REPORT ON CORPORATE GOVERNANCE AND THE OWNERSHIP STRUCTURES

pursuant to Article 123-bis of the TUF traditional administration and control model

Issuer: Generalfinance S.p.A. Website: www.generalfinance.it Reference year: 2024 Date of approval of the Report: 28 February 2025

[Page intentionally left blank]

		GLOSSARY 7
1.		PROFILE OF THE ISSUER 9
		DESCRIPTION OF THE ISSUER'S ACTIVITIES 9
		GOVERNANCE MODEL ADOPTED BY THE ISSUER 9
		SUSTAINABILITY POLICIES 10
		STATEMENT ON THE NATURE OF SME OF THE ISSUER 11
		"LARGE COMPANY" AND "CONCENTRATED OWNERSHIP" COMPANY QUALIFICATION PURSUANT TO THE CODE 11
		MAIN DATA OF THE ISSUER 11
2.		INFORMATION ON THE OWNERSHIP STRUCTURES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1 OF
		THE TUF) AS AT 31 DECEMBER 2022 13
	A)	SHARE CAPITAL STRUCTURE (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER A), OF THE TUF) 13
	B)	RESTRICTIONS ON THE TRANSFER OF SECURITIES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER B), OF THE TUF) 15
	C)	SIGNIFICANT EQUITY INVESTMENTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER C), OF THE TUF) 15
	D)	SECURITIES THAT GRANT SPECIAL RIGHTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER D), OF THE TUF) 15
	E)	EMPLOYEE SHAREHOLDING: MECHANISM FOR EXERCISING VOTING RIGHTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1,
		LETTER E), OF THE TUF) 16
	F)	RESTRICTIONS ON VOTING RIGHTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER F), OF THE TUF) 16
	G)	AGREEMENTS BETWEEN SHAREHOLDERS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER G), OF THE TUF) 16
	H)	CHANGE OF CONTROL CLAUSES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER H), OF THE TUF) AND PROVISIONS
		OF THE ARTICLES OF ASSOCIATION REGARDING TAKEOVER BIDS (PURSUANT TO ARTICLES 104, PARAGRAPH 1-TER, AND 104-BIS,
		PARAGRAPH 1) 16
		Change of control clauses 16
		Provisions of the Articles of Association on takeover bids 17
	I)	POWERS TO INCREASE THE SHARE CAPITAL AND AUTHORISATIONS TO PURCHASE TREASURY SHARES (PURSUANT TO ARTICLE
		123-BIS, PARAGRAPH 1, LETTER M), OF THE TUF) 17
		Powers to increase the share capital 17
		Authorisation to purchase treasury shares 18
	L)	MANAGEMENT AND COORDINATION ACTIVITIES (PURSUANT TO ARTICLE 2497 ET SEQ. OF THE ITALIAN CIVIL CODE) 18
3.		COMPLIANCE WITH THE CORPORATE GOVERNANCE CODE (PURSUANT TO ARTICLE 123-BIS,
		PARAGRAPH 2, LETTER A), FIRST PART, OF THE TUF) 20
4.		BOARD OF DIRECTORS 21

	4.1	ROLE OF THE BOARD OF DIRECTORS 21
	4.2.	APPOINTMENT AND REPLACEMENT (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER L), OF THE TUF) 23
	4.3	COMPOSITION (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTERS D) AND D-BIS), OF THE TUF) 26
		Professional profile of the Directors in office 27
		Verification of the requirements of integrity, professionalism and independence, as well as the absence of
		causes of ineligibility or forfeiture of directors also pursuant to Italian Ministerial Decree 169/2020, as well
		as compliance with the rules on the interlocking ban. 30
		Diversity criteria and policies in the composition of the Board and in the company organisation 31
		Maximum number of offices held in other companies 32
		Induction Program 32
	4.4	FUNCTIONING OF THE BOARD OF DIRECTORS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER D), OF THE TUF)
		33

4.5	ROLE OF THE CHAIRPERSON OF THE BOARD OF DIRECTORS 36
	Secretary of the Board 37
4.6	EXECUTIVE DIRECTORS 38
	Chief Executive Officer 38
	Disclosure to the Board by the directors/delegated bodies 38
	Other executive directors 38
4.7	INDEPENDENT DIRECTORS AND LEAD INDEPENDENT DIRECTOR 39
	Independent Directors 39
	Lead Independent Director 40
5.	MANAGEMENT OF CORPORATE INFORMATION 41
6. TUF)	INTERNAL BOARD COMMITTEES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER D), OF THE 43
	ADDITIONAL COMMITTEES 43
7.	SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS –APPOINTMENTS AND REMUNERATION
	COMMITTEE, IN THE ROLE OF APPOINTMENTS COMMITTEE 45
7.1	SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS 45
	Self-assessment of the Board of Directors 45
	Succession of Executive Directors 46
7.2	APPOINTMENTS AND REMUNERATION COMMITTEE 46
	Composition and functioning of the Appointments and Remuneration Committee (pursuant to Article 123-
	bis, paragraph 2, letter d), of the TUF) 46
	Functions of the Appointments and Remuneration Committee with regard to appointments 48

8.	REMUNERATION OF DIRECTORS – APPOINTMENTS AND REMUNERATION COMMITTEE, IN THE
	FUNCTION OF REMUNERATION COMMITTEE 49
8.1	REMUNERATION OF DIRECTORS 49
	Remuneration Policy 49
	Share-based remuneration plans 49
	Directors' indemnity in the event of resignation, dismissal or termination of employment following a
	takeover bid (pursuant to Article 123-bis, paragraph 1, letter i), of the TUF) 50
8.2.	APPOINTMENTS AND REMUNERATION COMMITTEE 50
9.	INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - CONTROL RISK AND SUSTAINABILITY
	COMMITTEE 52
9.1	FOREWORD 52
9.2	PHASES OF THE EXISTING RISK MANAGEMENT AND INTERNAL CONTROL SYSTEM IN RELATION TO THE FINANCIAL REPORTING
	PROCESS 52
9.3	ROLES AND FUNCTIONS INVOLVED 55
9.4.	THE INDIVIDUAL CORPORATE CONTROL FUNCTIONS 56
9.4.1	ANTI-MONEY LAUNDERING FUNCTION 56
	9.4.2. COMPLIANCE FUNCTION 58
9.4.3	RISK MANAGEMENT FUNCTION 59
9.4.4	INTERNAL AUDIT FUNCTION 60
9.5	CONTROL, RISK AND SUSTAINABILITY COMMITTEE 60
9.6	ORGANISATION, MANAGEMENT AND CONTROL MODEL PURSUANT TO ITALIAN LEGISLATIVE DECREE NO. 231/2001 ON THE ADMINISTRATIVE LIABILITY OF COMPANIES AND ENTITIES 61

