approved by the Board of Directors on 2nd February 2016 and made available at the registered office, at "Borsa Italiana S.p.A." and the authorised storage mechanism , and the Company's website; this document will be updated annually to support the self-assessment carried out by the Directors.

The selection of members ensures the diversity of the Board, ensuring the Body has an adequate degree of diversification in terms of skills, which must be spread and diversified from both a

managerial and technical perspective (legal, accounting, tax, financial, risk management and control, corporate governance, IT processes, business organisation and human resources).

To ensure a successful internal assessment and to contribute to decision making in the Bank's interests, members of the Board of Directors have more specific skills and experiences, attributable to the Bank's many types of operations.

The correct performance of duties entrusted to the strategic supervisory body requires individuals who:

are fully aware of the powers and obligations attached to the duties that each member is required to carry out (executive and non-executive duties, independent members, etc.);
have a level of proficiency that is appropriate for their role, including for any internal committees within the Board, and adjusted to the operating characteristics and size of the Bank;
have skills that are different from yet complementary to those of the other members, in order to ensure that each member contributes, with the other members, within committees they are a part of and in collective decisions, to identify and pursue suitable strategies and to assure effective risk management in all areas of the Bank;
dedicate sufficient time and resources to the complexity of their duties, respecting the aggregate limits of the duties;
address their actions to the pursuit of the Bank's overall interest, independently from the shareholding structure that voted for them or from the list from which they are drawn;
guarantee operational and judgmental independence.

These skills are monitored annually through the self-assessment process, which requires each Director to judge their own level of technical–regulatory skills in relation to the Bank's business and any other subjects deemed necessary considering the Bank's activities.

The Bank is also aware that an appropriate degree of diversification in terms of age, gender and geographic origin, gives a plurality of approaches and perspectives in analysing problems and taking decisions, avoiding the risk of behaviour that individuals take up positions in name only, both within and outside the Bank.

To this end, the adopted Board member selection process protects and promotes diversity beginning with nomination, where the slate vote mechanism governed by the Articles of Association ensures the presence of at least one Director from minority shareholdings and compliance with regulatory provisions on the number of candidates from the least represented gender. As already mentioned, at least a third of the Board of Directors must be made up of candidates from the least represented gender, but the ideal composition of Banca IFIS's Board of Directors, considering statutory requirements and relevant legislation, provides for at least three members of the least represented gender.

As a result, the Bank does not consider it necessary to adopt additional specific diversity policies relating to the composition of the strategic supervisory body.

Below we show a summary of the personal and professional characteristics of each Director in office as at the end of 2017 (pursuant to Article 144-decies of Consob's Issuers' Regulations) based on the declarations provided by each of them and attached to the lists, as well as any subsequent updates notified by those concerned.

President of the Board of Directors – Sebastien Egon Fürstenberg

Mr. Sebastien Egon Furstenberg has operated in the factoring sector for more than 25 years; in 1983, he founded the company I.Fi.S. S.p.A. – Istituto di Finanziamento e Sconto (now Banca IFIS S.p.A.).

Since 1992, he has been the Sole Director and, since 2 February 2009, President of the Board of Directors of La Scogliera S.p.A., a company whose purpose is to purchase, manage and sell investments in banks and financial companies and which holds the majority equity interest in Banca IFIS S.p.A.

Vice President – Alessandro Csillaghy de Pacser

Alessandro Csillaghy de Pacser has operated in the factoring sector for more than 30 years and has been the Bank's Vice President since 1996, performing an executive role to develop the Bank's presence abroad, by means of contacts with local institutions and foreign entrepreneurs designed to further Banca IFIS's foreign business activities.

He has established representative offices in Romania and Hungary, and worked at the Bank's office in Paris, France for a while. Since 2011, he has been President of the Board of Directors, and carrying out organising and developing the subsidiary, IFIS Finance Sp. Z o.o., a factoring company in Poland. He currently manages the Bucharest representative office.

Chief Executive Officer – Giovanni Bossi

A graduate in Economics & Commerce and a licensed professional accountant, Giovanni Bossi has been registered in the Italian Public Register of Approved Statutory Auditors since 1992. In the past, he taught at the faculty of Finance Science and Law at Rome's Luiss University.

As a self-employed professional he provided consulting services to industrial and financial groups, also controlled by European public companies, located in Northern Italy, as well as to Italian companies in relation to the design and development of industrial and financial activities in East European countries.

Since May 1995, he has been the issuer's CEO. He has also been CEO and then a Director of La Scogliera S.p.A., an office from which he resigned on 20th November 2012.

Director – Giuseppe Benini

He holds a degree in Economics and Business Administration from the University of Padua and has been enrolled since 1986 in the Association of Certified Public Accountants of Verona (section A) and in the Registry of Accounting Auditors.

He works as a Certified Public Accountant and Auditor and has acquired significant experience in:

legality and accounting controls;
organisational models (Italian Legislative Decree 231/2001) for banking, industrial and service companies;
corporate restructurings as per Articles 67 and 182-b of the Italian Bankruptcy Law.

Director – Francesca Maderna

She graduated in Economics and Business Administration in 1988 and has been registered with the Belluno Association of Certified Public Accountants since 1990 and with the Italian Register of Legal Auditors under no. 33675 since 1995.

She is currently a Director of Clinica Mediterranea S.p.A. and Sole Director of Immobiliare del Nord S.p.A. - a property asset management company.

She has also held the office of Director in various companies operating in the hollow glass sector (AVIR Group).

Director – Antonella Malinconico

She graduated in Economics from the Federico II University of Naples, she received a PhD at the same University in Financial Sciences for Business. She is Associate Professor of Financial Intermediaries Economics at the University of Sannio and is Professor of Financial Intermediaries Economics and Corporate Finance; she has carried out research on numerous themes (including credit risk in banking intermediaries, management of non-performing Loans, Risk Management, prudential supervision and SME financing) and has written numerous publications.

Licensed to practise as a chartered accountant since 1995, she is a consultant on financial issues for many banks, for whom she also carries out training activities.

Previously she served as Deputy Director of the Bank of Italy Office in Naples and as a Director of the Banca Antonio Capasso S.p.A.

Director – Riccardo Preve

A Sociology graduate, in 1980, Riccardo Preve founded Preve Costruzioni S.p.A., a public works infrastructure construction company that controls other road signage and construction companies.

He operates heavily in the property field and has invested in the solar power sector.

He currently occupies the roles of President, CEO and Technical Director in different industrial companies, and he is a Member of the Confindustria Council of Cuneo.

He previously acquired longstanding experience in various financial companies and was President of Banca di Credito Cooperativo.

Director – Marina Salamon

With a university degree in History (specialising in Economic History), in 1982, Marina founded Altana S.p.A., one of the foremost European medium/high-end children's apparel companies.

In 2014, she acquired a majority shareholding in Forest/Save the Duck, a leading eco-friendly sportswear company.

She controls Doxa S.p.A and Connexia S.p.A., two of Italy's largest market research and digital communication companies. The group also has minority holdings in Next14, Turbo and Zero Studios (programmatic advertising and content marketing).

All commercial and financial activity is carried out by the wholly owned holding company, Alchimia S.p.A., which also has a strong presence in the property sector.

Alchimia S.p.A. has also invested in the solar power sector, through the construction or acquisition of solar parks in various Italian locations.

Director – Daniele Santosuosso

After obtaining his degree in Commercial Law, he embarked on an academic path initially as a Scholar and Visiting Fellow at various universities abroad. He then became a Researcher, an Associate Professor in Commercial Law at 'La Sapienza' University in Rome and, finally, a Full Professor in Commercial Law at the same university. He is the author of many papers, articles, essays and books, as well as a Member of certain scientific publications and contributes to the Italian newspaper, Il Sole 24 Ore. He is also the Founder and Director of 'Rivista di Diritto Societario' (Corporate Law Review). He has been a Member of the Bar Association since 1992, has his own law firm and has held various institutional and corporate management posts (including as a Member of the Government Commission for the reform of company law in 2003 and a Member of the government commission for the reform of the business crisis law, so called "Rordorf").

Maximum number of offices held in other companies

The "Regulation on the maximum total number of offices that can be held by company Officers" was approved by the Shareholders' Meeting of 30 June 2009.

This Regulation first establishes that:

'The Officers of Banca IFIS S.p.A. accept office and maintain it insofar as they believe themselves able to dedicate the necessary time to the diligent performance of their tasks, considering both the number and the quality of offices held in the management and control bodies of other companies and the commitment required of them by their other professional activities and by associative appointments held'.

For the purposes of calculating the limits on the maximum total number of offices governed by the 'Regulation', the following items are relevant:

a) Companies with shares listed in Italian or foreign regulated markets;
b) Italian or foreign companies with shares not listed in regulated markets and that operate in the insurance and banking sectors and in the financial sector in general. In this latter regard, only financial companies subject to prudential supervision of the Bank of Italy and entered on the list of financial intermediaries under Article 106 of Italian Legislative Decree No. 385/1993 are required. If they are foreign companies, only substantial shareholdings are required;
c) 'Companies of significant size' (that is, those that have individual net equity of at least € 100m based on the last approved set of annual accounts).

Conversely, offices held within the Banca IFIS Group or in companies other than those listed above, do not count.

In the Regulation, the term 'Executive posts' means the following roles:

Chief Executive Officer
General Manager
Member of the Management Board
Member of the Executive Committee.

The terms 'Non-Executive Director and controlling offices' refer to the following roles:

Member of the Board of Directors without proxies;
Standing Member of the Board of Statutory Auditors;
Member of the Supervisory Board.

In addition to the office held at the Bank, an Executive Director:

may not hold other executive offices in the companies identified, in terms of type or size, as per the Regulation;
may hold up to a maximum of five offices as Non-Executive Director or Statutory Auditor in such companies.

In addition to the office held at the Bank, a Non-Executive Director may not hold more than ten positions of Director or Statutory Auditor in other companies identified, in terms of type or size, as significant as per the Regulations, of which no more than two may be Executive positions.

Candidates for appointment as Director or Statutory Auditor of Banca IFIS S.p.A. must provide the Bank with an updated statement of the management, direction and control roles held by each of them.

Following their appointment, the Company's Directors and Statutory Auditors must promptly notify Banca IFIS S.p.A.'s Corporate Affairs Department of any changes in the offices held by them in the management and control bodies of other companies.

Banca IFIS S.p.A.'s Board of Directors has the authority to grant possible exceptions, even temporary, to the maximum limit in the Regulation. As of the date of this report, no such exceptions have been granted.

Upon submission of the lists for the appointments made by the Shareholders' Meeting on 30 April 2013, all candidates have declared – when accepting their candidacy and possible appointment – to have read the 'Regulation' and to have verified not to hold a number of positions in other companies that exceed the prescribed limits.

Table 2 shows the number and type of positions held by Banca IFIS Directors to 31th December 2017, based on the information provided by them. In addition, to comply with the requirements of Bank of Italy Circular No. 285/2013 (Section VII, Chapter 1, Title IV, Part One), evidence was also provided of the positions held in the companies that are not considered relevant for the purposes of the "Regulation on the maximum number of offices that can be held by company officers".

Induction Programme

Bearing in mind that, pursuant to Update 1 of 6 May 2014 of Circular no. 285 of the Bank of Italy of 17 th December 2013, banks are required to adopt appropriate training plans to ensure that the technical skills of the members of the management and control bodies and the heads of the main business functions, required to properly fulfil their roles, be preserved over time. Based on the training needs identified following the self-assessment process concluded on 16 th January 2017, a training programme has been prepared to enhance the skills of the members of the Board of Directors and the Board of Statutory Auditors and designed to encourage agreement of interpretations and encourage discussion and exchange of experience on the major issues faced by the company's officers on a daily basis. The programme also considers the training needs expressed in the 2015 self-assessment that were not addressed in 2016 due to the intense activity surrounding the acquisition of the GE Capital Interbanca Group.

The training session was divided into the following modules:

The Risk Appetite Framework: market practices and their applications

ICAAP and ILAAP: operational issues and major challenges for the system
Non-Performing Loans: the macroeconomic environment and the implications for the banking industry
The scenario and trends of the ICT market in the banking sector: ICT as a strategic element for business development
Management Bodies' roles and responsibilities in the evolving legislative and regulatory environment.

4.3. Role of the Board of Directors (as per Article 123-bis, para. 2, letter d), CFA/TUF)

During 2017, 21 meetings of the Board of Directors were held, each lasting around four and a half hours. Attendance percentages are shown in Table 1 attached to this report.

From the start of 2018 until the date of approval of this document, 4 Board meetings were held, including the one in which the "Report" was approved. The number of Board meetings in 2018 is expected to be in line with last year.

To fulfil the obligations established for listed issuers by Article 2.6.2 of Borsa Italiana S.p.A.'s Market Regulations, the Board of Directors annually approves the Corporate Events Calendar, to be notified to Borsa Italiana, for disclosure to the public, within 30 days from the end of the previous financial year.

The Directive Transparency II (2013/50/EU), implemented in Italy by Legislative Decree no. 25 of February 15, 2016, removed the obligation to publish interim management reports but retains the right to reintroduce periodic information in addition to financial and six-monthly reports, albeit only under certain conditions and subject to regulatory impact analysis as to costs and benefits. This provision has been integrated into the Issuer's Regulation through the inclusion of the new Article 82-ter, in view of which, Banca IFIS has announced the choice of continuing to produce and publish quarterly information, in accordance with previous practice, in accordance with the Borsa Italiana rules for the STAR segment and to ensure continuity and regularity of information to the financial community.

Therefore, the dates fixed for the Shareholders' Meeting to consider the Annual Statement and the Board of Directors' meetings to approve the draft budget and the quarterly/half-yearly reports have been entered into the Calendar.

The 'Regulations on the convening and functioning of Board of Directors' Meetings', last updated on 13th October 2015, establish that:

the documentation supporting discussion of agenda items is made available to each Director and Statutory Auditor, using suitable means, by the end of the third working day before the date fixed for the meeting, except in urgent cases when documentation is made available by the end of the day before the meeting and in any case as soon as possible;
this documentation will be sent or made available, on the President's order, by the Bank's Corporate Affairs Department;
Where the President deems it advisable due to the topics and related resolution involved also in order to avoid risk of disclosing confidential information, possible given the means of communication used and quite apart from the intentions of those concerned – the briefing documentation can be provided directly at the meeting, advising Directors and Statutory

Auditors of this beforehand by the deadline indicated above so that, if they deem it appropriate, they can access the information at the Company's registered office by the end of the day before the meeting and in any case as soon as available.

The procedures and time limits for sending the documentation to the Board as described above were normally observed during 2017. The situation whereby the President identified the opportunity to provide documents directly during a meeting almost never arose. This occurred in negligible percentage terms with respect to the totality of the issues addressed by the Board, mainly for the provision of more accurate versions of communications to be disseminated on periodic financial reporting, that is during negotiations concerning purchases or sales of nonperforming loan portfolios, as well as any other extraordinary transactions involving Banca IFIS during the year.

Pursuant to the Articles of Association, Board meetings are attended by the General Manager in a consulting role. The Board of Directors have chosen the Corporate Affairs Office to be the office responsible for carrying out the duties that the Articles of Association entrusts to the Secretary for preparing reports and minutes. In addition, pursuant to the above 'Regulations', the President can invite managers or other employees of the Company to attend Board meetings, as well as other parties or external advisors whose presence is deemed useful in relation to the matters to be addressed.

During 2017, the Head of Corporate Affairs attended the meetings.

Speakers also included:

the Financial Reporting Officer, the Heads of Accounting and Investor Relations, especially where financial reporting documents were presented;
the Heads of Counterparty Assessment and Overdraft Assessment sections (or other employees at these facilities) to assist the Board in assessing lending practices;
the Chief Operating Officer and Head of ICT, to support the President reporting to the Board on the evolution of information systems that led the Bank to migrate core banking to Cedacri;
the Head of Organisation, the Head of the NPL BU, the Head of Workout & Recovery Solutions, the Head of Equity Investment, the Head of Structured Finance and other Unit Heads when topics addressed related to their activities and responsibilities.

Lastly, the Head of Internal Audit, the Chief Risk Officer and the Compliance and the Head of the Anti-Money Laundering Unit presented their reports and work plans directly to Directors, in accordance with current Bank of Italy supervisory regulations.

Pursuant to Article 14 of the Articles of Association, besides the duties that, mandatorily, cannot be delegated, the matters deemed to be the exclusive prerogative of the Board of Directors include:

***

the business model, strategic guidelines and operations, as well as business and financial plans;
the internal audit system guidelines, ensuring that they are consistent with the strategic and risk appetite measures established as well as being able to keep up with the evolution of the business risks and the interaction between them;
defining the identifying criteria for the most important operations to be subjected to prior approval by the risk control function;
updating the Articles of Association to regulatory requirements;
strategic guidelines and operations, as well as the Group's business and financial plans;
the purchase and disposal of equity investments, companies and/or company branches leading to changes in the group, or investments or disinvestments exceeding 1% (one percent) of the shareholders' equity reported in the Company's last approved financial statements.

Based on strategic indications, size objectives and additional qualitative-quantitative elements of the Strategic Plan, the Risk Appetite Framework, the ICAAP and ILAAP reports and a document setting out warning and alarm limits for the main risk indicators are drawn up and approved annually by the Board of Directors. In accordance with the requirements of the Supervisory Provisions for banks, as defined by Bank of Italy Circular no. 285, the ICT Strategic Plan was also approved.

As in 2016, in 2017, the Board of Directors also approved some documents that are part of the review process of organisational structures and informational events initiated by the Bank. In particular, the extension of the Group's business areas and the evolution of computer systems resulted in the need to update several internal regulation documents including the General Regulations, the system of responsibilities, and accounting and internal control system regulations.

The Board assesses the Company's general performance, during examination of the financial reports governed by Article 154-ter of CFA/TUF and during the comparison (expected after approval of the mid-year results) between the planning objectives and actual results and in correspondence with the other documents provided by the strategic planning process.

The Board will assess the general management performance when scrutinising the Financial Report required by Article 154-ter of CFA/TUF, when comparing the plan objectives with the results achieved (forecasted to occur once the half-yearly report is approved) and when scrutinising other documents required by the strategic planning process.

The Board also continually assesses, as part of its responsibilities, the suitability of the Bank's organisational, administration and general accounting set-up.

The suitability of the organisational, administration and general accounting set-up of the Bank's subsidiaries is evaluated by the Board of Directors by means of certain corporate governance and control tools, identified in the 'Group Regulations' which define the roles of the Parent Company and its subsidiaries, as well as defining management/coordination activities in both the strategicmanagement and technical-operational control fields.

Regarding the recently acquired CAP.ITAL.FIN S.p.A., the Board has been provided with all the tools required to start, during negotiations, considering the structure of the future subsidiary and its future consistency with the Bank's system. These reflections led the Board to issue a special directive, following acquisition, to adapt the new subsidiary's structures and internal control systems to those of the Banking Group.

Description of the organisational model characteristics of the Group's Internal Control System and the variation of the activities carried out by the Group's control units (that is, in the scope of the Parent Company's management and coordination activities over its subsidiaries) is contained in the "Group Internal Control System Document" and in the Regulations Governing Control Functions.

Pursuant to the provisions of the Articles of Association highlighted earlier, the Board has the prerogative of prior review and approval of the transactions of the Issuer and its subsidiaries, when such transactions are of significant strategic, economic, equity or financial importance. In such cases, the following process is adopted. The Board of Directors mandates the CEO to perform a feasibility study of the transaction, in order to assess the risks and opportunities. This study must contain all the parameters necessary to permit informed decision-making by the Board of Directors. The Board, after having reviewed the feasibility study, can either approve the transaction or ask for further in-depth analysis.

The Board has not established general criteria to identify transactions of significant strategic, economic, equity or financial importance for the Bank since these operations can only be approved by the Board itself, during the planning process or, as has occurred to date, because of key points that modify already-approved strategic objectives and risk appetite.

In contrast, the general criteria to identify transactions with linked entities that have a significant impact on the Bank's strategy, profitability, assets or financial position are set out in the "Procedures for transactions with linked entities" which has been updated, together with the Policies to control risk activities and conflicts of interest in relation to linked entities, at its meeting of 10th November 2016, following a favourable opinion of the Financial Reporting Officer, the Board of Statutory Auditors and the Risk Management and Internal Control Committee made up of independent directors.

Under these Procedures, the following are considered to be significant:

a) all transactions dealt with exclusively by the Shareholders Meeting or the Board of Directors by law or under the Articles of Association;
b) all transactions not classed as small amounts.

The Board of Directors, based on appropriate considerations, will qualify which transactions carried out by the Bank or its subsidiaries are to be classed as significant.

Significant transactions are divided into:

a) transactions of greater significance, namely, those that exceed the threshold of 5% of either value significance index, asset significance index or liability significance index;
b) transactions of lesser significance, those where one of the indices mentioned above, applied in accordance with the specific transaction, is less than or equal to the 5% threshold and whose value exceeds:
€ 50,000 for purchases of goods and/or services;
€ 250,000 for granting loans.

As previously stated, the Board of Directors, during its meeting of 19th January 2018, and considering the provisions and instructions provided by the Bank of Italy, concluded its annual evaluation on the functioning of the Board and its Committees as well as on their size and composition. This evaluation process was carried out by means of distributing a questionnaire, in the weeks prior, which varied according to the role of the person due to complete it (e.g. the President of the Board of Directors, Members of Internal Committees etc.).

This evaluation was carried out considering the usual elements, such as Members' professional characteristics and experience, both managerial and general, as well as their seniority in office, also with a view to preparing the opinions to be expressed to the shareholders on those figures whose presence on the Board is deemed appropriate.

With regards to the evaluation methods used, first, the President chose the staff within the Bank to manage this process that fit the criteria set by the Bank in the Self-Assessment Process Regulations. During the self-assessment process, the designated individual (Head of Corporate Affairs) was assisted by an external professional, Mr. Ferdinando Parente, from the company Parente & Partners S.r.l., who previously undertook a technical assistance and consultancy role to ensure the process complied with the main obligations of the Bank.

The consultancy role mainly focussed on preparing the questionnaire and helping Corporate Affairs to define the quantitative and qualitative assessment criteria for the members of the Board of Directors and in the following self-assessment as to whether each Member meets the relative requirements.

After preparing the questionnaire, Mr. Parente provided support during the following phases of the self-assessment process:

investigation: helping to gather the information and data on which the assessment was based, also through interviews with the Board Members involved;
processing: helping to analyse the information acquired and presenting the results;
collating the results of the process within a specific document;
Board-level discussion of the results and preparation of any appropriate corrective measures.

The questionnaire, in addition to having an opening section in which general questions to the Director are included (such as age and education), consists of two main parts: (i) Evaluation of the Board of Directors and (ii) Self-assessment of skills.

Specifically, the questionnaire contained the following sections:

Qualitative composition of the Board of Directors;
Functioning of the Board of Directors;
The Board of Directors' strategic role;
The degree to which the Board of Directors is involved in defining risk propensity and the preparation of suitable information on risk performance;
Information flows and circulation of information;
Evaluation of the remuneration and incentive system for Board Members;
Evaluation of the President of the Board of Directors;
Self-assessment of the President of the Board of Directors;
Evaluation of the Chief Executive Officer;
Self-assessment of the Members of the Committees set up within the Board of Directors.
Self-assessment of personal and combined skills.

The information gathered from the questionnaire is evaluated by the Board and the overall results help to define the actions to be taken to resolve any weak points identified. A further questionnaire on the skills of each individual Director is required. Specifically, this questionnaire aims to assess if certain knowledge and skills exist within the Board of Directors regarding:

laws and regulations applying to the activities carried out;
specific areas ensuring the sound and prudent management of the Bank.

The questions contained in the questionnaire required an answer in the form of a rating from 1-5 where one is the lowest score and five is the highest.

The Board of Directors' self-assessment process has identified some areas for attention and improvement regarding how the Board of Directors works. The main points identified and actions to address them are summarised below.

Gender diversity remains adequate, including for independent directors, and continues to ensure the effective composition of the Risk Management and Internal Control Committee. The number of meetings held was deemed adequate.

It emphasises the key role the President plays in chairing meetings who, in practice, has been able to do this properly to promote the effective functioning of corporate governance.

The relationship between the President and senior management is constructive and well balanced, and the relationship between the Board and senior management is open and collaborative.

The opportunity to devote more time to defining strategic plans has emerged.

The Shareholders' Meeting has not authorised any exceptions to the ban on competition envisaged by Article 2390 of the Italian Civil Code.

4.4. Delegated Bodies and Officers

CEOs

In the model applied by Banca IFIS:

Strategic supervision is performed by the Board of Directors;
The management function has been assigned to the CEO. The General Manager also performs management functions;

Management powers cover the following main areas:

Human resources management;
Granting and use of credit;
Treasury;
Expenditure management;
Investment in shareholdings.

Distribution of management powers is calibrated at a decreasing rate according to the levels of authorisation, from the Board of Directors down to operating units.

The most significant limits in terms of value and area, applied to the Chief Executive Officer's responsibilities are summarised below, whilst systematic exchanges of information also exist concerning the exercise of powers at any given time, as well as compliance with related quantitative limits:

Human resources management	Regarding human resources management, the CEO is responsible for decisions concerning the start, management and cessation of executives' employment, without prejudice to the authorities maintained by the Board for relations with key managers and/or those in staff functions serving the Board and in any case without prejudice to the Board prerogatives on managers of control functions established by the supervisory provisions for banks.
Granting and use of credit	The system of responsibilities for assuming and managing credit risk was, on a case by case basis, appropriate to the evolution of the business model and to the organisational structure, and consistent with the strategic directions and the limits set by the Risk Appetite Framework.
	The Chief Executive Officer, at the time of drafting this report, regarding the assumption of credit risk:
	– may authorise the assumption of credit risks up to € 30m per counterparty as part of the business financing companies operating under the brand name Banca IFIS Impresa Credi Impresa Futuro; to this end, only for with-recourse borrower counterparties, he may authorise risk taking for borrower credit lines up to € 75 million;
	– may approve mortgage operations as part of commercial operations with pharmacists up to € 2.5m;
	– may approve mortgage operations as part of commercial Lending Development operations up to € 10m;
	– may approve non-complementary cash flexibility operations up to € 2m;
	– may authorise the assumption of credit risks up to € 20m per counterparty as part of the business of financing companies operated by the Structured Finance BU;
	– may authorise the assumption of credit risks up to € 5m per counterparty as part of the business financing activities operated by the Special Situations BU;
	– may authorise the assumption of credit risks up to € 5m per purchase/sale of non-qualified shareholdings and € 7.5m for qualified shareholdings as part of the business operated by the Equity Investment BU;
	– forms part (together with the General Manager and the Head of the Business Unit) of the Committee authorised to purchase portfolios of non-performing loans up to a maximum of € 30m;

	– may purchase tax receivables up to a maximum of € 10m;
	– may authorise the assumption of credit risks up to € 20m per counterparty in transactions managed by Workout and Recovery Solutions.
	As part of risk positions falling within the scope of or assumed by the Board of Directors, the CEO is also granted the following powers:
	– to suspend, revoke and resume operations;
	– to change the amount of risk, convert its technical form and change its operational characteristics but without worsening the overall risk position;
	– to distribute risk in terms of 'loans to couples', loan duration, borrower credit lines (individual or group) and multiple group credit line.
	The Chief Executive Officer, at the time of preparing this report, regarding the assumption of credit risk:
	– may authorise temporary overruns on loans granted as part of the business financing operations managed by the Banca IFIS Impresa Italia BU up to a maximum of 20% of the exposure;
	– may authorise the suspension or resumption of operations regarding existing credit lines, the downgrading of credit or the release of a borrower from credits granted as part of the business financing operations managed by the Banca IFIS Impresa Italia BU;
	– may authorise renunciations of credits for principal, interest and/or expenses up to a maximum of € 500,000. As part of this, only for large Public Administration customers, the CEO may authorise renunciations of capital credit deriving from out-of-court activity up to 100% of the credit's nominal value on condition that it is within the relative book value estimated on a case-by-case basis and up to 100% of the default interest and/or delay interest calculated at the rate set out by Italian Legislative Decree 231/2002;
	– may authorise renunciations of credit deriving from out-of-court activity on default interest, and renunciations of credit from default interest on which judicial action is in course as part of the business financing operations managed by the Pharma BU;
	– forms part (along with General Manager) of the NPL Committee authorised to conclude transactions with recovery plans or in full and final settlement with a maximum loss (having as reference the higher of the amortised cost and the price paid) of € 200,000;
	– may authorise the conclusion of transactions with recovery plans or in full and final settlement with a maximum loss (having as reference the higher of amortised cost and the price paid) of € 500,000 as part of the business managed by the Tax Receivables BU;
	– may decree suspension/waiver of legal action, adherence to creditor arrangements, the filing of claims up to € 4m;
	– may alter deadlines and/or define repayment plans for amounts of up to € 10m; as part of this, only for large Public Administration customers, this limit is set at € 10 million.
Treasury	The powers of the Chief Executive Officer, at the time of drafting this report, can be summed up as follows:
	 engage in repurchase agreements (assets), liability deposits and repurchase transactions ranging from 12 to 24 months;
	 stock trading within the limits set by the Board of Directors.
	The total financial leverage limit is 5 times the consolidated net equity while the financial leverage limit for shares with a residual maturity greater than 18 months is 2.5 times the consolidated net equity.
Expenditure management	Within the annual forecasts contained in the Budget approved by the Board of Directors, the following engagement and spending powers are attributed to the CEO:
	 generally, up to € 1,000,000 for expense provision
	 decisions regarding lease assets and liabilities, whose single yearly calculation is contained within a limit of € 200,000
	 disposal or destruction of movable assets in general, no longer considered useful to the Company, even if not fully depreciated, and the deletion from the inventory of unused assets, within the limit of the original cost of the individual asset of € 150,000
Investment in	The Chief Executive Officer, at the time of drafting this Report, approves:
shareholdings	a) the purchase of shareholdings in solvent non-financial business, that are; i) unqualified, for amounts up to € 5 million; ii) qualified, for amounts up to € 7.5 million;
	b) the purchase of shareholdings in non-financial businesses for the recovery of loans, that are; i) unqualified, for amounts up to € 10 million; ii) qualified, for amounts up to € 15 million;

c)	the recovery plan prepared by Problem Credits. To this end, the CEO assesses the cost effectiveness, compared with alternative forms of recovery, of purchasing shares in non financial businesses in temporary financial difficulty; i) unqualified, for amounts up to € 10 million; ii) qualified, for amounts up to € 15 million;
d)	the purchase or underwriting of shares in sizeable primary organisms, that are; i) unqualified, for amounts up to € 5 million; ii) qualified, for amounts up to € 7.5 million.

Pursuant to Article 15 of the Articles of Association, in emergencies, the CEO can take decisions concerning any deal or transaction that is not the sole prerogative of the Board of Directors, immediately informing the President and notifying the Board at its next available meeting.

Until the conclusion of the merger to incorporate Interbanca S.p.A. into Banca IFIS S.p.A., which took place on 3 rd October 2017, the CEO, Giovanni Bossi, was also CEO of the subsidiary company belonging to the Banca IFIS Banking Group and bond issuer listed on the MOT market. Therefore, the situation of interlocking directorate did not apply.