9.6.1	SUPERVISORY BODY 62
9.7	"WHISTLEBLOWING" REGULATIONS, ITALIAN LEGISLATIVE DECREE NO. 24 OF 10 MARCH 2023, CONTAINING:
	"IMPLEMENTATION OF DIRECTIVE (EU) NO. 2019/1937 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL OF 23 OCTOBER
	2019 ON THE PROTECTION OF PERSONS WHO REPORT BREACHES OF UNION LAW AND LAYING DOWN PROVISIONS CONCERNING THE
	PROTECTION OF PERSONS WHO REPORT BREACHES OF NATIONAL REGULATORY PROVISIONS". 63
9.8	ASSESSMENT OF ADEQUACY OF THE MANAGEMENT CONTROL SYSTEM 63
9.9	CHIEF EXECUTIVE OFFICER 63
9.10.	CONTROL, RISK AND SUSTAINABILITY COMMITTEE: 64
9.10.1	COMPOSITION AND FUNCTIONING OF THE CONTROL, RISK AND SUSTAINABILITY COMMITTEE 64
9.11	HEAD OF THE INTERNAL AUDIT FUNCTION 68
9.12	INDEPENDENT AUDITORS 68
9.13	FINANCIAL REPORTING MANAGER AND OTHER CORPORATE ROLES AND FUNCTIONS 69
9.14	COORDINATION BETWEEN THE PARTIES INVOLVED IN THE INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM 70
10.	DIRECTORS' INTERESTS AND TRANSACTIONS WITH RELATED PARTIES 72
11.	BOARD OF STATUTORY AUDITORS 75

11.1	APPOINTMENT AND REPLACEMENT 75
11.2	COMPOSITION AND OPERATION (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTERS D) AND D-BIS), OF THE TUF)77
	Independence and professionalism 79
	Diversity criteria and policies 79
	Remuneration 80
	Interest management 80
11.3	ROLE 80
12.	RELATIONS WITH SHAREHOLDERS AND OTHER RELEVANT STAKEHOLDERS 82
12.1	ACCESS TO INFORMATION 82
12.2	REFERENCES OF THE INVESTOR RELATOR 82
12.3	DIALOGUE WITH SHAREHOLDERS AND OTHER RELEVANT STAKEHOLDERS 82
12.4	INFORMATION CONTACT PERSON 83
13.	SHAREHOLDERS' MEETINGS 84
13.1
	SHAREHOLDERS' MEETINGS FOR THE FINANCIAL YEAR 86

14.	ADDITIONAL CORPORATE GOVERNANCE PRACTICES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER A), SECOND PART, OF THE TUF) 88
15.	CHANGES AFTER THE END OF THE REFERENCE FINANCIAL YEAR 89
16.	CONSIDERATIONS ON THE LETTER FROM THE CHAIRPERSON OF THE CORPORATE GOVERNANCE
	COMMITTEE 90
	TABLE rmation on the ownership structure as at 31/12/2024 91
	TABLE 2 Structure of the board of directors at the year-end date 93

	TABLE 3 Structure of the board committees at the year-end date 95
	TABLE 4 Structure of the board of statutory auditors at the year-end date 96
	ANNEX 1 Main characteristics of the existing risk management and internal control systems in relation to the financial reporting process 98

ANNEX 2 Recommendations contained in the letters of the chairperson of the corporate governance

committee sent to issuers starting from 2020 120
ANNEX 3 List of offices held by representatives of the issuer in listed or large companies 1322
ANNEX 4 Powers granted to the chief executive officer 1333

Glossary

In addition to the definitions contained in other Sections, the terms and expressions with initial capital letters used in this Report have the meaning attributed to them below:

Shareholders' Meeting: means the Shareholders' Meeting of the Issuer.

Code/CG Code/Corporate Governance Code: means the Corporate Governance Code for listed companies, adopted by the Corporate Governance Committee in January 2020.

Italian Civil Code: the Italian Civil Code.

Committee/CG Committee/Corporate Governance Committee: the Italian Committee for Corporate Governance of listed companies, promoted not only by Borsa Italiana S.p.A., but also by ABI, Ania, Assogestioni, Assonime and Confindustria.

Board/BoD: the Issuer's Board of Directors.

Trading Start Date: means 29 June 2022.

Issuer/Generalfinance/Company: the issuer of securities to which the Report refers.

Financial year: the financial year to which the Report refers.

ESRS: the sustainability reporting principles defined in the Commission Delegated Regulation (EU) 2023/2772 of 31 July 2023.

CONSOB Issuers' Regulation/IR: the Regulation issued by CONSOB with Resolution no. 11971 of 1999 (as subsequently amended) on issuers.

CONSOB Market Regulation: the Regulation issued by CONSOB with Resolution no. 20249 of 2017 on markets.

CONSOB Related Party Transactions Regulation/RPT Regulation: the Regulation issued by CONSOB with Resolution no. 17221 of 12 March 2010 (as subsequently amended) on related party transactions.

Report: this report, i.e. the report on corporate governance and ownership structures that companies are required to prepare and publish pursuant to Article 123-bis of the TUF.

Remuneration Report: the report on the remuneration policy and remuneration paid that companies are required to prepare and publish pursuant to Article 123-ter of the TUF and 84-quater of the CONSOB Issuers' Regulation.

Consolidated Law on Finance/TUF: Italian Legislative Decree no. 58 of 24 February 1998.

Unless otherwise specified, the definitions of the CG Code relating to the following are recalled by reference:

directors, executive directors [see Q. Def. (1) and Q. Def. (2)], independent directors, significant shareholder, Chief Executive Officer (CEO), management body, control body, business plan, concentrated ownership company, large company, sustainable success, top management.

In addition, unless otherwise specified, in the sections that refer to the content of the relevant ESRSs, the definitions of the ESRS must also be considered by reference, in particular those relating to: lobbying activities, value chain, communities concerned, active and passive corruption, corporate culture, consumers, sustainability statement, employee, discrimination, suppliers, own workforce, impacts, impacts related to sustainability, workers in the value chain, non-employee workers, independent members of the board of directors, metrics, business model, harassment, objective, opportunities, sustainability-related opportunities, administrative management and control bodies, politics, indigenous peoples, stakeholders, sustainability issues, relevance, risks, sustainability risks, end users.

1. Profile of the Issuer

Description of the Issuer's activities

The Issuer operates as a financial intermediary, enrolled in the registry of financial intermediaries referred to in Article 106 of the TUB (Consolidated Law on Banking, Single Register), specialising in factoring activities, both with recourse and without recourse. The Issuer is active in Italy and operates exclusively, at the date of the Report, with Italian transferors through the offices in Milan (registered office) and Biella (general management). It should be noted that the undersigned Company has notified the Bank of Italy - pursuant to and for the purposes of Title V, Chapter 3, Section II, Paragraph 1, lett. i) of Circular no. 288/2015 - of its intention to start operating in Spain, through the opening of a branch office. With respect to this communication, on 12 December 2024, the Bank of Italy announced that on the basis of the references provided, the prerequisites for the initiation of a prohibition procedure were not met. As a result, the Company started the process of setting up the branch office in Madrid, which, at the date of this report, is in progress.