President

The President has not been given any management powers.

As he is the majority shareholder, the President, via the corporate governance mechanisms described in this report and particularly at Shareholders' Meetings, plays a significant role in determining corporate strategies.

Executive Committee (as per Art. 123-bis, paragraph 2, letter d) CFA/TUF)

The Articles of Association do not envisage the setting up of an Executive Committee.

Reporting to the Board

During 2017, the CEO did not take any emergency decisions pursuant to Article 15 of the Articles of Association.

The Board received reports on the exercising of management powers at different intervals depending on the type of power involved.

The rules for reporting on the use of powers are summarised below:

Report on liquidity status	monthly
Composition of investment securities portfolio	monthly
Credit-granting activity	monthly
Report on use of spending powers	quarterly
Report on use of HR management powers	half-yearly
Incentive system (report on criteria adopted by Senior Management)	annually

4.5. Other Executive Directors

There are no other Directors considered Executive Directors because they hold:

office as the CEO or President of a strategically significant subsidiary;

management positions in the Bank or in a strategically significant subsidiary or in the Parent company.

In addition to the CEO, the definition of 'Executive Director' also includes the Vice President in relation to activities promoting the corporate image and commercial development in some foreign markets.

4.6. Independent Directors

The Board performs its own assessments of the requirements established by the Corporate Governance Code for Directors classified as independent at the first meeting after appointment by the Shareholders' Meeting. It also assesses, periodically, the Directors' level of independence. On 22 April 2016, following its appointment, the Board ascertained that four of its Members (Giuseppe Benini, Francesca Madera, Antonella Malinconico and Daniele Santosuosso) met independence requirements as per the criteria contained in the Corporate Governance Code for Listed Companies, making the outcome of its assessments known by means of a communication to the market.

In addition, the Board of Statutory Auditors, pursuant to Application Criterion 3.C.5. of the Corporate Governance Code, checked, on the same date, the application of the criteria and of the scrutiny procedures used by the Board of Directors to assess the independence of its Members and deemed it compliant with the indications provided by the Corporate Governance Code.

The Board of Directors, annually check the independence requirements provided for by the Corporate Governance Code and by paragraph 3 of Article 148 of CFA/TUF regarding the Directors Giuseppe Benini, Francesca Maderna, Antonella Malinconico and Daniele Santosuosso. The last check was performed at the Board meeting of 14th December 2017.

At its meeting of 18th January 2017, the Board of Statutory Auditors verified whether the criteria and procedures adopted by the Board on this occasion had been correctly applied.

The independent directors have not considered it necessary to hold official meetings in the absence of other administrators considering that the Risk Management and Internal Control Committee, made up of independent directors, and part of the Appointments Committee and Remunerations Committee, formed mostly by non-executive independent directors, has provided sufficient opportunities for communication between themselves. In addition to which, during 2017, the independent directors have often asked for advice on a variety of subjects, maintaining both short, lively discussion between themselves, and alongside committee meetings and Board of Directors' meetings.

As of the date of this report, those Directors who, in the lists for nomination to the Board (March 2016) had indicated their suitability to qualify themselves as independent, maintained their independence.

4.7. Lead Independent Director

In line with the guidelines established by the Corporate Governance Code for Listed Companies, as the President of the Board of Directors is also the majority shareholder of La Scogliera S.p.A. and thus controls Banca IFIS, the Board of Directors has designated an independent Director as Lead Independent Director. The latter has the task of being the point of reference and coordination for Directors' requests and contributions of (non-executive and, particularly, independent) and

improving Board operations, also ensuring that information flows between Directors are constant and effective.

The Lead Independent Director has the power to call, when deeming it appropriate or at the request of other Directors, specific meetings solely for independent Directors for significant matters relating to Board operations and/to company operations in general.

On 22 March 2016, the Board of Directors appointed Mr. Giuseppe Benini as Lead Independent Director for the period 2016-2018, confirming the choice already made for the years 2013-2015.

In his capacity as President of the Risk Management and Internal Control Committee, the Lead Independent Director oversaw its activity and encouraged the good conduct of its meetings primarily with respect to those with the Board of Directors to discuss specific topics, in the areas of competence and through exchange with the reference manager, reporting, where necessary, to the Board a summary of this preliminary inquiry.

The Lead Independent Director played an active role within the Bank's operations with related parties and associated entities, with particular regard to acquisitions and mergers involving the Bank, ensuring timely analysis and discussion on quarterly reports and on the list of entities surveyed, monitoring the evolution of computer systems and stimulating dialogue focussing on preventive decisions that existing procedures reserve for members of the Risk Management and Internal Control Committee composed of independent directors.

5. Processing of corporate information

The Bank, following preliminary studies carried out by the Risk Management and Internal Control Committee and the Supervisory Body under Italian Legislative Decree 231/2001, and the subsequent Board approval, has adopted the "Policy for Managing Corporate Information" pursuant to the criterion applied by 1.C.1., letter j of the Corporate Governance Code.

The document has been updated to bring it into compliance with EU regulations (Regulation EU no. 596/2014, Market Abuse Regulation).

The Corporate Information Management Policy regulates in detail the identification, internal management and disclosure of privileged information, as well as the internal management and external communication of Corporate Information other than information of a privileged nature. It also regulates tasks and responsibilities regarding dealings with the financial community.

We consider Corporate Information to be any information and/or news concerning Banca IFIS and/or Financial Instruments issued by it that is not in the public domain and that has been generated within the Bank itself.

The scope of relevant corporate information for policy purposes is as follows.

5.1 Adopted definitions

Privileged Information: information of a precise nature, which has not been made public, relating, directly or indirectly, to one or more Issuers or to one or more Financial Instruments and which, if made public, could have a significant effect on the prices of those Financial Instruments or on the price of related derivative Financial Instruments.

We consider information to be of a precise nature if it refers to a set of existing circumstances or that can reasonably be expected to occur or to an event that has occurred or which can reasonably be assumed that will occur and if such information is specific enough to enable a conclusion to be drawn as to the possible effect of that set of circumstances or that event on the prices of Financial Instruments or of related derivative Financial Instruments. In that regard, if a prolonged process that is intended to achieve, or that determines, a particular circumstance or a particular event, said future circumstances or future event, as well as milestones of this process that are connected to the realisation or the determination of the future circumstances or event can be considered as precise information.

An intermediate step in a protracted process is considered Privileged Information if it meets the criteria set out in this definition in relation to Privileged Information.

For information which, if communicated to the public, would probably have a significant effect on the prices of Financial Instruments and/or derivative Financial Instruments, that is a piece of information that a reasonable investor would probably would use as one of the elements on which to base their investment decisions.

Delayed Privileged Information: information that has been classified as privileged per the meaning of the Policy, but it has been decided to delay disclosure in accordance with what is specified below.

Systematically Important Privileged Information: this is Privileged Information whose disclosure poses the risk of compromising the financial stability of Banca IFIS and the financial system. This includes, but is not limited to, information concerning temporary liquidity problems and the need for temporary liquidity support from a Central Bank.

5.2 Internal management and external communication of Privileged Information, Delayed Privileged Information and Systemically Important Privileged Information.

Below is a graphical representation of the process of internal management and external communication of Privileged Information and Delayed Privileged Information.

Whenever the decision to delay the disclosure of Privileged Information is taken, Communications and Investor Relations units will duly inform Corporate Affairs of the decision, which will in turn create an appropriate Section on the List of people who have access to privileged information.

If the Bank prepares Privileged Information whose circulation may compromise its stability and that of the entire financial system (Systematically Important Privileged Information), it may delay its publication.

Identification of this type of information is the responsibility of the CEO who is supported by the General Manager and Communications and Investor Relations unit. Once Systematically Important Privileged Information is identified, the CEO will:

take the decision whether to circulate it immediately or delay publication;
inform the Heads of the control functions in a timely manner;
report back to the Board of Directors at its next meeting, regarding the management of the information.

If it has been decided to delay publication of the information, Corporate Affairs, with information from Communications and Investor Relations units, creates an appropriate section on the List of people who have access to privileged information to give prior notification to Consob regarding the intention to delay circulation of the information.

5.3 Internal management and external communication of Obligatory Information (other than Privileged Information)

All Obligatory Information is managed by the process governed by applicable external regulations and internal guidelines.

The information contained in "Information and Communication Plan" prepared under the "Recovery Plan" which the Bank has drawn up, is managed in accordance with the same provisions, notwithstanding what is covered in this policy regarding Privileged Information.

If the Obligatory Information is Privileged Information, the provisions of paragraph 5.2 will apply.

Once the preparation process is complete, the Obligatory Information, except any Privileged Information, are released to the public via means decided on a case by case basis and provided for by the rules in force, as well as those considers appropriate by Communications and Investor Relations.

5.4 Meetings with the financial community

The Bank holds regular meetings with the financial community. During these meetings, information is provided on operating performance as well as other relevant data that, while not likely to significantly affect the price of Financial Instruments issued by Banca IFIS, can still influence the course of business. For this reason, the Bank will give prior notification to the market regarding the date and time of the meetings and will send to the same authorities the information material provided to participants.

By the conclusion of meetings, Banca IFIS publishes the summary of the topics covered, if it is not already public, using both the "SDIR" platform, and the Bank's corporate website, giving evidence of NIS codes and time of transmission.

6. Internal Board Committees (as per Article 123-bis, para. 2, letter d), CFA/TUF)

The following Committees existed within the Board of Directors:

The Risk Management and Internal Control Committee consists of four Non-executive and independent Directors, as better explained in Section 10;
The Appointments Committee consists of three Non-Executive Directors, two of whom are independent, with an independent President, as better explained in Section 7;
The Remuneration Committee, consisting of three Non-Executive Directors, two of which being independent, with an independent President.

The Board of Directors has also appointed a Supervisory Body equipped with autonomous powers of initiative and control pursuant to Italian Legislative Decree no. 231/2001, currently chaired by an external member and composed of three permanent members (two independent directors and the Head of Internal Audit), all more specifically specified in the third paragraph of Section 11.

No function of one or more Committees has been reserved to the entire Board, under the President's coordination, as required by the Corporate Governance Code.

No further committees have been set up in addition to those reported in this section.

7. Appointments Committee

Composition and role of the Appointments Committee (as per Article 123-bis, para. 2, letter d) CFA/TUF)

The Appointments Committee must be made up of at least three Members chosen from among the non-Executive Members of the Parent Company's Board of Directors, the majority of whom must be independent.

The Committee therefore consists of the Director, Giuseppe Benini (independent and nonexecutive), the Director, Riccardo Preve (non-executive), and, in the capacity of President, the Director, Daniele Santosuosso (independent and non-executive).

The Regulations governing the Appointments Committee allow the President of the Parent Company's Board of Statutory Auditors, or another Statutory Auditor delegated by him on a case by case basis, to attend. The other members of the Board of Statutory Auditors may also participate. The CEO and the General Manager of the Parent Company may also take part where the topics to be discussed do not concern them.

The Committee may avail itself and/or request the presence of:

external consultants, which can be chosen from among the Members of the Parent Company's Board of Directors, provided that such experts do not, at the same time, provide the Parent Company and/or its subsidiaries, with services of such significance as to compromise the independent judgement of said consultants;
any Corporate Officer or employee of the Parent company or of another Group company.

In 2017 the Appointments Committee met three times to discuss the topics within its competence. The meetings lasted for approximately 30 minutes and were only attended by members of the Committee. Usually, Corporate Affairs personnel are invited to assist in meetings.

In 2017 the Appointments Committee only worked on the self-assessment process.

At the beginning of 2018, the Appointments Committee met twice to express its opinion for the approval by the Board of Directors of the summarised report on the self-assessment process that the Board started in November 2017 and concluded during the Board Meeting of 19 th January 2018, and on the document regarding the optimal qualitative-quantitative composition of the Board of Directors and the Corporate Bodies' Training Plan for 2018.

Duties of the Appointments Committee

This Committee helps the Board of Directors and the other corporate bodies in the following processes:

nominating and co-opting Directors; The Committee gives advice during the early assessment phase regarding the size and the best qualitative and quantitative composition of the Board of Directors, also in terms of Members whose presence on the Board is considered opportune and in terms of legal rules and regulations in force. The Committee also gives advice after the nomination process has taken place, checking that the size and the qualitative and quantitative composition of the Board considered optimal prior to this process and corresponds to the situation after it; in cases of co-opting substitute independent Directors, the Committee proposes candidates to the Board;
the self-assessment of corporate bodies; specifically, the Committee submits to the President of the Board of Directors proposals for the person or persons in charge of the self-assessment process of corporate bodies, with strategic supervision and management functions;
verifying the existence of the requisites of professionalism, integrity and independence in those subjects with accounting, management and control roles, in compliance with Article 26 of Italian Legislative Decree no. 385/1993 (The 1993 Banking Law);
defining succession plans for senior management positions (CEO and General Manager) due to expiry of mandates or for any other reason, to ensure business continuity and to avoid economic damage or damage to reputation.

Furthermore, this Committee:

helps the Risk Management and Internal Control Committee to find and propose to the Board of Directors suitable candidates to nominate for managerial positions of control;
gives its opinion to the Board of Directors on limits to the number of positions that Directors and Statutory Auditors can hold and on any departures from the non-competition clause as per Article 2390 of the Italian Civil Code.

The President of the Committee reports to the Board of Directors on activities carried out, at the next available meeting.

Committee meetings were properly documented in minutes and signed by the Members.

The Committee may access all company information deemed relevant for the performance of its tasks and may use, autonomously, the Bank's financial resources in the amount established by the Board and with the requirement of reporting the use of funds, at least once a year, usually during the review of the report on corporate governance and ownership structures.

The Board of Directors, with its resolution of 3 February 2015, allocated a budget of € 60,000 per year to the Appointments Committee that can be used autonomously, with the requirement that this Committee reports back to the Board detailing its use of these funds as per the applicable regulations.

8. Remuneration Committee

Please refer to the relevant parts of the Remuneration Report published in compliance with Article 123-ter of CFA/TUF.

9. Directors' Remuneration

Please refer to the relevant parts of the Remuneration Report published in compliance with Article 123-ter of CFA/TUF.

10. Risk Management and Internal Control Committee

The Board has set up a Risk Management and Internal Control Committee within itself.

Composition and role of the Risk Management and Internal Control Committee (ex. Art 123-bis, para. 2, letter d) CFA/TUF)

The Committee consists of independent and non-executive directors, Giuseppe Benini (as President), Francesca Maderna, Antonella Malinconico and Daniele Santosuosso.

Its work is coordinated by the President and minutes are duly taken during its meetings.

During 2017, the Committee met 25 times, as shown in Table 1 enclosed with this report, six of which were joint meetings with the Board of Statutory Auditors, with meetings lasting an average of two hours and fifty minutes.

Since the beginning of 2018 until the date of approval of this document, the Committee met seven times, two of which was a joint meeting with the Board of Statutory Auditors and one of which with the Supervisory Body and the Board of Statutory.

It is expected that this Committee will not hold fewer meetings in 2018 than last year.

The Risk Management and Internal Control Committee is made up of four of the nine members of the Board of Directors chosen from among the independent non-executive directors in accordance with Principle 7. P. 4. of the Corporate Governance Code. Members of this Committee must have the necessary knowledge, competence and experience to be able to fully understand and monitor the Bank's risk strategies and appetite.

At least one of its Members must have suitable experience in financial and accounting matters or in risk management, and this is assessed by the Board of Directors upon appointment. The Board of Directors has chosen Mr. Giuseppe Benini from among its independent members as President of the Committee, as he has the necessary experience in these matters. The Board's decision regarding Mr. Benini's experience was reached on his nomination, during its meeting of 22 March 2016 and again later during the self-assessment process for summit bodies.