Governance model adopted by the Issuer

The Company is organised according to the traditional model pursuant to Articles 2380-bis et seq. of the Italian Civil Code with the Shareholders' Meeting, the Board of Directors and the Board of Statutory Auditors. The characteristics of these bodies are indicated below in the dedicated parts of the Report (Section 4 for the Board of Directors, Section 11 for the Board of Statutory Auditors, Section 13 for the Shareholders' Meeting). Two committees have been established within the Board of Directors – as envisaged by the Articles of Association: the Control, Risk and Sustainability Committee and the Appointments and Remuneration Committee (jointly, the "Committees"). The Control, Risk and Sustainability Committee has also been assigned the functions of Related Party Transactions Committee, except for decisions regarding transactions involving the remuneration of the directors and key management personnel of the Company, whose competence has been attributed to the Appointments and Remuneration Committee.

On 8 March 2022, the Issuer's Shareholders' Meeting assigned to Deloitte & Touche S.p.A., with registered office in Milan, Via Tortona no. 25, registration number in the Register of Companies of Milan, Tax Code and VAT no. 03049560166, enrolled in the register of statutory auditors pursuant to Italian Legislative Decree no. 39 of 27 January 2010 under no. 132587 (the "Independent Auditors") the task of auditing the accounts (including the verification of the regular keeping of the accounts and the correct recognition of the operating events in the accounting records, the verification of the consistency of the report on operations and of some specific information contained in the report on corporate governance and the ownership structures indicated in Article 123-bis of the Consolidated Law on Finance with the financial statements and their compliance with the law, as well as the limited audit of the condensed half-yearly financial statements). The term of office is envisaged until the date of the Shareholders' Meeting called to approve the financial statements as at 31 December 2025, as it has been deemed appropriate to include in the maximum nine-year duration envisaged by law for "public interest entities" also the activity already carried out by the Independent Auditors in the financial years 2017-2021, in compliance with the regulations applicable to the Company as an "entity subject to an intermediate regime"(¹ ).

The powers and operating rules of the corporate bodies are governed not only by the legal and regulatory provisions in force at the time, but by the Articles of Association, the Regulations of the Board of Directors (as defined

¹ On 5 April 2024, the Shareholders' Meeting of the Company resolved the assignment of the statutory audit engagement, for the financial years 2026-2034, to the independent auditors EY S.p.A. with registered office in Milan (MI), Via Meravigli no. 12, as the mandate granted to Deloitte & Touche S.p.A. will expire at the end of the 2025 financial year. In this regard, the Shareholders' Meeting deemed it appropriate to determine well in advance the party who will have to take on the role of independent auditor starting from the 2026 financial year, in order to guarantee an adequate handover period between the current and the future independent auditor and avoid the assignment, during the financial year prior to the start of the new mandate (cooling in period), of prohibited tasks pursuant to Article 5.1, letter e) of EU Regulation 537/2014, to the entity in charge of the audit.

hereunder) and the regulations of the internal board committees, as well as the applicable company procedures. In particular, as illustrated in Section 3, the Issuer's corporate governance system incorporates (with the

clarifications specified in this Report) the recommendations of the CG Code, to which it adheres.

Sustainability policies

The Board of Directors guides the Company by pursuing its sustainable success. For the initiatives carried out in this regard by the Board, please refer to the Sections of the Report which illustrate: (i) the methods for integrating this objective into the strategies (Section 1) and into the internal control and risk management system (Section 9); and (ii) the corporate governance measures specifically adopted in this regard (Section 9).

The Company has launched some first sustainability initiatives aimed, inter alia, at satisfying the indications provided by the Bank of Italy in the document "Supervisory expectations on climate and environmental risks", published on 7 April 2022. The Company's objective is to define – within the framework of the principle of proportionality – and prepare suitable controls and adequate practices to identify, measure, monitor and mitigate risks in the environmental, social and governance ("ESG") area, structuring them according to its operational, dimensional and organisational complexity, as well as in relation to the nature of the activity it carries out.

By virtue of this approach, the Issuer observes that the specific nature of the activity carried out, i.e. support to companies in crisis through the disbursement of loans using the factoring instrument, requires a specific assessment of the ESG issue, whose characteristics it considers in a consistent and adequate manner, including:

a) being a financing activity with a very short-term time horizon which, as such, has a limited impact on climate and environmental issues;
b) the fact that Generalfinance's customers are represented by Italian small and medium-sized companies mainly in the manufacturing sector – in crisis and in a restructuring phase (i.e. operating in the context of restructuring plans) and, therefore, with less manoeuvre room in relation to issues not strictly linked to the economic, capital and operational restructuring (such as ESG issues), which have a less significant impact for the success of the corporate restructuring.

Taking this into account, the Company believes that the "S" (social) dimension is the one that shows the most significant and clearest impact of the activities carried out, given that it affects – through financial support to companies in crisis – the preservation of value in terms of maintenance of the local industrial fabric, productivity, jobs, regional development and social stability.

Regardless of other considerations that the Company is formulating and that it will develop with increasing intensity on the ESG front, the fact that it represents one of the main national contact points for companies in financial tension in terms of the assignment of trade receivables, makes Generalfinance a significant operator for sustainability of the production system and, in particular, the manufacturing system of Italian businesses. Its very mission must therefore be interpreted from a Social perspective.

Sustainability has long been an element of significant focus for the Issuer, which has undertaken initiatives on the various Environmental, Social and Governance issues also in the context of the admission to trading of its shares on Euronext Milan, a market organised and managed by Borsa Italiana S.p.A., STAR segment, which took place on 29 June 2022, when the Company established the Control, Risk and Sustainability Committee, to which it assigned the task, among other things, of monitoring ESG risks.

The Company has not prepared the non-financial statement pursuant to Article 2, paragraph 1 of Italian Legislative Decree no. 254 of 30 December 2016, having employed – in the financial year ended as at 31 December 2024 – a lower average number of employees than the 500 units envisaged by the aforementioned Italian Legislative Decree and also not having exceeded the economic threshold of total revenues.

On the other hand, with reference to climate risk (physical risk and transaction risk) following a preliminary analysis,

at the date of preparation of this report, considering the nature of its transactions, i.e. disbursement of trade receivables with recourse and, to a lesser extent, without recourse, whose average duration is less than 80 days on average, as well as the limited number of real estate units where it carries out its activities, the Company believes it is exposed to a limited degree.

Nevertheless, the Company voluntarily manages specific projects in order to report information on the non-financial profiles of its activities (in the social, environmental and governance areas), taking into due consideration its small size and the nature of the financial services it offers. This activity is targeted at the preparation and publication of the sustainability report, an information tool which the Issuer uses to report on the initiatives undertaken and the results obtained in the social, environmental and governance areas. In this regard, it should be noted that, although it is not - even as of today - an obligation which it is required to fulfil pursuant to the reference regulations, the Company considers it appropriate to prepare and publish the sustainability report to give an account to its stakeholders of the initiatives undertaken and the results achieved in terms of environmental, social and governance issues. To ensure the quality of information and to meet the requirements of national and European best practices, the Issuer's sustainability report is prepared in compliance with the reporting principles and with the disclosure requirements defined by the Global Reporting Initiative (GRI), a non-profit organisation created with the aim of providing practical support in the reporting of sustainability performance to companies and institutions of any size, for the purpose of measuring the environmental, social and economic impact generated by its activities. As of today's date, the Company has prepared and published two sustainability reports.

For more detailed information, please refer to the Issuer's institutional website www.generalfinance.it, "Sustainability" Section.

Statement on the nature of SME of the Issuer

As also certified by CONSOB Resolution no. 124 of 29 January 2025 containing: "Publication of the list of SME issuers of listed shares, pursuant to Article 1, paragraph 1, letter w-quater.1) of Italian Legislative Decree no. 58 of 24 February 1998, as at 31 December 2024", on the basis of the values of the market capitalisation in the years 2023 and 2024, the Issuer is qualified as an SME pursuant to Article 1, paragraph 1, lett. w-quater.1) of the Consolidated Law on Finance.

In particular, at the end date of the Financial Year, the capitalisation was less than EUR 500 million.

In the light of the above, the relevant threshold for the obligations to communicate significant equity investments pursuant to Article 120 of the Consolidated Law on Finance is equal to 5% of the share capital.

"Large company" and "concentrated ownership" company qualification pursuant to the Code

Pursuant to the Corporate Governance Code, the Company:

cannot be classified as a "large company" as the capitalisation of the Issuer at the end date of the Financial Year was less than EUR 1 billion;
qualifies as a "concentrated ownership" company since the majority shareholder GGH - Gruppo General Holding S.r.l. ("GGH") directly holds the majority of the votes that can be exercised at the ordinary shareholders' meeting of the Issuer.

Main data of the Issuer

Main reclassified income statement data (in thousands of Euro)

Income for:	Year 2024	Year 2023	Change
Net interest income	12,376	8,980	38%
Net fee and commission income	36,379	27,219	34%
Net interest and other banking income	48,819	36,199	35%

Operating costs	-16,043	-12,934	24%
Pre-tax profit from current operations	31,541	22,002	43%
Profit for the year	21,099	15,067	40%

Main balance sheet data (in thousands of Euro)

Balance sheet item	Year 2024	Year 2023	Change
Financial assets measured at amortised cost	614,946	462,365	33%
Financial liabilities measured at amortised cost	635,239	409,388	55%
Shareholders' equity	80,088	66,433	21%
Total assets	769,705	500,043	54%

Main performance indicators

Indicator	Year 2024	Year 2023
Cost/Income ratio	33%	36%
ROE	36%	29%
Net interest income/Net interest and other banking income	25%	25%
Net fee and commission income/Net interest and other banking income	75%	75%

2. Information on the ownership structures (pursuant to Article 123-bis, paragraph 1 of the TUF) as at 31 December 2022.

a) Share capital structure (pursuant to Article 123-bis, paragraph 1, letter a), of the TUF)

The Company's share capital currently amounts to EUR 4,202,329.36 and is divided into 12,635,066 ordinary shares without nominal value, pursuant to paragraph 3 of Article 2346 of the Italian Civil Code and Article 5 of the current Articles of Association. Based on the information available to the Company, it is broken down as follows:

GGH – Gruppo General Holding S.r.l. (GGH), which holds approximately 41.375% of the share capital (roughly 53.533% of the voting rights, taking into account the increased vote acquired);
Investment Club S.r.l. (IC), which holds approximately 9.555% of the share capital (roughly 9.413% of the voting rights, taking into account the increased vote acquired);
BFF Bank S.p.A. (BFF), which holds approximately 8.021% of the share capital (roughly 5.189% of the voting rights);
First4Progress1 S.r.l. (formerly First4Progress S.p.A.) (F4P), which holds approximately 5.391% of the share capital (roughly 6.662% of the voting rights, taking into account the increased vote acquired);
Banca del Ceresio SA (BS), which holds approximately 4.667% of the share capital (roughly 5.153% of the voting rights, taking into account the increased vote acquired);
market (free float), which overall holds a stake of approximately 30.991% of the share capital (roughly 20.050% of total voting rights).

The shares, all ordinary and traded on Euronext STAR Milan, all have equal rights, both administrative and financial, as established by law and by the Articles of Association, except for the provisions of the latter regarding increased voting rights, as specified below. The shares are indivisible, registered and freely transferable by an act inter vivos and transmissible on death. The legislation and regulations in force from time to time regarding representation, legitimate entitlement and circulation of equity investments set forth for financial instruments traded on regulated markets are applied to the shares. The shares are issued in dematerialised form.

Pursuant to Article 127-quinquies of Italian Legislative Decree no. 58 of 24 February 1998 (TUF, Consolidated Law on Finance), two voting rights are assigned to each share, belonging to the same party, based on a right in rem that gives a legitimate entitlement to exercise the voting right (full ownership with voting right or bare ownership with voting right or usufruct with voting right) for a continuous period of at least 24 months certified by the continuous registration, for a period of at least 24 months, in the duly established list kept by the Company. In addition, to the extent permitted by the law currently in force, each share owned by the same party, based on a right in rem that legitimately entitles to exercise the voting right, is assigned one additional vote at the due date of each period of twelve months following the accrual of the twenty-four month period referred to above up to a total maximum of ten voting rights per share2.

The current composition of the Company's share capital, with respect to which there have been no changes, is shown below.

	Share capital
	EUR	No. of shares	Nominal value per unit
Total	4,202,329.36	12,635,066	(*)

² On 6 September 2024, the Extraordinary Shareholders' Meeting of the Company approved an amendment to the Articles of Association through which the enhanced voting right was introduced, as permitted by the renewed Article 127-quinquies of the Consolidated Law on Finance - amended by Italian Law no. 21 of 5 March 2024 (Capital Law) - which establishes that companies that adopt the increased voting right mechanism may also provide in the Articles of Association that, in addition to the ordinary increase, up to a maximum of two votes per share that can be achieved after a period of ownership of the uninterrupted shareholding of at least 24 months, voting rights may be further increased by one vote per share for each 12-month period of continued ownership of the shares, up to a maximum of 10 votes per share, according to a progressive step-up mechanism.

of which: Ordinary shares	4,202,329.36	12,635,066	(*)

(*) Shares with no nominal value.

The total amount of the voting rights before and after the loss of the increased voting right of part of the shares sold by CAI is shown below.

	Number of shares making up the share capital	Number of voting rights
Total ordinary shares	12,635,066	19,530,005
Ordinary shares without increased voting rights	5,740,127	5,740,127
Ordinary shares with increased voting rights	6,894,939	13,789,878

By virtue of the above, as at today's date, the voting rights that can be exercised by shareholders are as follows:

Shareholder	Shares held	% share	% voting
		capital	rights
GGH – Gruppo General Holding S.r.l.	5,227,750	41.375	53.533
Investment Club S.r.l.	1,207,267	9.555	9.413
BFF Bank S.p.A.	1,013,470	8.021	5.189
First4Progress1 S.r.l.	681,140	5.391	6.662
Banca del Ceresio SA	589,694	4.667	5.153
Market	3,915,745	30.991	20.050

It should be noted that the shares held by GGH are partially encumbered by a pledge, as follows:

a) pledge established on 2 March 2023 in favour of Banca Nazionale del Lavoro S.p.A. and subsequently amended on 4 February 2025, currently encumbering 1,100,000 Generalfinance shares;
b) pledge established on 12 February 2025 in favour of Crédit Agricole Italia S.p.A., currently encumbering 396,825 Generalfinance shares.