In addition to holding joint meetings with the Supervisory Body, during its meetings, the Committee also interacted, based on prior agreement and to address individual topics, with the CEO, the General Manager, the Financial Reporting Officer, the Compliance and Anti-Money Laundering Officers, the External Auditing firm, the Chief Risk Officer and the Chief Operating Officer. It systematically interacted with the Head of the Internal Audit Office, who normally attends the Committee's meetings with a view to achieving synergy between the various players in the Internal Auditing System. The Committee also met, to analyse work put before the Board, with the Head and other employees of Problem Credits, the Head of Accounting, the Head of Monitoring and

Control of Financial Reporting and Head of Regulatory Reporting, the Head of Operations, the Head of Organisation and the Head of Organisational Structure, the Head of Overdraft Assessments, the Head of Counterparty Assessment and the Head of Treasury, the Head of Management and Assessment for Tax Credits BU, the Head of Italia Banca IFIS Impresa BU, the Head of Privacy and Security Management and the Head of Complaints.

It is normal for the Head of Corporate Affairs and/or other Members from this Office to be invited to Risk Management and Internal Control Committee meetings.

Duties of the Risk Management and Internal Control Committee

The Committee provides its preliminary opinion to the Board of Directors on:

The Risk Management and Internal Control System Guidelines;
The adequacy of the Risk Management and Internal Control System with respect to the company's characteristics and to the assumed risk profile, as well as its efficacy;
the work plan prepared by the Head of Internal Audit;
the main characteristics of the Risk Management and Internal Control System and its adequacy;
the results presented by the external auditor in the letter of recommendations, if any, and in the report on the main issues which came up during the external audit.

With regards to the appointment and revocation of the Head of Internal Audit and the allocation of resources suited to the fulfilment of their responsibilities by the Board of the Directors, the Risk Management and Internal Control Committee is required to provide its favourable opinion (which is binding).

When aiding the Board of Directors, the Risk Management and Internal Control Committee:

evaluates, together with the Financial Reporting Officer, and in consultation with the External Auditor and of the Board of Statutory Auditors, the correct application of accounting standards and their uniformity for preparing the consolidated financial statement;
expresses opinions on specific aspects pertaining to the identification of the main corporate risks;
examines the periodical reports covering the evaluation of the Risk Management and Internal Control System, and those of relevance prepared by the Internal Audit Office;
monitors the autonomy, adequacy, efficacy and efficiency of the Internal Audit Office;
may ask the Internal Audit Office to carry out checks on specific operational areas, at the same time notifying the President of the Board of Statutory Auditors;
examines the annual plans of the Control Office/Departments and the reports on their implementation;
identifies and proposes, with the contribution of the Appointments Committee, the heads of the corporate control functions to be appointed;
contributes, through reviews and opinions, to defining the company policy regarding the outsourcing of business control functions;
ensures that all corporate audit departments correctly conform to the indications and guidelines approved by the Board of Directors and assists the latter in developing the document to coordinate control functions and the group and company internal control system, in general.

Regarding the tasks relating to management and control of risks, the Committee acts as support to the body with strategic supervisory function:

in defining and approving strategic direction and risk management policies. Within the RAF [Risk Appetite Framework], the Committee carries out evaluation and proposal activities necessary for the Board of Directors to define and approve the risk objectives and the tolerance threshold;
in verifying correct implementation of strategies, of risk management policies and of the RAF;
in defining policies and the evaluation processes for corporate activities, including verifying that the price and terms of transactions with customers are consistent with the business model and risk strategies.

Without prejudice to the powers of the Remuneration Committee, the Committee ascertains that the incentives underlying the Bank's remuneration and incentive system are consistent with the RAF.

The President of the Risk Management and Internal Control Committee reports to the Board of Directors at the first available meeting, on the activities carried out, on the possible activation of financial autonomy, as well as on the adequacy of the risk management and internal control system. The President of the Committee, where necessary, evaluates the appropriateness of possible further forms of reporting.

Regarding transactions with related parties and/or linked entities, the Risk Management and Internal Control Committee (consisting of independent Directors only), also performs the functions assigned to it by the Board of Directors, as governed within the scope of the 'Procedure' in force.

During 2017, the Committee's activity regarded the following key guidelines:

procedure of transactions with related parties (opinions received prior from independent directors even regarding acquisition and merger transactions involving the Bank during the year, as well as receiving a quarterly report on position trends);
presentation and implementation of the audit Programme Plan 2017-2019 and of the other reports provided for by the Internal Audit supervisory regulations;
discussion with those responsible for Risk Management, Anti-Money Laundering and Compliance in their respective plans and annual reports, on the quarterly Tableau de Bord then sent to the Bank of Italy, and on ICAAP and RAF reporting;
preparatory work for the Board of Directors for matters concerning:
quarterly evaluations on receivables and other financial statement items, in view of the periodic financial reports;
half-yearly complaint management assessments;
evolution of computer system;
dialogue with the Financial Reporting Officer and with the company responsible for auditing the accounts;
dialogue with the head of the Business Continuity Plan and with the executives responsible for ICT governance (strategic plan, reports, disaster recovery and business continuity tests and plans);
Internal regulations (organisational policies, processes and procedures);
Management of corporate projects;
Management trends and prospects;
Liaison with Supervisory Authorities.

The Committee actively participated in the process which led the Board to express a positive assessment on the fact that the Audit and Risk system is aligned with the principles laid down in section I of Chapter 7 of Heading V of Bank of Italy circular 263 and that business control functions meet the requirements and comply with the provisions of section III of the quoted Supervisory Regulations.

The President of the Board of Statutory Auditors – or another Auditor delegated by the President on a case-by-case basis – assists with the Committee's work. If deemed appropriate in connection to the issues to be discussed, the Risk Management and Internal Control Committee and the Board of Statutory Auditors meet jointly.

Committee meetings were properly minuted and signed by the Members.

The Risk Management and Internal Control Committee may access all company information deemed relevant for the performance of its tasks and may use, autonomously, the Bank's financial resources in the amount established by the Board and with the requirement to report on any use of these funds.

The Board of Directors has allocated the Risk Management and Internal Control Committee annual budget of €60,000, to be used autonomously, subject to reporting to the Board on their use of funds.

11. Risk Management and Internal Control System

Under the strategic plan, the Board of Directors has defined the nature and level of risk compatible with the strategic objectives of the Bank, including in its assessment all risks which may be deemed significant from a perspective of medium to long term sustainability.

The definition of the Strategic Plan allows the Bank's expected strategic objectives to be checked for consistency with the competitive environment in which Banca IFIS and its subsidiaries operate and with the results achieved in previous years. Indeed, the Group's strategic planning process is based on a three-year strategic plan approved annually by the Board of Directors. The plan 2017- 2019, which annually adapts the strategic forecasts developed in the previous year's document and extends the planning horizon to the year immediately following, was approved in March and compiled and developed new forecasts for Banca IFIS Group's business lines.

Finally, the definition of the Strategic Plan enables the assessment of consistency between business strategy, Risk Appetite Framework (RAF), Internal Capital Adequacy Assessment Process (ICAAP) and Internal Liquidity Adequacy Assessment Process (ILAAP).

The processes of defining RAF, ICAAP, ILAAP and strategic planning are strongly interrelated because the first is based on strategic assumptions related to the strategic plan and projections contained in it, while the second is strongly based on a vision of risk-adjusted profitability, balance sheet strength, as well as a solid liquidity situation.

The Parent Company's Board of Directors defines the Group's RAF that – in line with its risk capacity, business model and strategic plan – establishes, at overall group level and for its individual components, the risk appetite, the tolerance thresholds, the risk limits, the risk management policies and the processes necessary to define and implement them.

In the group RAF, the circumstances, including the results of the stress scenarios, are specified, which the CEO uses, with the support of the Parent Company's Risk Management unit and the business structures concerned, to define and implement specific containment actions.

The risk objectives and the tolerance levels are presented also considering:

capital adequacy;
profitability;
overall liquidity position.

Besides the Group "RAF", the Parent Company's Board of Directors defines:

A. within the "Group Policy for Assessing Capital Adequacy" and "Group Policy for Managing Significant Risk":
the Group's capital adequacy assessments process (ICAAP);
the Group's processes for managing significant assumed and assumable risks;
B. as part of ordinary loan management policies the latter being Business Unit-specific as well as the "Group Regulations":
the lending process adopted by every single Parent Company BU;
the ways in which the subsidiaries must apply to the Parent Company, depending on the case, for prior authorisation or consent to respectively take or implement decisions.

Consistent with the strategic directions and the risk appetite established, the internal control system can identify the evolution of corporate risks and the interaction between them. The Internal Control System consists of a collection of rules, functions, structures, resources, processes and procedures aimed at ensuring, in compliance with sound and prudent management, the achievement of various goals, including containment of the risk within the limits indicated by the RAF. The Risk Management and Internal Control System also:

contributes to managing the company in a manner consistent with corporate objectives laid down by the Board, encouraging informed decision-making;
helps to ensure the safeguarding of company assets, the efficiency and effectiveness of business processes, the reliability of information provided to governing bodies and to the market, compliance with laws and regulations, as well as the Articles of Association and internal procedures.

The Board of Directors approved the document "Internal Control System Guidelines" that defines:

a) the principles underlying the Internal Control System;
b) the internal control system's development process, with comprehensive division of the governing bodies' tasks regarding the stages of: a) design of the internal control system; b) implementation of the internal control system; c) evaluation of the internal control system; d) external communication regarding the internal control system;
c) the elements that characterise risk governance;
d) the organisational control model;
e) the control roles and tasks assigned to the organisational units that carry out the company's control functions;
f) the liaison methods between organisational units that carry out the company's control functions;

g) the information flows between the organisational units that carry out the company's control functions and between the organisational units and the corporate bodies.

The Parent Company, Banca IFIS, formalises and informs its subsidiaries of the criteria governing the different stages that constitute the risk management process. It also validates the risk management process within the group. The Parent Company decides on the adoption of the internal risk-measurement systems and determines its essential characteristics, assuming responsibility for implementing the project, as well as overseeing the correct functioning of the systems and their constant methodological, organisational and procedural adjustment.

The Parent Company also issues its subsidiaries with directives for the design of the company's internal control system. The subsidiaries adopt an internal control system that is consistent with the Group's control strategy and policy, subject to compliance with applicable regulations on an individual basis. It is, however, necessary that the Parent Company, while respecting local constraints, adopts all initiatives intended to ensure standards of control and protective measures that are comparable to those provided for by Italian supervisory regulations, including in cases where foreign legislation does not provide for similar levels of attention.

The internal control system was designed considering the applicable rules and peculiarities of the business practised both by Banca IFIS and its subsidiaries and provides, generally, for the institution of all corporate control functions. The only exceptions are the companies mentioned below, according to their operating characteristics as well as the limited level of risk to which they expose the Group:

IFIS Rental Services S.r.l.;
IFIS Finance Sp. z o.o.

The overall assessment of the internal control system is based on "system assessments" and "operation checks".

System assessments are performed by verifying that the choices regarding rules, information procedures and organisational structures are consistent:

a) with external regulatory and legislative requirements ("conformity assessment");
b) with internal prescriptions that are not reflected in external regulations or, in the absence of internal regulations, with market standards identified ex ante, consistent with the objectives defined and the operations being implemented ("adequacy evaluations").

Operation checks are carried out to ensure the regularity of the activities being performed, in respect of:

a) external regulatory and legislative requirements and any relevant internal regulation that implements the same ("compliance audits");
b) with internal regulations that are not reflected in the external legislation or, in the absence of internal regulations, with the market standards identified ex ante, consistent with the objectives defined and the operations being implemented ("adequacy evaluations").

Following internal controls, the Banca IFIS Group prepares and updates from time to time, based on interlocution with the Bank of Italy, a Recovery Plan, as required by Directive 2014/59/EU – Bank Recovery and Resolution Directive (BRRD) –, by the relevant provisions of CBA/TUB and CFA/TUF, the delegated Regulation no. 2016/1075 of 23rd March 2016 of the European Commission as well as the EBA/GL/2015/02 guidelines on the minimum list of qualitative and

quantitative indicators included in recovery plans and EBA/GL/2014/06 guidelines on the set of scenarios to be used in recovery plans. This tool allows:

the preparation of an integrated Risk Governance framework to monitor the Group's risk profile;
the identification of scenarios and related timescales that may lead the Group to a situation of non-viability;
the assessment of the consequences on third parties arising from the Group undergoing a crisis situation;
the prior identification of the actions that the Group intends to take to restore its asset and financial equilibrium;
the regulation of the methods of implementing identified recovery options.

The Board of Directors plays a key role in assessing the effective functioning of the risk management and internal control system which is important for the sustainability of the issuer in the medium to long term. As already reported, at their first meetings of 16th January and 14th December 2017, the Board of Directors, noting the Risk Management and Internal Control Committee's assessment, expressed a positive assessment on the fact that the internal control system and the corporate organisation are aligned with the principles indicated in section I, Chapter 7, Title V of Bank of Italy Circular 263, now contained in Part One, Heading IV of Bank of Italy Circular 285 (11th Update of 21st July 2015).

***

a) Key characteristics of the risk management and internal control systems in relation to the financial reporting process

a.1. Introduction

Regarding the financial reporting process, the Risk Management and Internal Control Systems are components of the same overall 'System', which is designed, among other things, to ensure the trustworthiness, accuracy, reliability and timeliness of financial reporting.

To ensure appropriate protection and correct mitigation of the risk of erroneous financial reporting, Banca IFIS has a specific analysis framework that crosses the various business processes, and which seeks to identify and control the main risks that the Company is exposed to in the execution of the relevant transactions that generate the information contained in the financial statement and any other information of a financial nature.

Application of the framework is designed to ensure accuracy, reliability and timeliness of financial reporting, integrating it with the overall risk management and internal control system.

The provisions in the Articles of Association concerning the 'Financial Reporting Officer' ('Financial Reporting Officer'), the appointment of the present Financial Reporting Officer, the Group Risk Management Policy for erroneous financial reporting, the updated "Financial Director's Scope of Activity" and the "Financial Reporting Officer's Regulations and the Monitoring and Control of Financial Reporting", approved by the Board of Directors comprise, together with the overall set of administrative and accounting procedures, the collection of measures adopted by the Bank to cover the risk of erroneous financial reporting.

The framework consists of several levels of analysis that, together, define adequate Group administrative and accounting procedures. It is based on the principles and guidelines defined by

Internal Control – Integrated Framework issued by the Committee of Sponsoring Organisations of the Treadway Commission (known as CoSO) and by the Control Objectives for Information and related Technology (known as CobiT), considered internationally accepted reference models.

The framework analysis levels are as follows:

Process level controls: these are checks carried out at the process level. Their implementation provides evidence that adequate administrative and accounting procedures are applied in order to ensure effective internal control over financial reporting;
IT General Controls or "ITGC"): these are controls that operate at the corporate level and are specifically related to the Information Technology management processes supporting execution of business processes; they relate, for example, to software maintenance and acquisition processes, physical and data security management, application development and maintenance, etc.

a.2. Description of key characteristics of present risk management and internal control systems in relation to the financial reporting process (the "System")

The process of managing the risk of erroneous financial reporting and the modes of collaboration and coordination between the Monitoring and Control of Financial Reporting facility, the Accounting and Budgeting section and the Bank's other structures and bodies are defined within the Group Policy to manage the risk of erroneous financial reporting, approved by the Board of Directors. Accounting and Budgeting section is delegated to perform administrative and accounting tasks, as well as producing financial reports with the contribution of the Financial Reporting Officer and certified by the latter pursuant to Article 154-b of CFA/TUF.

a.2.1 Phases of the risk management process regarding erroneous financial reporting

The operational approach that characterises the overall fraud risk management process is structured, consistent with the phases of the risk management process adopted by the Bank, in the following sub-processes:

Identification: the Monitoring and Control of Financial Reporting facility, with operational support from the Accounting and Budgeting section, identifies entities to be included in the scope of verification activities. The significance of subsidiary companies is assessed annually based on the criteria adopted.
Risk assessment: the risks identified are evaluated in terms of potential, considering the relevant frequency (number of cases where the error may be encountered) and severity (level of potential loss resulting should the error occur). Subsequently, the Monitoring and Control of Financial Reporting facility evaluates the adequacy of the defined organisational safeguards in terms of risk prevention relating to erroneous financial reporting and consistency with the external legislation in force, in addition to the main best practices (socalled assessment of control design).
Monitoring: Monitoring and Control of Financial Reporting facility, in considering the adequacy expressed on the administrative and accounting procedures, it verifies that the identified controls are put into practice in the manner and frequency prescribed and are tracked with filing of the relevant evidence (so-called verification of the effective application of control).