It should be noted that, in both cases, the pledge does not entail any limitation on the rights of the pledgor since, in derogation of Article 2352 of the Italian Civil Code, the voting right relating to the shares encumbered by the pledge continues to be duly exercised by GGH, both in ordinary and/or extraordinary shareholders' meetings, as well as the right to receive any sum due from Generalfinance in relation to the shares encumbered by the pledge remains with GGH.

Lastly, it should be noted that the pledge already established on 29 June 2017 in favour of Crédit Agricole Italia SpA was fully extinguished.

At the date of this report, the Company does not hold any treasury shares.

The Company has not approved any share-based incentive plans (stock options, stock grants, etc.) that involve increases, even free of charge, of the Company's share capital. However, the Company has approved an incentive plan for top management linked to the objectives of the 2022-2024 business plan, which provides for the payment of 50% of the incentives in the form of phantom shares and intends to renew it - subject to a favourable resolution of the shareholders' meeting - with reference to the objectives of the new 2025-2027 business plan.

For further information, please refer to the following Section 8.1 of this Report.

At the date of this Report, no financial instruments have been issued that give the right to subscribe newly issued shares.

b) Restrictions on the transfer of securities (pursuant to Article 123-bis, paragraph 1, letter b), of the TUF)

There are no restrictions on the free transferability of the Issuer's shares or limits on their possession, nor are there any clauses of approval by the Issuer or other holders of securities to access the shareholding structure of Generalfinance, pursuant to the law or the Articles of Association.

c) Significant equity investments (pursuant to Article 123-bis, paragraph 1, letter c), of the TUF) At the end date of the Financial Year, the significant stakes in the share capital were those indicated in Table 1 attached.

d) Securities that grant special rights (pursuant to Article 123-bis, paragraph 1, letter d), of the TUF) At the date of this Report, there are no securities that grant special control rights.

Pursuant to Article 127-quinquies of Italian Legislative Decree no. 58 of 24 February 1998 (TUF, "Consolidated Law on Finance"), the article of the Issuer's Articles of Association provides that, in derogation of the general rule for which every share gives the entitlement to one vote, two voting rights are assigned to each share, belonging to the same party, based on a right in rem that gives a legitimate entitlement to exercise the voting right (full ownership with voting right or bare ownership with voting right or usufruct with voting right) for a continuous period of at least 24 months certified by the continuous registration, for a period of at least 24 months, in the duly established list kept by the Company. In addition, to the extent permitted by the law currently in force, each share owned by the same party, based on a right in rem that legitimately entitles to exercise the voting right, is assigned one additional vote at the due date of each period of twelve months following the accrual of the twenty-four month period referred to above up to a total maximum of ten voting rights per share(³ ).

In this regard, it should be noted that, according to the provisions of Article 6, no. 20 of the Issuer's Articles of Association, the increased voting right is also included in determining the quorums for constitution of the meetings and the passing of resolutions which make reference to the portions of share capital, but have no effect on nonvoting rights due on the basis of ownership of given portions of the share capital.

In addition, Article 6 no. 5, last paragraph, of the Issuer's Articles of Association, sets forth that the establishment of a pledge with maintenance of the right to vote for the holder of the legitimising right in rem does not result in the loss of the conditions that the Articles of Association provide for the maintenance of the increased vote.

Since the Trading Start Date, the Company has adopted a specific regulation containing the detailed rules on increased voting rights (the "Regulation on Increased Voting Rights"), approved by the Board of Directors on 23 June 2022 and subsequently updated on 26 January 2023 (to implement the amendments resulting from the issue, by CONSOB and the Bank of Italy, on 10 October 2022, of a measure amending the Single Measure on post-trading of 13 August 2018) and on 16 December 2024, to acknowledge the amendments to the Articles of Association resolved by the Extraordinary Shareholders' Meeting of 6 September 2024 (³ ).

The Regulation on Increased Voting Rights illustrates, in particular, the rules for the registration, maintenance and updating of the List, in compliance with the applicable legal - and regulatory - provisions, so as to ensure the timely exchange of information between the shareholders of the Company, the Company itself and the intermediaries authorised to maintain the accounts on which the shares are registered. In addition, the Regulation also governs the retention and loss of the increase in the event of certain circumstances provided for in the Articles of Association.

³ On 6 September 2024, the Extraordinary Shareholders' Meeting of the Company approved an amendment to the Articles of Association through which the enhanced voting right was introduced, as permitted by the renewed Article 127-quinquies of the Consolidated Law on Finance - amended by Italian Law no. 21 of 5 March 2024 (Capital Law) - which establishes that companies that adopt the increased voting right mechanism may also provide in the Articles of Association that, in addition to the ordinary increase, up to a maximum of two votes per share that can be achieved after a period of ownership of the uninterrupted shareholding of at least 24 months, voting rights may be further increased by one vote per share for each 12-month period of continued ownership of the shares, up to a maximum of 10 votes per share, according to a progressive step-up mechanism.

The Regulation on Increased Voting Rights is available on the Company's website (www.generalfinance.it, "Governance/Increased Voting Rights" Section).

e) Employee shareholding: mechanism for exercising voting rights (pursuant to Article 123-bis, paragraph 1, letter e), of the TUF)

Pursuant to Article 8, paragraph 2, of the Articles of Association, in accordance with the legal methods and forms, profits and/or profit reserves can be allocated to employees of the Company or its subsidiaries, through the issuing, up to the amount corresponding to said profits, of shares to be allocated on an individual basis to the employees, pursuant to the first paragraph of Article 2349 of the Italian Civil Code, establishing rules regarding the form, the transfer method and the rights due to the shareholders.

The Extraordinary Shareholders' Meeting can also resolve to allocate to employees of the Company or its subsidiaries, financial instruments other than shares, provided with equity or also administrative rights, excluding the vote at the General Shareholders' Meeting, establishing rules regarding the conditions for exercising the rights attributed, the possibility of transfer and any causes of forfeiture or surrender.

At the end date of the Financial Year, there were no employees who owned equity investments in the share capital pursuant to Article 8, paragraph 2, of the Articles of Association.

At the date of this Report, key management personnel holding equity investments in the share capital are Ugo Colombo, Chief Financial Officer of the Company and Alessandro Ferrari, Chief Lending Officer, each having acquired ownership of them through direct purchase.

f) Restrictions on voting rights (pursuant to Article 123-bis, paragraph 1, letter f), of the TUF)

There are no particular provisions in the Articles of Association that determine restrictions or limitations on voting rights, nor are the financial rights attached to the securities separate from their ownership.

g) Agreements between shareholders (pursuant to Article 123-bis, paragraph 1, letter g), of the TUF)

With reference to the existence of shareholders' agreements pursuant to Article 122 of the Consolidated Law on Finance, it should be noted that, on 9 June 2022, the shareholders GGH and F4P signed, with effectiveness subject to (i) the subscription and/or purchase by F4P of Generalfinance shares for an established minimum value and (ii) the Trading Start Date, a shareholders' agreement concerning, inter alia, the assignment to F4P of certain minority rights.