As part of the management and administration actions exercised by the Parent Company over Group companies, the Parent Company's Financial Reporting Officer, by means of the

Monitoring and Control of Financial Reporting unit, analyses the documentation produced by the contacts at each subsidiary's Financial Office (where considered significant during annual planning) and assesses the results of checks carried out by these for the purpose of proper consolidated financial reporting. Any critical issues emerging will be summarised in a report prepared every six months by the Parent Company's Financial Reporting Officer, submitting it for the attention of the Board of Directors.

Mitigation: the evaluation of the adequacy and the actual application checks can highlight possible deficiencies in organisational safeguards laid down for reducing the risk of erroneous financial reporting. On receipt of the results of evaluation and monitoring activities, the Organisation will define, with the support of the Monitoring and Control of Financial Reporting and Accounting and Budgeting, corrective action and/or actions for strengthening the safeguards already in place.
Reporting: the Monitoring and Control of Financial Reporting department prepares a report every six months which it shares with the Chief Executive Officer and subsequently presents it to the Board of Directors, to the Risk Management and Internal Control Committee and to the Board of Statutory Auditors. The report shows the checks carried out, their results and any problems encountered. The Financial Reporting Officer uses the suitability and effective application checks for the administration & accounting procedures to provide the certification required pursuant to Article 154-b, paragraph 5, of Italian Legislative Decree no. 58/98.

a.2.2 Roles and functions involved

In light of the important responsibilities conferred, the Financial Reporting Officer is attributed appropriate powers and resources to perform the functions of the role, as detailed in the last paragraph, number 11.5. The Financial Reporting Officer receives all cooperation necessary from all the Bank's organisational units to carry out their activities, having been guaranteed free access to all locations, all information, all accounting records and all documents relating to the task. If necessary, the FRO may also request information or documents held by external suppliers, through the relevant internal reference point for the outsourced activity. Finally, the Financial Reporting Officer may agree with each organisational unit involved in the process, the procedures for transmitting the information flows necessary to accomplish its activities.

The Financial Reporting Officer, in performing his/her activities, has access to the Monitoring and Control of Financial Reporting section. This section assesses the completeness, appropriateness, functionality and reliability of the internal control system, focusing on producing financial reports and managing erroneous reporting risk.

The Monitoring and Control of Financial Reporting section works closely with the Finance, Organisation and Operations Departments, each in relation to their own activities.

Internal Audit assesses the completeness, adequacy, functionality and reliability of the management of risk of incorrect financial reporting.

As part of the management and coordination activities exercised by the Parent Company over Group Companies, the Parent Company's Accounting and Financial Reporting Office issues administrative and accounting guidance to be followed by the appropriate departments.

In view of the fact that the Group's configuration includes entities considered as significant in defining the scope of the Financial Reporting Officer's activities (the identification phase), Banca IFIS, as part of the management and administration activities it exercises over subsidiaries, requires, via the Parent Company's Financial Reporting Officer:

The quarterly issue, through the Monitoring and Control of Financial Reporting, of an appropriate control checklist to the Financial Office contacts at these entities, so that, based on these checks, the Parent Company's Financial Reporting Officer can assess the adequacy and effective application of the administrative and accounting procedures for the preparation of financial reports. The evidence produced by the Financial Office contacts at these subsidiary entities, together with the declaration they issue about the actual performance of the required checks and application of the Group's accounting policies, is obtained, assessed and stored by the Monitoring and Control of Financial Reporting unit. The checklists are reviewed quarterly, when the need arises.
The Monitoring and Control of Financial Reporting unit to carry out assessments at these entities, in conformance with what is set out in annual plans that are ratified by Banca IFIS's Board of Directors.

11.1. Head of the Risk Management and Internal Control System

The Board of Directors, appointed by the shareholders at the Ordinary Shareholders' Meeting of 22 April 2016, has confirmed the CEO as Head of the Risk Management and Internal Control System.

In his managing role, he constantly reported back to the Board of Directors on all aspects of corporate management, including verification of the overall adequacy, effectiveness and efficiency of the Risk Management and Internal Control System.

Furthermore, the CEO:

coordinated the preparation of Group Policies for the control and management of principal corporate risks and their presentation to the Board of Directors for approval on a case by case basis (compliance risk, operating risk, credit risk, interest rate risk, concentration risk, IT risk);
coordinated the presentation of updates to the document, "Group and Individual Internal Control System" to the Board of Directors;
oversaw the adaptation of this system to changes in operating conditions due to the legal and regulatory frameworks governing them.

As part of the evolution of computer systems, in July, the need arose to immediately report to the Risk Management and Internal Control Committee and the Board of Directors regarding some issues related to the need to make the new system consistent with the Bank's activities, in particular with its factoring business. In subsequent meetings, corporate bodies were regularly updated and involved in initiatives which led to the issues being managed and resolved.

11.2. Head of Internal Audit

Since mid-2006, the position of Head of Internal Audit, reporting to the Board of Directors, has been held by Ruggero Miceli. The role assigned to the Internal Audit office by the relevant regulations approved by the Board of Directors includes verification that the Risk Management and Internal Control System is always complete, adequate, fully operational and reliable.

Mr. Miceli was appointed at the Board meeting held on 4 August 2006, as Head of overseeing the functionality of the Risk Management and Internal Control System. Based on the supervisory

provisions and corporate governance rules in force at the time, no other nominations were proposed.

At the time of hiring, Mr. Miceli's remuneration package was approved by a Committee from within the Board that, at the time, had duties similar to the current Remuneration Committee. Remuneration policies for corporate officers, employees and associates of Banca IFIS Banking Group approved by the Shareholders' Meeting subsequently decided to exclude him from stock option plans, as with other managers of control functions, as established by supervisory requirements regarding organisation and corporate governance in the banking sector. The mechanism for possible variable salary components is governed within the scope of 'policies' approved by the Shareholders' Meeting and requires the opinion of the Remuneration Committee and the authority of the Board of Directors.

Internal Audit is not responsible for any operational area and is provided with resources on a case by case basis that are adequate to carry out its activities. Internal Audit's position within the organisational chart as a staff function of the Board of Directors, in addition to assuring its independence - consistent with Bank of Italy guidance and with sector best practice - facilitates the appropriate exchange of information with the Risk Management and Internal Control Committee, with the Board of Statutory Auditors and, in general, with corporate bodies and officers.

The Group's Internal Audit Regulations require the Parent Company's Internal Audit Office to define a plan of activities that, basing itself on a structured process of analysis and prioritisation of the main risks, considers the different levels of risk involved in the various activities and structures of the Parent Company and of its subsidiaries.

***

The Audit Programme Plan lists the control activities planned for the three-year period (multi-year plan) and contains a separate and detailed presentation of the activities planned for the first 12 months (annual plan). A specific section of the Audit Programme Plan is dedicated to ICT auditing activities.

Without prejudice to the coordination of and cooperation with other control functions, considering the importance of the activities programmed by second-level control functions, the Audit Programme Plan is not usually presented until the Parent Company's Risk Management, Compliance and Anti-Money Laundering control units have submitted their own programmes of activity to the corporate bodies.

The Audit Programme Plan is forwarded simultaneously to the Board of Statutory Auditors, to the Risk Management and Internal Control Committee, to the President of the Board of Directors, to the Head of the Risk Management and Internal Control System (also the CEO) as well as to the Parent Company's General Manager for subsequent review by the Board of Directors. The Programme Plan is updated any time it is deemed necessary, upon request from corporate bodies and/or when proposed by the Head of Internal Audit.

During 2017, the Head of Internal Audit:

had direct access to all information useful to perform all functions;
interacted constantly with the Risk Management and Internal Control Committee, with the Board of Statutory Auditors and with the Supervisory Body pursuant to Italian Legislative Decree no. 231/2001 (of which the Head of Internal Audit is a member) regarding, among other things, his own work;
submitted reports of all activities to the Risk Management and Internal Control Committee, to the Board of Statutory Auditors, to the President of the Board of Directors and to the

Head of the Internal Control and Risk Management System (i.e. the CEO), as well as to the General Manager;

reported on his own work to the Board of Directors providing, regarding the processes and/or areas subject to audit, adequate information on the activity carried out, as well as Internal Control System and residual risk checks, including through instructions on compliance of the plans defined to mitigate risks. The quarterly reports (tableau de bord), the Annual report and any other reports and documents on specific and important topics fall within this scope.
carried out specific activities concerning the reliability of information systems and accounting systems.

During approval of the 2017-2019 Audit Programme Plan, the Board of Directors also confirmed the decision-making autonomy of the Head of Internal Audit concerning training of Audit Office staff, purchase of publications and payment of association subscriptions, as well as assignment of further economic resources of € 100,000, that can be used independently by the Head of Internal Audit for external consultancy.

The main activities carried out by the Head of Internal Audit during the course of 2017, based on the above Programme Plan, involved, to varying degrees according to the risk level, the Parent Company (Banca IFIS S.p.A.), the Italian subsidiaries acquired with GE Capital Interbanca Group in 2016 and the foreign subsidiary (IFIS Finance Sp. z o.o.).

Checks on the Italian subsidiaries were conducted either directly or through Interbanca S.p.A.'s Internal Audit facility, over which the Parent Company's Head of Internal Audit has assumed direct responsibility. Although, in 2017, with the merger of Interbanca S.p.A. into the Parent Company, audit activities are now fully centralised.

However, audit activities carried out on the Polish subsidiary, IFIS Finance, were conducted by Internal Audit, either directly or with the cooperation of BDO Sp. z o.o.

Audit work in Group companies mainly referred to the following areas of operation: business loans, non-performing loans, online deposits, general ledger, the outsourcing of important operational functions and the management of corporate liquidity. Work was also carried out relating to the computer system and some cross-business processes not directly and uniquely relating to any one specific business area, in particular, regarding the process of managing the purchasing cycle, disputes, large exposure limits and risk activities connected to linked entities and safeguards against anti-money laundering and combating the financing of terrorism.

Besides the quarterly reports (Tableau de Bord) and the Annual report on work performed, in compliance with the requirements of Supervisory Bodies, the Head of Internal Audit also prepared specific reports concerning:

assessments regarding subsidiaries;
remuneration policies;
the ICAAP process;
governance and management of liquidity risk;
important outsourced operational functions;
compliance with the plan to integrate ex GE Capital Interbanca companies into Banca IFIS S.p.A.;
internal violation report systems (whistleblowing).

Finally, Internal Audit interacted with second level control units regarding the areas of risk they cover.

11.3. Organisational Model as per Italian Legislative Decree no. 231/2001

Banca IFIS, sensitive to the needs to ensure transparency and fairness in its business dealings, to safeguard its institutional role and image, the expectations of shareholders and those who work for and with the Bank, has deemed the implementation of the Organisational & Management Model envisaged by Italian Legislative Decree no. 231/2001 to be consistent with its corporate policies.

This initiative was also taken in the conviction that application of the Organisational Model is a sound means of informing those who work for the Bank, spurring them to act fairly and consistently when performing and conducting their activities, to prevent the risk of perpetration of the crimes referred to in Italian Legislative Decree no. 231/2001.

The Bank condemns conduct contrary to current legislative requirements and to the principles set out in the Bank's Code of Ethics. The application and effective implementation of the Model improves the Bank's Corporate Governance, limiting the risk of crimes being committed.

In preparing the Organisational Model, updated in 2017, also in connection with the review process, as part of the offences under Article 25-ter (corporate offences) of Italian Legislative Decree 231/2001, of the provisions which penalise criminal conduct related to bribery between individuals with the introduction of incitement to bribery between private parties cases into the Italian Civil Code (article 2635-bis), Banca IFIS has been guided by "Italian Banking Association Guidelines for adopting organisational models on the administrative responsibility of banks" which constitute a guideline for the interpretation and analysis of the legal and administrative implications arising from the introduction of Italian Legislative Decree 231/2001.

In preparing this Model, the company's existing and widely operated procedures and control systems have been considered, in that they are suitable to be used as crime prevention measures and controls over processes. The Model is part of a wider control system made up primarily by the Internal Control System required by the Bank of Italy and the current company's Corporate Governance rules.

The "Banca IFIS Organisational Model" is currently made up of the following organisational tools:

Internal Control System;
Company procedures;
Group Regulations;
Banca IFIS Regulations;
Code of Ethics;
Supervisory Body;
Disciplinary System;
Listed Companies' Corporate Governance Code;
Group Policy for Managing Violation Reports (Whistleblowing);
Policy regarding transactions carried out by Key Individuals and People Closely Connected with them;
Internal policies regarding control of risks and conflicts of interest in relation to associated entities;
Procedure for transactions with associated entities;
Policy for managing corporate information;
Policy for managing access to privileged information;
Policy for managing conflicts of interest in the provision of investment services;
Policy on Personal Transactions carried out by Key Individuals;
Group Policy for governing and managing the risk of non-compliance with legislation and regulatory requirements;
Group policies for managing risk of money laundering and financing of terrorism and the Anti-Money Laundering Manual;
Group Policy for the Outsourcing of Corporate Functions;
Group Policy for Managing Computer Security;
Group Internal Control System Guidelines;
Group Computer System Guidelines;
Group Accounting Manual and Financial Reporting Procedures;
System of Responsibilities;
Risk Management and Internal Control Committee;
Appointments Committee;
Remuneration Committee;
Internal Communications;
Privacy Guidelines;
Data Protection Document;
Health and Safety at Work Risk Assessment Document and Integrated Safety and Environment Manual.

The Supervisory Body's Regulations are available on the Bank's website, in the section "Corporate Governance – The Value of Ethics".

Crimes pursuant to Italian Legislative Decree no. 231/2001

At present, the rules in question refer to the following types of crime:

crimes in dealings with Public Administration;
computer crimes and unlawful processing of data;
organised crime;
counterfeiting of coins, legal tender, government stamps and identification instruments or signs;
crimes against industry and trade;
some types of corporate crimes;
crimes with terrorist intent or aiming to subvert the democratic order;
mutilation of female genitals;
crimes against the person;
market abuses;
crimes (manslaughter and negligently causing serious or grievous bodily harm) committed because of violations of occupational health and safety regulations;
receiving, laundering and use of cash, assets or other benefits of unlawful provenance, as well as self-laundering (as from 1 January 2015);
copyright breaches;
convincing people to be silent or to make false statements to court authorities;
environmental crimes;
employing illegal workers;
corruption between private individuals.

To fully observe and interpret the Organisational Model, a Supervisory Body has been set up in the Parent Company and in the subsidiary IFIS Leasing, as with Interbanca and IFIS Factoring which are now merged into Banca IFIS, while the Cap.Ital.Fin model and that supposed for IFIS NPL envisage to attribute the performance of the Supervisory Body pursuant to Legislative Decree 231/2001 by the Board of Statutory Auditors..

The Board of Directors of Banca IFIS, on the other hand, at its meeting of 22 March 2016, confirmed the choice, already expressed at its meeting of 13 November 2013, not to attribute Supervisory functions, as per Italian Legislative Decree 231/2001, to the Board of Statutory Auditors. This topic was extensively discussed at the Board Meeting of 19 January 2016, also regarding the opinion formulated by the Appointments Committee and based on the guidelines concerning the qualitative and quantitative composition of company bodies to be made available to shareholders in view of the renewal of roles. The Board decided not to propose to the Shareholders' Meeting that the role of Supervisory Body, as per Italian Legislative Decree 231/2001. In addition, with a view to the gradual improvement of the corporate structure, the possibility of adding an external member with specialist expertise to the Supervisory Body was discussed at the meeting.

The Body, following resolution of the Board of Directors appointed by the Shareholders' Meeting of 22 April 2016, is currently chaired by the external member, Mr. Andrea Martin and is composed of another three permanent members: the Directors, Giuseppe Benini and Daniele Santosuosso, and the Head of Internal Audit, Ruggero Miceli.

The Body holds office for three years and meets at least once a quarter. Meetings are regularly minuted, which are recorded in the minutes' register. The President of the Supervisory Board, or other component designated by the President on a case by case basis, reports to the Board of Directors, at the first possible meeting, on the activities carried out and, where this is the case, the activities being carried out and/or planned, as well as on any autonomous financial activity.

This Body is equipped with autonomous powers of initiative and control, pursuant to Italian Legislative Decree no. 231/2001 "Protocol for the administrative liability of legal persons, companies and associations, even without legal personality".

11.4. External Auditor

The Shareholders' Meeting of 17 April 2014 appointed EY S.p.A. to audit the Company's annual financial statement and the Group's consolidated financial statement as well as the limited auditing of Banca IFIS's half-yearly interim report, for each of the nine financial years running from 31 December 2014 until 31 December 2022.

EY S.p.A. were also assigned upon a separate agreement formalized, the auditing of financial statements of the Parent Company and Banca IFIS's subsidiaries.

11.5. Financial Reporting Officer responsible for preparing company accounts and other roles and company functions

On 12 April 2016, the Board of Directors appointed Mrs. Mariacristina Taormina as Financial Reporting Office with effect from 18 April 2016.

Pursuant to Article 19 of the Articles of Association:

the Board of Directors, pursuant to Article 154-b of Italian Legislative Decree No. 58/1998, appoint, subject to mandatory opinion from the Board of Statutory Auditors, a Financial Reporting Officer;
the Financial Reporting Officer must be in possession of the integrity requirements laid down for the election to the role of statutory auditor by Article 2 of Ministerial Decree no. 162 of 30 March 2000 and the professional requirements envisaged for election to the Board of Directors of banks incorporated as a joint-stock company by Article 1, paragraph 1 of Ministerial Decree no. 161 of 18 March 1998.

The Board of Directors gives the Financial Reporting Officer autonomous spending powers, according to the Programme Plan of activities that it intends to implement. The Financial Reporting Officer must report periodically to the Board of Directors on the exercising of their spending powers.

The Financial Reporting Officer also has the right to:

acquire from within the Bank information related to events, risk indicators or proposals for technical or organisational adjustments relating to administrative and accounting procedures;
propose modifications to the internal control system where deemed appropriate;
participate in Board meetings and those of the Board of Statutory Auditors and access the minutes of such meetings where the agenda includes the examination and/or the approval of the economic and financial data of the Bank and of the Group.

Shown below are the Heads of the other company functions who have been assigned specific tasks on risk management and internal control:

***

the position of Chief Risk Officer (CRO) is assigned to Mr. Kristian Tomasini. The Parent Company's Risk Management Department has an annual expenses budget, agreed upon with the Chief Executive Officer, according to the Programme Plan of activities presented;
the role of Head of Compliance is attributed to Mr. Francesco Peluso who is allocated an annual budget of € 25,000 that can be used for external consultancy, and it can be activated independently;
the role of Anti-Money Laundering Officer is attributed to Ms. Giovanna Bazzaro to whom a similar annual budget is allocated.

The Heads of Internal Audit, Risk Management, Compliance and Anti-Money Laundering:

must possess adequate professional expertise;
are appointed and removed by the Board of Directors, after consulting with the Board of Statutory Auditors;
have no direct responsibility for operational areas subject to audit.

The duties and responsibilities of above second level control Organisational Units are in line with the mentioned provisions for monitoring the internal control system enacted with Update no15. of Bank of Italy Circular No. 263/2006 and contained now in Part One, Heading IV of Bank of Italy Circular 285 (Update 11, 21 July 2015).

11.6. Coordination between parties involved in the Risk Management and Internal Control System

The cross-membership mechanisms and the non-excessive formation of committees, bodies and structures facilitate coordination between the subjects involved in the Risk Management and Internal Control System. During its meetings, the Risk Management and Internal Control Committee and the Board of Statutory Auditors interact frequently, subject to agreement and to discuss individual topics, with the CEO, the Financial Reporting Officer, the External Auditing Firm, the Chief Risk Officer, the Head of Compliance and the Anti-Money Laundering Officer. They also systematically interact with the Head of Internal Audit who usually takes part in the meetings.

The Supervisory Body, pursuant to Italian Legislative Decree no. 231/2001, also benefits from the same cross-membership mechanisms and similar systematic methods when interacting with other parties involved in the Risk Management and Internal Control System.

At least quarterly, normally initiated by the Head of Internal Audit, the heads of organisational units who manage control functions take part in formal meetings to discuss and exchange views on the following issues:

planning of respective major audit/control activities;
analysis of main findings from actions taken, of remedial actions either underway or requested;
status of various risk exposure levels;
sharing of the risk map, also organised by organisational unit risk takers, and the potential significance of identified risks;
sharing of reports, methods and terminology;
as well as, in a more general sense, for a useful exchange of information and to analyse potential means of collaboration.

Meetings are subject to adequate traceability and, if it pertains to specific matters to be discussed, representatives of other organisational units may be invited to participate.

As part of the Group Internal Control System, the Parent Company is responsible for the creation of a unitary system at Group level that enables the effective control of both the Group's strategic choices and the balanced management of individual components. In this context, the Parent Company will formalise and distribute the "Group Internal Management System Guidelines" to each Subsidiary.

Subsidiaries implement the "Guidelines" by adopting an internal control system that is consistent with Group strategy and policy, subject to compliance with applicable individual regulations. This consistency was brought about by the centralisation within Interbanca (now merged into the Parent Company) of compliance, anti-money laundering, internal audit and risk management functions

(the latter function only partly) for IFIS Factoring (now merged into the Parent Company) and IFIS Leasing, and conferring the roles of heads of Interbanca's control functions to the heads of similar functions in Banca IFIS

At the date of this report, IFIS Leasing's (except for credit risk and operational risk activities) and IFIS NPL's control functions are centralised within the Parent Company, while no control functions have been instituted for IFIS Rental Services and IFIS Finance, given their operational characteristics and the low level of risk they pose to the Group. However, IFIS Finance, in compliance with local legislation and regulatory requirements, has appointed a member of its Board as head of its anti-money laundering operations.

Regarding Cap.Ital.Fin., Internal Audit activities have been centralised within the Parent Company, while an organisational structure has been established that includes the risk control unit, the unit that manages the risk of non-compliance with legislation and regulatory requirements and the antimoney laundering unit, responsibility for which has been assumed by an executive currently engaged at the Parent Company, with a view to strengthening the safeguards of sound and prudent management of the intermediary.

12. Directors' interests and related-party transactions

In November 2016, the Board of Directors approved - following favourable opinion from the Board of Statutory Auditors, the Risk Management and Internal Control Committee (composed of independent directors) and the Financial Reporting Officer - an update to the "Policy on risk controls and conflicts of interest in dealings with related-parties" and the "Procedure for relatedparty transactions" (a definition which embraces, in accordance with the Bank of Italy's supervisory provisions, "related parties" and subjects who are "connected").

The Policy, which outlines the approach that the Bank follows for an effective management of risks associated with conflicts of interest in transactions with related parties and connected subjects, and the Procedure, which describes, among other things, the criteria for identifying transactions that must be approved by the Board after receiving opinion from (or involving) the Risk Management and Internal Control Committee is available on the website www.bancaifis.it (under "Corporate Governance – Corporate Documents – Group Regulations Regarding Related-Party Transactions").

The Board has adopted further appropriate operational solutions to identify and adequately manage situations in which a Director holds an interest in their own name or on behalf of a third party. These take the form of the Policy on Personal Transactions and the Policy on transactions carried out by Key Individuals and by People Closely Connected with them regarding shares, negotiable instruments and financial instruments issued by Banca IFIS.

The Policy on Personal Transactions governs trading in a financial instrument created by or on behalf of a key individual (including the members of the Board of Directors), provided that at least one of the following conditions is met:

i. the Key Individual is acting outside the scope of the activities they carry out as a Key Individual;
ii. the transaction is carried out on behalf of any of the following people:
1. the Key Individual;
1. a person related to the Key Individual up to the fourth degree or to whom they are Closely Connected;
a person whose relationship with the Key Individual is such that the Key Individual has a significant direct or indirect interest in the outcome of the transaction, other than a fee or commission for the execution of the transaction.

The Policy on transactions carried out by Key Individuals and by People Closely Connected with them regarding shares, debt instruments and financial instruments associated with them issued by Banca IFIS governs matters regarding:

the identification of Key Individuals (including members of the Board of Directors) and socalled "closely associated" people, and
the management of information regarding transactions above the Minimum Amount Threshold¹ on shares, debt instruments or Associated Instruments issued by Banca IFIS, directly or indirectly executed by a Key Individual or by a so-called "Closely Connected Person" and subject to notification requirements. They include:
o transactions covered by Article 19, paragraph 7 of EU Regulation 596/2014;
o transactions set out in Article 10 of EU Delegated Regulation 522/2016.

The Policy also governs the so-called "closure period", that is, those periods in which Key Individuals must abstain from executing transactions in shares and other debt instruments issued by Banca IFIS, as well as on financial instruments associated with them.

The Policy is available at www.bancaifis.it (under section "Corporate Governance – Internal Dealing").

13. Appointment of Statutory Auditors

The appointment of members of the Board of Statutory Auditors is regulated by Article 21 of the Articles of Association and takes place based on lists presented by shareholders on which candidates are listed in ascending order and with a number of candidates not exceeding the number of members to be elected. Each list consists of two sections: one for candidates for the office of Standing Auditor and the other for candidates for the office of Alternate Auditor.

A list can be presented by the shareholder or shareholders who, at the time of submission, own an equity interest equal to at least 1% of ordinary shares, or to another lower ownership threshold that – pursuant to current regulations – must be indicated in the notice convening the Shareholders' Meeting called to resolve the appointment of Statutory Auditors.

From the list that obtained the most votes, two standing auditors and one alternate auditor are elected based on the ascending numerical order in which they appear on the list; from the list that obtained the highest number of votes among the lists submitted and voted on by shareholders who are not connected with the majority shareholders in accordance with Article 148, paragraph 2 of

¹ Minimum Amount Threshold: the quantitative threshold beyond which transactions are subject to notification requirements. In particular, pursuant to Article 19 paragraph 8 of EU Regulation 596/2014, all transactions above a total of € 5,000.000 over a calendar year are subject to notification requirements. The total amount is calculated by totalling the Transactions executed, without set-off between purchases and sales.

Italian Legislative Decree no. 58/1998, the candidate placed first in the standing auditor section of the list will be elected; the candidate placed first in the alternate auditor section of the list will be elected.

In the case of a tie between two or more lists, the oldest candidates will be elected as Statutory Auditors.

If the selection criteria do not ensure election to the Board of at least one Standing Auditor and one Alternate Auditor belonging to the least represented gender, a sliding mechanism is applied to the selection from the list obtaining, during the Shareholders' Meeting, the highest number of votes based on the ascending order in which the candidates are indicated. Such mechanism excludes the candidate or candidates of the more represented gender and reselects the candidate or candidates of the missing gender.

Presidency of the Board of Statutory Auditors is conferred to the Standing Auditor elected from the minority list mentioned above.

Outgoing Statutory Auditors can be re-elected.

If, notwithstanding the provisions of the Articles of Association, as indicated above, only one list is presented or only one list receives votes, three Standing and two Alternate Auditors will be elected – on condition that the list in question receives the majority of the votes represented at the Shareholders' Meeting – in the order in which they are indicated for the respective office on that list. The Standing Auditor candidate indicated in first place on the list will be appointed President of the Board of Statutory Auditors.

In case of substitution of a Standing Auditor, his/her place is taken over by the Alternate Auditor belonging to the same list as the Auditor who has ceased to hold office.

If it is necessary to appoint standing and/or alternate auditors to complete the Board of Statutory Auditors following early termination of the auditors in office, the Shareholders' Meeting will proceed as follows: if auditors elected from the majority list must be replaced, the appointment of the auditor(s) takes place with majority voting, without list constraints. If it is necessary to substitute a Statutory Auditor designated by the minority, the Shareholders' Meeting will substitute him/her, with a relative majority vote, choosing the candidate from among the candidates on the list to which the Auditor to be replaced belonged, who have confirmed their candidacy at least 25 days before the date set for the Shareholders' Meeting in first call, together with statements concerning the absence of causes of ineligibility or incompatibility, as well as possession of the requirements needed to hold the office.

Lists must be submitted to the Company's registered office at least twenty-five days prior to the date set for the Shareholders' Meeting in first call and are made available to the public at the registered office, on the Company's website and according to other methods provided for by regulations in force at least twenty-one days prior to the date of the Shareholders' Meeting in first call.

Ownership of the minimum number of shares needed to present a list is determined by taking into account the shares recorded in favour of the individual shareholder or multiple joint-shareholders on the day in which lists are submitted to the Company. To substantiate the ownership of the number of shares necessary for presentation of the lists, shareholders may exhibit the relevant certification, even after the submission of the lists, provided this is within the term set for publication of the lists by the Company.

The lists must be accompanied by:

information relating to the identity of shareholders who presented the lists, stating the percentage of shares held;
a declaration by shareholders other than those who own, including jointly, a controlling or relative majority interest, certifying the absence of connections to majority shareholders as set out in Art.144-quinquies of the "Regulations implementing Italian Legislative Decree no. 58/1998 regarding Issuers' Regulations" as well as any other significant relationships;
comprehensive information on candidates' personal and professional characteristics, as well as a declaration by the candidates themselves certifying possession of the requirements established by law and acceptance of their candidacy.

Candidates who already hold Auditor positions in five other listed companies or who do not possess the integrity, professionalism and independence requirements set out in applicable regulations or that fall within the cases referred to in Article 148, para. 3 of Italian Legislative Decree no. 58/1998 may not be included in candidate lists. Please note that Italian Legislative Decree no. 72/2015 initiated a comprehensive reform of the regulations of the requirements of corporate officers, intended to integrate the objective requirements of integrity and professionalism with criteria of competence and propriety that will be incorporated in secondary legislation to be issued by the Ministry of Economy and Finance. As of the date of this report, the new legislation has not been defined by the Ministry.

Each list must indicate at least one candidate for the office of Standing Auditor and at least one candidate for the office of Alternate Auditor belonging to the least represented gender.

This requirement does not apply to lists with fewer than three candidates.

14. Composition and functioning of the Board of Statutory Auditors (as per Article123-bis, para. 2, letter d), CFA/TUF)

The membership of the Board of Statutory Auditors in office on the closing date of the 2016 financial year, as also shown in Table 3 attached to this Report, is as follows:

President: Giacomo Bugna;
Standing Auditor: Giovanna Ciriotto;
Standing Auditor: Massimo Miani;
Alternate Auditor: Guido Gasparini Berlingieri;
Alternate Auditor: Valentina Martina.