In this regard, however, it should be noted that, on 5 December 2024, the shareholder GGH announced that it had sent F4P the cancellation of the aforementioned agreement. By virtue of this, it will lose all effectiveness at the due date of the 36th (thirty-sixth) month following the start date of trading of the Generalfinance shares, i.e. 29 June 2025.

It should also be noted that the shareholders' agreement signed on 2 May 2022 by GGH and former shareholder CAI (regarding, inter alia, the assignment to CAI of certain governance rights, as well as certain restrictions on the transfer of the equity investment held by CAI in the Issuer, without prejudice to the ability of GGH to exercise exclusive control over the Company) was terminated early due to the sale of the entire equity investment held by CAI in the Company, which took place on 4 October 2023.

For more information on these shareholders' agreements, please refer to the relevant essential information published on the Issuer's website www.generalfinance.it, "Corporate Governance/Documents and Procedures" Section.

h) Change of control clauses (pursuant to Article 123-bis, paragraph 1, letter h), of the TUF) and provisions of the Articles of Association regarding takeover bids (pursuant to Articles 104, paragraph 1-ter, and 104-bis, paragraph 1). Change of control clauses

Without prejudice to what is indicated below, at the date of the Report, the Issuer is not a party to significant agreements that become effective, are modified or terminated in the event of a change of control of the Company. On 29 January 2019, Generalfinance entered into a pool loan agreement (as subsequently amended, the "Pool Loan Agreement"), governed by Italian law, with some Italian banks, pursuant to which the lending banks are committed to providing the Company with credit lines to finance up to 100% of the spot amounts necessary, from time to time, for the Company to purchase and/or advance from and/or in favour of transferors (having the requirements of the Pool Loan Agreement) – pursuant to Italian Law no. 52/1991 – of in bonis and performing financial receivables that meet the requirements of the Pool Loan Agreement, due from assigned debtors.

On February 28, 2025, the Board of Directors approved a new long-term incentive plan for the 2025-2027 period, benefiting the Chief Executive Officer and executives with strategic responsibilities within the Company. This plan will be submitted for approval at the ordinary shareholders' meeting convened for April 10, 2025.

Should the plan be approved by the shareholders' meeting, it stipulates that in the event of a public tender offer, a public exchange offer, or a public tender and exchange offer involving the Company's shares and/or in cases of merger transactions where the Company is the acquired entity, the objectives set for earning the incentive will be deemed immediately achieved at 100%, regardless of their actual level of attainment. Consequently, the beneficiaries will be entitled to receive the corresponding calculated Bonus.

Provisions of the Articles of Association on takeover bids

The Articles of Association do not derogate from the provisions on the passivity rule pursuant to Article 104, paragraphs 1 and 1-bis, of the Consolidated Law on Finance and do not provide for the application of the neutralisation rules envisaged by Article 104-bis, paragraphs 2 and 3, of the Consolidated Law on Finance.

The Issuer availed itself of the exemption provided by Article 106, paragraph 3-quater, of the Consolidated Law on Finance and Article 46 of the Issuers' Regulation on the subject of the Articles of Association's exemption to the takeover bid ("Takeover Bid") from consolidation, concerning the non-application, for SMEs, of the provision by virtue of which the takeover bid obligation follows purchases of more than 5% or an increase in voting rights to an extent more than 5% of the same, carried out over a twelve-month period, by those who already hold a 30% stake without holding the majority of voting rights in the ordinary shareholders' meeting. Pursuant to Article 7 of the Articles of Association, said derogation shall apply until the date of the Shareholders' Meeting called to approve the financial statements relating to the fifth financial year after the admission to trading of the Issuer's shares on Euronext Milan, a market organised and managed by Borsa Italiana S.p.A., STAR segment, or, if before, until the moment in which the Company may lose the qualification of SME.

i) Powers to increase the share capital and authorisations to purchase treasury shares (pursuant to Article 123-bis, paragraph 1, letter m), of the TUF)

Powers to increase the share capital

Pursuant to Article 5, paragraph 2, of the Articles of Association, the Shareholders' Meeting, by means of the appropriate resolution adopted at the extraordinary session, can attribute the administrative body the right, pursuant to Article 2443 of the Italian Civil Code, to increase the share capital on one or more occasions, up to a determined amount and for a maximum period of 5 (five) years from the resolution date, also with the exclusion of the option right. The share capital increase resolution passed by the administrative body in execution of said power must be documented in a report drafted by a notary.

The Extraordinary Shareholders' Meeting of 8 March 2022 conferred the Board of Directors with the power, in accordance with Article 2443 of the Italian Civil Code, to be exercised within the maximum term of five years, to increase share capital against consideration up to a maximum of EUR 40 million, including premium, on one or more occasions and also in divisible form and in several tranches, through the issuing of new Company ordinary

shares with the same characteristics as the ordinary shares currently in circulation, also with the exclusion of the option right in the cases set forth in Article 2441, paragraph 4, first and second sentence, and paragraph 5, of the Italian Civil Code.

At the meeting held on 9 May 2022, based on the above resolution, the Board of Directors exercised the aforementioned power and, subsequently, resolved to increase the share capital against consideration, in cash, in divisible form and also in several tranches, for a maximum of EUR 40 million, including premium, servicing the offer of shares carried out as part of the process for the admission to trading of the Issuer's shares on Euronext Milan, a market organised and managed by Borsa Italiana S.p.A., STAR segment, through the issuing of new ordinary shares of the Company, with the same characteristics as the ordinary shares currently in circulation, excluding the option right pursuant to Article 2441, paragraph 5, of the Italian Civil Code.

The share capital increase resolved by the Board of Directors on 9 May 2022 was subscribed and paid up for EUR 20 million, for which the available upper limit of the aforementioned power is reduced by the same amount.

Authorisation to purchase treasury shares

At the date of this Report, the Shareholders' Meeting of the Company did not decide to resolve the purchase of treasury shares, pursuant to Article 2357 of the Italian Civil Code.

l) Management and coordination activities (pursuant to Article 2497 et seq. of the Italian Civil Code) At the date of this Report, the Issuer's share capital is held as follows: 41.375% by GGH, 9.555% by IC, 8.021% by BFF, 6.391% by F4P, 4.667% by BC and the remainder by the market, and is indirectly controlled by Massimo Gianolli pursuant to Article 2359, paragraph 2, of the Italian Civil Code and Article 93 of the Consolidated Law on Finance. In particular, Massimo Gianolli holds: (i) the right of usufruct (including the right to vote) on 99.10% of the share capital of MGH - Massimo Gianolli Holding S.r.l. ("MGH") - whose bare ownership belongs to Elisabetta Barbirato (84.10%), spouse of Massimo Gianolli, and Edoardo Gianolli (15%), son of Massimo Gianolli - as well as (ii) full ownership of 0.90% of the share capital of MGH itself, which in turn holds 83.16% of the share capital of the shareholder GGH.

At the date of this Report, the Issuer believes that it is not subject to management and coordination activities pursuant to Articles 2497 et seq. of the Italian Civil Code. To this end, it should be noted that both the Articles of Association of GGH and MGH exclude the exercise of management and coordination activities in respect to, inter alia, (i) financial intermediaries that are investees of GGH; and (ii) companies and entities in which MGH has an interest.