The present Board of Statutory Auditors was elected at the Ordinary Shareholders' Meeting of 22 March 2016 for the years 2016, 2017 and 2018 and will expire on the date in which the Shareholders' Meeting called to approve the Annual financial statements for the year 2018 takes place.

A list of candidates was presented by the majority shareholder "LA SCOGLIERA S.P.A." and a proposal for the appointment of the Standing Auditor Giacomo Bugna, as President of the Board of Statutory Auditors and the Alternate Auditor, Anna Maria Allievi, by "Studio Legale Trevisan & Associates" on behalf of the following group of investors (total shareholding equal to 0.38%):

Arca S.G.R., fund manager, Arca Economia Reale Equity Italia;
Eurizon Capital S.G.R. S.p.A., fund manager, Eurizon Azioni Italia and Eurizon Azioni PMI Italia;
Eurizon Capital SA, fund manager, Eurizon EasyFund-Equity Italy LTE and Eurizon EasyFund-Equity Italy;
Fideuram Asset Management (Ireland), fund manager, Fonditalia Equity Italy.

The Group of shareholders confirmed the absence of affiliations and/or significant relationships with shareholders who hold, singly or jointly, controlling or significant majority stakes as set out in Article 147-ter, 3 paragraph, CFA and 144-quinquies of the Issuer Regulations approved by resolution 11971/99 and, more generally, the Articles of Association and current legislation.

The majority shareholder, "LA SCOGLIERA S.p.A." presented to the Bank's Board of Directors a proposal regarding the allocation of fees to the Board of Statutory Auditors.

The list of candidates, the list of those elected and the percentage of votes obtained in relation to voting capital are shown below:

	List of candidates	List of those elected	Percentage of votes obtained
	For the office of Standing Auditor		97.90%
List submitted by the majority	Giovanna Ciriotto Massimo Miani	Giovanna Ciriotto Massimo Miani
shareholder 'LA SCOGLIERA S.p.A.'	For the office of Alternate Auditor
	Guido Gasparini Berlingieri Valentina Martina	Guido Gasparini Berlingieri Valentina Martina
Proposed for appointment by	For the office of Standing Auditor and President
"Studio Legale Trevisan &	Giacomo Bugna	Giacomo Bugna	97,48%
Associates" on behalf of a group of investors (total shareholding 0.38%)	For the office of Alternate Auditor
	Anna Maria Allievi

Below we summarise the personal and professional characteristics of each Auditor (pursuant to Article 144-decies of Consob's Issuers' Regulations) based on the statements provided by each of them and attached to the lists, as well as on any subsequent updates notified by those concerned.

President of the Board of Statutory Auditors – Giacomo Bugna

Mr. Bugna acquired his experience at a leading auditing firm, providing both auditing and advisory services for financial institutions.

In 1997-1998, he was responsible for introducing the certification of financial statements at the Bank of Italy. Since 2011, and until April 2014, he was a Member of the Board of the 'Fédération des Experts-comptables Européens' (Federation of European Expert Accountants), which groups together the professional associations of the 27 EU Member States

Standing Auditor – Giovanna Ciriotto

A graduate in Economics and Business from the Ca' Foscari University of Venice, since 1986 she has been a practising accountant, focusing on corporate law and corporate governance, extraordinary corporate transactions, tax & property consultancy and planning, tax litigation.

She is a partner with the accounting firm De Perini & Ciriotto, based in Venice.

She is adjunct professor in Business Management, Management Department, Ca' Foscari University of Venice.

She has held many institutional posts, including twenty years as Director of the Venice Association of Chartered Accountants and five years as Director of the Fondazione Università Ca ' Foscari.

Standing Auditor – Massimo Miani

Graduating in Economics and Business Administration from Venice's Università Cà Foscari, since 1989, Mr. Miani has been practising as a chartered accountant, specialising in corporate consulting for medium and large enterprises as senior partner of the accountancy firm Burighel & Miani Associated Accountants before, and then of the accountancy firm Fieldfisher – Associated Professional Services Integrated Studio. He has carried out and still carries out aspects of corporate governance and some extraordinary corporate transactions in leading national companies.

He held the office of Director and, later, Auditor and Supervisory Body member at Cassa di Risparmio di Venezia. He is currently Standing Auditor and Director in several medium to large companies.

Currently holds the position of President of the Consiglio Nazionale dei Dottori Commercialisti e degli Esperti Contabili [National Council of Certified Public Accountants].

Alternate Auditor – Guido Gasparini Berlingieri

Mr. Berlingieri graduated in Business Management from Venice's Cà Foscari University. Since 1991, he has been registered in the Venice Albo dei Dottori Commercialisti e degli Esperti Contabili [Register of Certified Public Accountants] and the Albo dei Revisori Contabili [Auditors' Register] since 2011, he has worked as a founding partner in "GBA Studio Legale Tributario".

He is the author of many articles published in professional tax publications and is a speaker at numerous conferences. He was Professor of Tax Law at Venice's Cà Foscari University and a member of local and national study boards.

Currently, he is a member of the Civil Committee of the Organismo Italiano Contabilità [an Italian accounting body], lecturer at the Scuola di Alta Formazione delle Tre Venezie and member of the Editorial Board of the Veneto Regional Tax Commission's Abstract Office.

Alternate Auditor – Martina Valentina

A graduate in Economics and Business from Ca' Foscari University of Venice, since 1989, Ms. Valentina has been a member of the Venice Association of Chartered Accountants.

She owns Studio Martina and is a founding partner of the firm "EKIP Studio Associato Economisti e Giuristi d'Impresa" based in Venice-Mestre.

Since 1993, she has held various public insolvency roles, acting as trustee and liquidator. She is an auditor in several companies in the Veneto region.

During 2017, the Board of Statutory Auditors met a total of 27 times at the Bank, during which it held discussions with the CEO, the General Manager, the three committees within the Board of Directors, the Supervisory Body pursuant to Italian Legislative Decree no. 231/2001, the External Auditors, the Head of Internal Audit, the Financial Reporting Officer and the other control function organisational units as well as with numerous managers and employees of the Bank. Meetings lasted, on average, about three hours.

Since the beginning of 2018, until the date of approval of this report, the Board of Statutory Auditors has met seven times, two of these was a joint meeting with the Risk Management and Internal Control Committee and one with the Supervisory Body and the Risk Management and Internal Control Committee. The Board of Statutory Auditors is likely to hold a similar number of meetings during 2018 as it did in 2017.

There have been no changes in the Board of Statutory Auditors' composition since the close of the financial year.

Following their appointment at the 22nd March 2016 meeting of the Board of Directors, the Board has provided for verification of confirmation of the integrity, professionalism and independence required from the Auditors, referred to in Article 148, paragraph 3 of Italian Legislative Decree No. 58/1998, based on Affidavits set out in Italian Presidential Decree no. 445 of 28th December 2000. The results of these first checks were made known via a press release.

In addition, the Board of Statutory Auditors periodically checks the suitability of its Members to perform the functions of the control body in terms of professionalism, availability of time and independence, as well as its adequacy in terms of powers, functioning and composition, considering the size and complexity of Banca IFIS and of its business activities. During this verification, it has been confirmed that, in each instance, the Members of the Board of Statutory Auditors continue to meet the independence requirements as per all the criteria established by the Corporate Governance Code for Directors' independence. The Board of Statutory Auditors, at its Meeting of 18th January 2018, confirmed that its members continue to meet the independence requirements as set out by the Corporate Governance Code and Article 148, paragraph 3 of CFA/TUF. In carrying out this evaluation, the Board of Statutory Auditors applied all the criteria set out by the Code.

In 2017 the Board of Statutory Auditors participated in training sessions set out above, provided to Directors by Parente & Partners.

The remuneration of statutory auditors is commensurate with the effort involved, the importance of the role played and the size and activity of the business.

Consistent with the provisions of the Corporate Governance Code and pursuant to the provisions of Article 136, para. 1 of CBA/TUB ("Obligations of banking officers"), if a Statutory Auditor either directly or on behalf of third parties has an interest in a certain transaction carried out by the Issuer, he/she must inform the other Statutory Auditors and the President of the Board promptly and exhaustively about the nature, terms, origin and extent of his/her interest. The Statutory Auditors also fall within the scope of the 'Procedure for related-party transactions' discussed in Section 12.

As part of the coordination with the other stakeholders of the Risk Management and Internal Control System, the Board of Statutory Auditors primarily held discussions, as envisaged by the Corporate Governance Code, with Internal Audit, whose Head normally attends the Board of Statutory Auditors' meetings, and with the Risk Management and Internal Control Committee, as well as with the Appointments and Remuneration Committees whose meetings are normally attended by the President of the Board of Statutory Auditors.

During 2017, six joint meetings of the Board of Statutory Auditors and the Risk Management and Internal Control Committee were held.

Table 4, to comply with the requirements of Bank of Italy Circular No. 285/2013 (Section VII, Chapter 1, Heading IV, Part 1) shows the number and type of positions held by the members of Banca IFIS's Board of Statutory Auditors at the time of submission of this report, based on information provided by them.

Diversity policies

The aims of the self-assessment process that the Board of Statutory Auditors undergoes annually include that of checking the correct and effective functioning of the Body and its suitability in terms of quality, skills and professionalism.

The judgment attributed to quality, in terms of average age and gender, is good, also thanks to the statutory provision according to which at least one statutory auditor and one alternate auditor must be from the less represented gender.

Self-assessment has also highlighted the suitability of professional skills and characteristics, as well as noting that the spread and diversification of skills are in line with the complexity and work carried out by the Bank.

The diversification of skills and professionalism enables Auditors to make an adequate contribution to the Board of Statutory Auditors' activities and guarantees a plurality of approaches and perspectives to problem analysis and to taking decisions to act.

In this sense, the diversification of skills within the Board is believed to be substantially adequate in relation to the Board's main activities, which include:

internal control system;
the organisational and accounting structures;
the regulation of conflicts of interest;
the systems and procedures for the Bank's activities and operations.

During checks on whether Directors and Auditors possess the professionalism, honourability and independence required of Directors and Auditors, the diversification of professionalism has been noted, subject to the obligation for individuals who perform control functions to be entered in the Registry of Accounting Auditors (Article 3 of Italian Ministerial Decree 161/98);

In any case, the Bank, aware of the need for members of Management and Control Bodies to have the technical skills to enable them to properly fulfil their role, involved members of the Board of Statutory Auditors in the training sessions dedicated to the Board of Directors, as mentioned above.

As a result, the Bank does not consider it necessary to adopt additional specific diversity policies relating to diversity of the composition of the supervisory body.

15. Relations with shareholders

The Bank has created some easily identifiable and accessible sections on its website, which make available information of importance to shareholders to enable them to exercise their rights in an informed manner. The following sections contain information of interest: "Corporate Governance" > "Shareholders' Meetings", "Institutional Investor Relations" and "Private Investor Relations".

With its resolution of 19th January 2012, the Board of Directors appointed the Head of Marketing, Communications and Investor Relations, Ms. Mara Di Giorgio, as Investor Relations Manager. The Investor Relations Department reports to the CEO.

Since 2010, for annual operating budget purposes, Banca IFIS has also had an interactive website, to make economic and financial documentation available to the public. Banca IFIS also shares its main performance indicators via its social media channels, on release of yearly and quarterly results.

16. Shareholders' Meetings (as per Article 123-bis, para. 2, letter c), CFA/TUF)

The duties of the Shareholders' Meeting are like those found in most listed Italian banks. Specifically, the Shareholders' Meeting:

approves the annual report;
appoints (applying the slate vote mechanism) and revokes membership of the Board of Directors, and establishes their remuneration;
appoints (applying the slate vote mechanism) and revokes membership and presidency of the Board of Statutory Auditors, and establishes their remuneration;
resolves on remuneration policies for directors, employees and contractors and receives reports on the same;
resolves on remuneration plans based on financial instruments;
resolves on transactions that involve amendments to the Articles of Association;
resolves on other matters reserved for it by the Articles of Association or by law.

Shareholders' Meetings may also be held outside the Company's registered office, provided the venue is in Italian territory. The Shareholders' Meeting is held at least once a year, within 120 days of the end of the Company's financial year.

Shareholder's Meetings may be attended by holders of voting rights whose legitimacy the Company has had confirmed via authorised intermediary before the end of the third day of open trading preceding the date set for the Shareholders' Meeting in first call. The communication is made based on the evidence at the end of the seventh accounting day of open trading before the day set for the Shareholders' Meeting in first call.

The above is without prejudice to legitimate attendance and the exercising of the right to vote if such communication is received by the Company after the above deadline, providing this is before the start of the Shareholders' Meeting in single call.

Those who are entitled to vote may be represented at the Shareholders' Meeting, pursuant to the law, by means of written proxy or proxy granted by electronic means.

Electronic notification of proxy may be made using the special form available on the Company website.

The Company designates for each Shareholders' Meeting, as indicated in the convening notice, one or more individuals to whom the holders of voting rights can grant, following the methods established by applicable normative provisions, a proxy with voting instructions on all or some of the proposals on the agenda. The Proxy has effect only with regards to the proposals for which voting instructions have been provided.

With regards to the majorities for the validity of resolutions and the drafting of the minutes, reference is made to legal provisions, to applicable regulations, to the Articles of Association and to the Shareholders' Meeting Regulations.

Only shareholders who, singly or jointly, own at least 1% of ordinary shares at the time of submission have the right to submit lists to appoint members of the Board of Directors. A lower ownership threshold is possible – as per current legislation – and must be indicated in the meeting notice convening the Shareholders' Meeting called to vote on appointing members to the Board of Directors. A shareholder can neither submit nor vote for more than one list, not even via agents or fiduciary companies. Shareholders belonging to the same group and shareholders forming part of a shareholder agreement concerning the Company's shares cannot submit or vote for more than one list, not even via agents or fiduciary companies. A candidate may only appear on one list or they are considered ineligible. One Director must be taken from a list different from the one receiving the most votes. In the event of the latter's cessation from office during the mandate, the Board will first check the continued availability of the candidates appearing on the list concerned, according to its ascending order, and will then co-opt based on this criterion of preference.

The 'Shareholders' Meeting Regulations', the current version of which was approved by the Shareholders' Meeting on 30 April 2013, governs the way meetings are held and function.

***

The "Regulations", which specify the maximum duration of individual contributions by attendees, their order, the voting procedure, the contributions of Directors and Statutory Auditors, as well as the powers to settle and prevent the occurrence of conflict during Shareholders' Meetings, is available on the internet site, www.bancaifis.it, in the section, 'Shareholders' Meetings'.

As per the Shareholders' Meeting Regulations, the President of the Meeting, also drawing on the assistance of Company personnel, checks: that proxies are correct, the right of attendees to take part in the Meeting and the Meeting's proper constitution.

All those who attend have the right to speak on each of the topics discussed. Those with rights may ask questions on the items on the agenda before the Meeting takes place, within the terms set out by the regulations in force and indicated in the notice to convene. Questions received before

the deadline indicated in the notice will be answered, at the latest, during the Meeting. A single answer may be given to questions with the same content. Those who intend to speak must ask the President, by written request containing an indication of the topic to which the question refers, after the President has read out the agenda items and up until the President declares discussion of the related topic closed. As a rule, the President gives permission to speak according to the chronological order in which requests are submitted. If two or more requests are submitted simultaneously, the President gives permission to speak according to the alphabetical order of the requesters' surnames. The President can authorise the submission of requests to speak by a show of hands. In such case, the President gives permission to speak according to the alphabetical order of requesters' surnames. Members of the Board of Directors, the Board of Statutory Auditors and the Bank's Senior Management, or Senior Management of other Group companies, as well as the representatives of the External Auditors and Company and Group personnel may all ask to join the discussion when the President deems it useful in connection with the topic to be discussed.

Only two members of the Board of Directors were absent from the Ordinary Shareholders' Meeting held on 21th April 2017. Therefore 7 directors attended the meeting. All members of the Board of Statutory Auditors were also present.