Furthermore, on the basis of the examination of the factual circumstances, the Issuer believes that none of the activities which typically incorporate management and coordination exist pursuant to Articles 2497 et seq. of the Italian Civil Code and that therefore, by way of a non-exhaustive example (a) decisions relating to the management of the Issuer's business are taken within the Issuer's own bodies; (b) the Board of Directors of the Issuer is responsible, inter alia, for the examination and approval of the strategic, business and financial plans and the budgets of the Issuer, the examination and approval of the financial and credit access policies of the Issuer, the examination and approval of the organisational structure of the Issuer, the assessment of the adequacy of the organisational, administrative and accounting structure of the Company; (c) the Issuer operates in full autonomy with respect to the conduct of relations with customers, without there being any interference by parties unrelated to the Issuer itself, without prejudice to the outsourcing of certain services; and (d) neither MGH nor GGH exercises, directly or indirectly, any centralised treasury function in favour of the Issuer.

The information required by Article 123-bis, paragraph 1, letter i), of the Consolidated Law on Finance regarding "agreements between the company and the directors ... which provide for indemnities in the event of resignation or dismissal without just cause or if their employment relationship is terminated following a takeover bid" are contained

in the section of this Report dedicated to remuneration (Section 8.1).

It should also be noted that the information required by Article 123-bis, paragraph 1, letter l) ("the rules applicable to the appointment and replacement of directors, as well as to the amendment of the Articles of Association, if different from the legislative and regulatory provisions applicable on a supplementary basis") are illustrated in the section of this Report dedicated to the Board of Directors (Section 4.2).

Lastly, it should be noted that the information required by Article 123-bis, paragraph 1, letter l), second part ("the rules applicable to the amendment of the Articles of Association, if different from the legislative and regulatory provisions applicable on a supplementary basis") are illustrated in Section 4.2 of the Report, dedicated to the Shareholders' Meeting.

3. Compliance with the Corporate Governance Code (pursuant to Article 123-bis, paragraph 2, letter a), first part, of the TUF)

The Issuer adheres to the recommendations of the Corporate Governance Code, accessible to the public on the Borsa Italiana website (https://www.borsaitaliana.it/comitato-corporate-governance/codice/2020.pdf).

In this Report, according to the "comply or explain" principle underlying the Code, account is taken of both the measures and controls adopted by the Company to ensure the effective implementation of the Principles and Recommendations of the Code, and the recommendations of the Code which the Company has not, at present, decided to partially or fully comply with, together with the reason for these deviations.

The provisions of the Corporate Governance Code augment those of the Regulation of the Board of Directors (as defined hereunder) and the regulations of the internal board committees, which define the criteria for the constitution/composition of the Board of Directors and the internal board committees as well as the relative methods of operation, in line with industry best practices.

Furthermore, in order to promote a corporate governance model that focusses constant attention on all stakeholders and, in particular, institutional investors and the financial market, as well as to anticipate new needs and the trends with the biggest impact, the Issuer:

constantly monitors the principles and governance models disseminated at European and international level, which represent the best practices in terms of corporate governance;
examines the results of the analyses and the most established observatories on corporate governance in Italy and parametrises them with its own structural and organisational set-up with a view to continuous improvement.

At the date of this Report, the Company is not subject to non-Italian legal provisions that influence the Company's corporate governance structure.

At the date of this Report, the Company holds a 25% interest in the share capital of the company: "MIT PARTNERS S.p.A.", with registered office in Milan.

4. Board of Directors

4.1 Role of the Board of Directors

Pursuant to the Articles of Association, the Board of Directors manages the company and is vested with all powers of administration (ordinary and extraordinary), with the exception of aspects reserved for the Shareholders' Meeting by law and by the Articles of Association.

In line with the principles of the Code, the Board of Directors guides the exercise of business activities by pursuing their sustainable success, i.e. the creation of long-term value for the benefit of shareholders, taking into account the interests of the Company's other relevant stakeholders.

Decisions relating to the following fall within the remit of the Board of Directors, without prejudice to the legal limits:

a. mergers and split-offs, in the cases pursuant to Articles 2505 and 2505-bis of the Italian Civil Code, as also referenced by Article 2506-ter of the Italian Civil Code;
b. the opening and closing of secondary offices;
c. the indication of which directors represent the Company;
d. any reduction in capital in the event of the withdrawal of one or more shareholders;
e. adjustments of the Articles of Association in line with the regulatory provisions;
f. the transfer of the registered office in the national territory;

g. resolutions regarding the issuing of bonds within the limits of the currently in force legislation and regulations. In particular, pursuant to Article 18 of the Articles of Association, the Board of Directors is vested with all the powers for the ordinary and extraordinary management of the Company. The Board of Directors is also vested with the tasks and responsibilities that the provisions handed down by the Bank of Italy for financial intermediaries attribute to the body with strategic supervision function.

It should be noted that, on 20 May 2022, in compliance with the provisions of Recommendation 11 of the Corporate Governance Code, the Board of Directors approved a regulation (hereinafter, the "Regulation of the Board of Directors") that defines the rules of functioning of the body itself, including the methods for recording the minutes of the meetings and the procedures for the management of the information to the directors. The Regulation of the Board of Directors was updated on 18 April 2023.

Pursuant to the Regulations of the Company's Board of Directors, the following are the responsibility of the administrative body:

a. the definition and assignment of management powers and the identification, among other things, of who from the executive directors holds the position of CEO:
- the examination and approval of the business plan of the Company, also on the basis of the analysis of the relevant issues for the generation of value in the long-term carried out with the possible support of the Control, Risk and Sustainability Committee;
- periodic monitoring of the implementation of the business plan and assessment of the general performance of operations, periodically comparing the results achieved with those planned;
- the definition, with the support of the Control, Risk and Sustainability Committee, of the nature and level of risk compatible with the strategic objectives of the Company, including in its assessments all the elements that may be relevant with a view to creating value in the long-term for the benefit of shareholders and pursuing the sustainable success of the Company, taking into account the interests of other stakeholders relevant to the Company;
- the definition of the corporate governance system of the Company and the assessment of the adequacy of the organisational, administrative and accounting structure of the Company with strategic relevance, with particular reference to the internal control and risk management system (please refer to Section 9

of this Report for detailed information);