***

During the Shareholders' Meetings, the CEO, on behalf of the Board of Directors, makes himself available to report on the activity performed and planned by the Board, while observing the rules for privileged information. The Board, through reports made available to shareholders under the terms established by CFA/TUF and through ongoing fine-tuning of the organisation of institutional communication via the website, is committed to ensuring that shareholders receive sufficient information on the items necessary to enable them to take informed decisions on the resolutions proposed at Shareholders' Meetings.

During the Ordinary Shareholders' Meeting of 21th April 2017, Francesca Maderna (President) and the Director, Riccardo Preve, were present from the Remuneration Committee. Shareholders were informed of the methods used in performing the Committee's functions as part of the Remuneration Report as per Article123-ter of CFA/TUF.

***

During the financial year, no changes occurred in Banca IFIS S.p.A.'s control structure.

The market capitalisation of shares recorded the following values at the beginning and end of the period:

***

Date:	Share price (€)	No. of shares forming share capital	Capitalisation (€)
30 December 2016	26.00	53,811,095.00	1,399,088,470.00
29 December 2017	40.77	53,811,095.00	2,193,878,343.15

The capitalisation trend reflects the changes observed in the trends of Banca IFIS securities and such changes are directly due to the results achieved and the outlook of the company. There were no resulting assessments on the prerogatives intended to protect minorities, which the President of

the Board of Statutory Auditors and a director may express and that exercise social rights based on the large amount of information made available to investors and market operators.

17. Further corporate governance practices (as per Article 123-bis, para. 2, letter a), CFA/TUF)

No further committees have been appointed other than those described in the previous sections. Adoption of the Organisational Model pursuant to Italian Legislative Decree no. 231/2001 is discussed in the third paragraph of Section 11.

The Bank developed an internal system of reporting by employees of any irregularities or infringements of relevant legislation and internal procedures (known as whistleblowing systems), which guarantees a specific and confidential information channel and the anonymity of the complainant. This system is also accessible from the "Corporate Governance" > "The Value of Ethics" section of the Banca IFIS website.

18. Changes since the end of the financial year

As already mentioned, the process to acquire Cap.Ital.Fin. S.p.A. concluded on 2 nd February 2018. On 3rd January 2018 the binding agreements for the acquisition of a controlling interest in Credifarma S.p.A. were also signed with Federfarma, Unicredit and BNL - Gruppo Paribas.

At least, on 8 th February 2018, the Board of Directors began the process to merge La Scogliera S.p.A. into Banca IFIS S.p.A. This operation is subject to the approval of the competent Regulatory Authority.

19. Considerations on the letter of 13 December 2017 from the President of the Corporate Governance Committee

The recommendations formulated in the letter were submitted to the Board of Directors on 6 March 2018, upon the approval of this Report.

As part of the self-assessment process, the Board carried out preliminary discussion on the consideration regarding the main areas of improvement identified for 2017 by the Corporate Governance Committee, the contents of which are summarised below.

Areas of improvement identified for 2017	Considerations
Opportunity to ensure full transparency on the timely manner, completeness and usability of the pre-Board meeting information, providing prompt guidance on the effective compliance with the terms identified as suitable for sending the documentation.	Following the 2017 self-assessment process, the availability of documentation regarding agenda items was assessed as adequate, although it highlighted the need to rationalise the amount of documentation to ensure greater usability.
Opportunities to assign, in remuneration policies, greater weight to long-term variable components and to introduce claw-back clauses and to define criteria and procedures	Please refer to the Remuneration Report 123-ter published in compliance with Article of the CFA.

for allocating any termination indemnities.
Establish an Appointments Committee and ensure its functions are clearly distinguished in case it is merged with the Remuneration Committee.	By resolution dated 18 December 2014, Banca IFIS's Board set up an Appointments Committee separate from the Remuneration Committee and approved its regulation.
Formulate succession plans for Executive Directors and give greater transparency to the plans adopted.	Please refer to the relevant paragraph in this Report.
Strengthen independence assessments by providing adequate explanations in the event of systematic disregard, that is, ensuring the criteria set out in the Code is applied to each case.	All criteria provided for by the Code have been applied when assessing the independence requirement.
Provide structured board review procedures and also include the effectiveness of its operations in assessments, considering the Board's contribution to defining strategic plans and monitoring management performance and the suitability of internal control and risk management systems.	The Regulation on the Bodies' self-assessment process and the related Methodological Note were approved by the Board of Directors on 18 December 2014. The Board, through the questionnaire adopted, is required to annually assess its strategic involvement in defining risk appetite and the suitability of risk trend information.

Tables

TABLE 1: STRUCTURE OF THE BOARD OF DIRECTORS AND ITS COMMITTEES

		Board of Directors												Risk Mgt & Int. Ctrl C'ttee		Appointm ents Committe e		Remun. C'ttee
Appointment	Members	Year of birth	Date first nom.*	In post since	In post till	List (Maj/min) **	Exec	Non Exec.	Indep. per Code	Indep. per CFA	Number of other posts ***	(*)	(**)	(*)	(**)	(*)	(**)	(*)
President	Furstenberg Sebastien Egon	1950	05/08/1983	2016	2018	M		X			-	18/21
Vice President	Csillaghy de Pacser Alessandro	1966	09/05/1995°	2016	2018	M	X				-	21/21
CEO	Bossi Giovanni	1960	09/05/1995	2016	2018	M	X				-	21/21
Director (LEAD)	Benini Giuseppe	1954	30/04/2013	2016	2018	M		X	X	X	-	21/21	P	25/25	M	3/3
Director	Maderna Francesca	1963	29/04/2010	2016	2018	M		X	X	X	-	18/21	M	24/25			P	8/8
Director	Malinconico Antonella	1968	22/03/2016	2016	2018	M		X	X	X		21/21	M	25/25
Director	Preve Riccardo	1951	10/10/2005	2016	2018	M		X			-	21/21			M	3/3	M	8/8
Director	Salamon Marina	1958	10/10/2005	2016	2018	M		X			2	19/21
Director	Santosuosso Daniele	1964	30/04/2013	2016	2018	m		X	X	X	2	21/21	M	24/25	P	3/3	M	8/8
					DIRECTORS	WHO	LEFT	DURING THE	YEAR	2017
-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
											Quorum required for the presentation of lists during last appointment: 1%

No. of meetings held during the year in question:	BoD: 21	RM&IC: 25	AppCttee: 3	RemCttee: 8
---------------------------------------------------	---------	-----------	-------------	-------------

NOTES

* Date of first appointment means the date in which the Director was appointed to the Bank's Board of Directors for the very first time;

** This column indicates the list from which each director was taken ("M": majority list; "m": minority list; "CdA": the list submitted by the Board of Directors).

*** This column shows the number of posts held by the Director or Statutory Auditor in other companies listed on regulated markets, including foreign markets, in financial companies, banks, insurance companies or very large companies. Table 2 shows the tasks in full.

(*). This column lists the attendance record at meetings of the Board and the Board's Committees, respectively.

(**).This column shows the role of the Director in the Committee: "P": president; "M": member.

°Mr. Alessandro Csillaghy de Pacser has been Vice President of the Bank since 1996.

TABLE 2: POSITIONS HELD BY MEMBERS OF THE BOARD OF DIRECTORS IN OTHER COMPANIES

POSITIONS HELD BY THE MEMBERS OF THE BOARD OF DIRECTORS IN OTHER COMPANIES
					POSITIONS IN LARGE COMPANIES FOR THE PURPOSES OF THE REGULATIONS ON THE MAXIMUM NUMBER OF POSITIONS	POSITIONS IN SMALLER COMPANIES FOR THE PURPOSES OF THE REGULATION ON THE MAXIMUM NUMBER OF OFFICES		TO TA L
		POSITIONS IN THE BANKING GROUP		Companies listed on regulated markets, including foreign markets					Financial, banking, insurance companies		Companies of significant size
		Exec	Non-Ex	Exec	Non-Ex	Exec	Non-Ex	Exec	Non-Ex	Exec	Non-Ex
Fürstenberg Sebastien Egon		-	-	-	-	-	-	-	-	-	2	2
Csillaghy de Pacser Alessandro		-	1	-	-	-	-	-	-	2	-	3
Bossi Giovanni		-	-	-	-	-	-	-	-	1	-	1
Benini Giuseppe		-	-	-	-	-	-	-	-	-	20	20
Maderna Francesca		-	-	-	-	-	-	-	-	1	1	2
Malinconico Antonella		-	-	-	-	-	-	-	-	-	-	0
Preve Riccardo		-	-	-	-	-	-	-	-	4	-	4
Salamon Marina		-	-	-	-	-	-	-	2*	7	6	15
Santosuosso Daniele		-	-	-	1	-	-	-	1**	-	2	4
OTHER CORPORATE OFFICERS
Staccione Alberto		-	1	-	-	-	-	-	-	-	1	2
			* Illy Caffè S.p.A., Morellato S.p.A.
	** Lottomatica Holding S.r.l.

Exec: Executive; Non – Ex: Non-Executive

TABLE 3: STRUCTURE OF THE BOARD OF STATUTORY AUDITORS

	Board of Statutory Auditors
Appointment	Members	Year of birth	Date first appointed *	In post since	In post till	List **	Indep. per Code	***	Numbe r of other posts held****
President	Giacomo Bugna	1953	30/04/2013	2016	2018	m	X	27/27	2
Standing Auditor	Massimo Miani	1961	22/03/2016	2016	2018	M	X	22/27	7
Standing Auditor	Giovanna Ciriotto	1961	30/04/2013	2016	2018	M	X	27/27	5
Alternate Auditor	Valentina Martina	1959	22/03/2016	2016	2018	M	X	-	N/D
Alternate Auditor	Guido Gasparini Berlingieri	1965	22/03/2016	2016	2018	M	X	-	N/D
------------------STATUTORY AUDITORS WHO LEFT DURING THE YEAR 2017------------------
-	-	-	-	-	-	-	-	-	-
No. of meetings held during the year in question: 27 meetings
Quorum required for minority shareholder to present lists for the election of one or more members (as per Article 148 TUF): 1%

NOTES

* Date of first appointment means the date in which the Auditor was nominated to the Bank's Board of Statutory Auditors for the very first time;

** This column indicates the list from which each auditor was taken ("M": majority list; "m": minority list)

*** This column lists the participation of auditors at meetings of the Board of Statutory Auditors.

**** This column shows the number of posts held by the Director or Statutory Auditor as per Art. 148-b CFA. This list of posts is published by Consob on its internet site as per Article 144-quinquiesdecies of Consob's Issuers' Regulations. Those Directors or Statutory Auditors with a controlling role in only one company are excluded from this disclosure obligation.

TABLE 4: POSITIONS HELD BY THE MEMBERS OF THE BOARD OF STATUTORY AUDITORS IN OTHER COMPANIES

	POSITIONS HELD	STATUTORY AUDITORS	IN
	Management Book V, Heading	and control in companies V, Chapters V, Code	Other	TO TA
	Banking	group	Other			L
	Exec	Non-Ex	Exec	Non-Ex	Exec	Non-Ex
Giacomo Bugna	-	2	-	-	-	-	2
Massimo Miani	-	-	- 7		1		8
Giovanna Ciriotto	-	1	-	4	-	-	5

Exec: Executive; Non – Ex: Non-Executive

AI Terminal

Banca Ifis

4153_cgr_2018-03-20_e275235a-b561-4df5-a4bf-bb211753f156.pdf

REPORT ONCORPORATEGOVERNANCE ANDOWNERSHIPSTRUCTURES

Contents

Glossary

1. Issuer profile

Governance

Mission

Corporate social responsibility

2. Information on the shareholding structure (as per Article 123-bis, para. 1, CFA/TUF)

b) Restrictions on the transfer of shares (as per Article 123-bis, para. 1, letter b), CFA/TUF)

c) Significant shareholdings (as per Article 123-bis, para. 1, letter c), CFA/TUF)

d) Shares granting special rights (as per Article 123-bis, para. 1, letter d), CFA/TUF)

e) Employee shareholdings: mechanism for exercising voting rights (as per Art. 123-bis, para. 1, letter e), CFA/TUF)

f) Restrictions on voting rights (as per Article 123-bis, para. 1, letter f), CFA/TUF)

g) Shareholder agreements (as per Art. 123-bis, para. 1, letter g), CFA/TUF)

h) Change-of-control clauses (as per Article 123-bis, para. 1, letter h), CFA/TUF) and statutory provisions on takeover bids (as per Articles 104, para. 1-ter, and 104-bis, para. 1)

i) Delegations of power to increase share capital and authorizations to buy treasury shares (as per Article 123-bis, para. 1, letter m), CFA/TUF)

l) Management and coordination activity (as per Article 2497 et seq, Italian Civil Code)

3. Compliance (as per Art.123-bis, para. 2, letter a), CFA/TUF)

4. Board of Directors

4.1. Appointment and substitution (as per Article 123-bis, para. 1, letter l), CFA/TUF)

Succession Plans

4.2. Composition (as per Article 123-bis, para. 2, letter d), CFA/TUF)

Diversity policies

President of the Board of Directors – Sebastien Egon Fürstenberg

Vice President – Alessandro Csillaghy de Pacser

Chief Executive Officer – Giovanni Bossi

Director – Giuseppe Benini

Director – Francesca Maderna

Director – Antonella Malinconico

Director – Riccardo Preve

Director – Marina Salamon

Director – Daniele Santosuosso

Maximum number of offices held in other companies

Induction Programme

4.3. Role of the Board of Directors (as per Article 123-bis, para. 2, letter d), CFA/TUF)

4.4. Delegated Bodies and Officers

CEOs

President

Reporting to the Board

4.5. Other Executive Directors

4.6. Independent Directors

4.7. Lead Independent Director

5. Processing of corporate information

5.1 Adopted definitions

5.2 Internal management and external communication of Privileged Information, Delayed Privileged Information and Systemically Important Privileged Information.

5.3 Internal management and external communication of Obligatory Information (other than Privileged Information)

5.4 Meetings with the financial community

6. Internal Board Committees (as per Article 123-bis, para. 2, letter d), CFA/TUF)

7. Appointments Committee

Composition and role of the Appointments Committee (as per Article 123-bis, para. 2, letter d) CFA/TUF)

Duties of the Appointments Committee

8. Remuneration Committee

9. Directors' Remuneration

10. Risk Management and Internal Control Committee

Composition and role of the Risk Management and Internal Control Committee (ex. Art 123-bis, para. 2, letter d) CFA/TUF)

Duties of the Risk Management and Internal Control Committee

11. Risk Management and Internal Control System

a) Key characteristics of the risk management and internal control systems in relation to the financial reporting process

a.1. Introduction

a.2. Description of key characteristics of present risk management and internal control systems in relation to the financial reporting process (the "System")

a.2.1 Phases of the risk management process regarding erroneous financial reporting

a.2.2 Roles and functions involved

11.1. Head of the Risk Management and Internal Control System

11.2. Head of Internal Audit

11.3. Organisational Model as per Italian Legislative Decree no. 231/2001

Crimes pursuant to Italian Legislative Decree no. 231/2001

11.4. External Auditor

11.5. Financial Reporting Officer responsible for preparing company accounts and other roles and company functions

11.6. Coordination between parties involved in the Risk Management and Internal Control System

12. Directors' interests and related-party transactions

13. Appointment of Statutory Auditors

14. Composition and functioning of the Board of Statutory Auditors (as per Article123-bis, para. 2, letter d), CFA/TUF)

President of the Board of Statutory Auditors – Giacomo Bugna

Standing Auditor – Giovanna Ciriotto

Standing Auditor – Massimo Miani

Alternate Auditor – Guido Gasparini Berlingieri

Alternate Auditor – Martina Valentina