resolving on the Company's transactions that have significant strategic, economic, equity or financial importance for the Company, to be identified according to the criteria defined from time to time by the Board of Directors;
the promotion, in the most appropriate forms, of dialogue with shareholders and other relevant stakeholders for the Company;
the adoption of regulations, procedures and internal policies deemed necessary or appropriate for the organisation of the company, or for compliance with the law or the Corporate Governance Code, including, by way of example:
- i. the regulations that define the operating rules of the Board of Directors and the Committees;
- ii. a procedure governing transactions with related parties carried out by the Company, directly or through subsidiaries;
- iii. a procedure, adopted on the proposal of the Chairperson, formulated in agreement with the CEO, for the internal management and external disclosure of inside information pursuant to law;
- iv. a policy adopted on the proposal of the Chairperson, formulated in agreement with the CEO for the management of dialogue with the shareholder base, also taking into account the engagement policies adopted by institutional investors and asset managers;
the assessment of the independence also according to the recommendations of the Corporate Governance Code – of each non-executive director, immediately after appointment as well as during the course of the mandate in the event of relevant circumstances for independence purposes and, in any case, at least once a year;
the identification of diversity criteria for the composition of the Board of Directors and the Board of Statutory Auditors, as well as the identification, also taking into account the ownership structure of the Company, of the most suitable instrument for their implementation;
the adoption of measures to promote equal treatment and opportunities between genders within the entire company organisation, monitoring their concrete implementation;
the adequate internal distribution of its functions and the establishment of Committees;
on the proposal of the Chairperson, the appointment and revocation of the Secretary;
where appropriate, the determination of the budgets of the Committees and of the Secretary;
the definition, updating and implementation of any succession plan for the CEO and the other executive directors, which identifies at least the procedures to be followed in the event of early termination of office;
the identification of candidates for the office of director in the event of co-optation, with the support of the Appointments and Remuneration Committee;
the periodic assessment of the effectiveness of its activities and the contribution made by its individual members, according to the provisions of the Regulation;
with regard to remuneration, the preparation and approval of a policy for the remuneration of directors, members of the Board of Statutory Auditors and top management, geared towards the pursuit of sustainable success and which takes into account the need to have access to, retain and motivate people with the expertise and professionalism required by the role held in the Company;
in relation to the internal control and risk management system:
- i. the definition of the guidelines of the internal control and risk management system in line with the strategies of the Company;
- ii. the assessment, at least annually, of its adequacy with respect to the characteristics of the

company and the risk profile assumed, as well as its effectiveness;

iii. the appointment and removal of the Head of internal audit, as well as the definition of his/her responsibilities – in compliance with the Corporate Governance Code – and his/her remuneration in line with company policies, as well as the assignment of adequate resources to him/her to carry out their own duties;
iv. the approval, at least once a year, of the work plan prepared by the Head of the Internal Audit Function, after consulting the Board of Statutory Auditors and the CEO;
v. the assessment of the opportunity to adopt measures to ensure the effectiveness and impartiality of judgement of the company functions involved in the control and risk management system (other than internal audit), verifying that they possess adequate professional skills and resources;
vi. the attribution to the Board of Statutory Auditors or a body specifically established for the purpose of the supervisory functions pursuant to Article 6, paragraph 1, lett. b) of Italian Legislative Decree no. 231/2001 ("Decree 231");
vii. the assessment, after consulting the Board of Statutory Auditors, of the results presented by the independent auditors in any letter of suggestions and in the additional report addressed to the Board of Statutory Auditors;
viii. the description, in the report on corporate governance, of the main characteristics of the internal control and risk management system and the methods of coordination between the parties involved in it, indicating the reference models and national and international best practices, expressing its overall assessment of the adequacy of the system itself and of the choices made regarding the composition of the supervisory body under letter f) above.

In defining the corporate governance system of the Company and the assessment of the adequacy of the organisational, administrative and accounting structure of the Company with strategic relevance, the Board of Directors: (i) takes into account the room for autonomy offered by the legal system; and if necessary, (ii) evaluates and promotes the appropriate amendments, submitting them, when applicable, to the Shareholders' Meeting.

During the year, the Board of Directors did not deem it necessary or appropriate to draw up justified proposals to be submitted to the shareholders' meeting for the definition of a corporate governance system more functional to the needs of the company other than those required or appropriate for the admission to trading of the Issuer's shares on Euronext Milan, a market organised and managed by Borsa Italiana S.p.A., STAR segment (please refer to Section 13 of this Report for detailed information).

By means of resolution of 29 June 2022, the Board of Directors adopted the policy for managing dialogue with the shareholder base (please refer to Section 12 of this Report for detailed information).

The attribution to the Board of Directors of the responsibilities that by law rest with the Shareholders' Meeting does not entail the loss of the responsibility of the Shareholders' Meeting that retains the power to resolve on the matter. For further powers to the Board, see the following sections of the Report: (i) appointment, Section 4.2, (ii) composition, Section 4.3, (iii) operation, Section 4.4, (iv) self-assessment, Section 7, (v) remuneration policy, Section 8, and (vi) internal control and risk management system, Section 9.

4.2. Appointment and replacement (pursuant to Article 123-bis, paragraph 1, letter l), of the TUF)

The text of Articles 15 and 16 of the Articles of Association containing provisions on the appointment and replacement of directors is provided below:

Article 15. Presentation of lists

1. The Board of Directors is appointed based on lists, presented in accordance with the paragraphs below.
1. Shareholders who, at the time of submission of the list, are holders alone or together with other submitting

shareholders – of a stake at least equal to the share determined by CONSOB pursuant to the applicable legislative and regulatory provisions, have the right to present lists4. Ownership of the minimum share is determined on the basis of the shares registered in the shareholders' name on the day in which the list is filed at the Company, without prejudice to the fact that the relevant certificate can also be produced after the filing of the list, provided within the deadline set for the publication of the list itself. The call notice of the Shareholders' Meeting called to resolve on the appointment of the Board of Directors indicates the percentage shareholding required to present lists of candidates.

1. Each shareholder, as well as the shareholders participating in a relevant shareholders' agreement in accordance with Article 122 of the Consolidated Law on Finance, the parent company, the subsidiaries and those subject to common control and other entities between whom connection relationships are in place, including indirect, pursuant to the legislation and regulations in force on each occasion, cannot present – or contribute to the presentation, either through third parties or trust – of more than one list, nor vote on different lists. Acceptances and votes expressed in violation of said prohibition shall not be allocated to any list.
1. Each candidate may be presented in only one list, under penalty of ineligibility.
1. Each list contains the names, marked by a sequential number, of a number of candidates not exceeding 9 (nine).
1. Each list that presents a number of candidates of 2 or more must also include candidates who meet the independence requirements prescribed by law or the applicable regulatory provisions (including therein the market regulations of Borsa Italiana S.p.A. and the codes of conduct regarding corporate governance drafted by regulated market management companies or the trade associations that the Company is a member of) based on the minimum number required by the legal and regulatory provisions, also with regard to the share listing segment, by indicating them separately.
1. In addition, lists with at least 3 (three) candidates cannot be composed only of candidates from the same gender (male and female); each list must include a number of candidates from the less represented gender to ensure that the final composition of the Board of Directors respects the legal and regulatory provisions in force from time to time governing gender balance (male and female).
1. The following must be filed together with presentation of the lists:
2. information relating to the shareholders who presented the list and indication of their percentage shareholding;
3. a declaration from the shareholders other than those who hold, including jointly, a controlling interest or a relative majority, certifying the absence of any connection relationships with the latter, including indirect, pursuant to the legislation and regulations in force from time to time;
4. the curriculum vitae of the candidates as well as a declaration in which each candidate certifies, under their own responsibility, that there are no grounds for ineligibility and incompatibility and that the requirements to fulfil office are satisfied, referenced, to that end, also in the provisions of Article 2383 of the Italian Civil Code, as well as the rules recalled by the same;
5. a disclosure relating to the candidates and any indication of suitability to be qualified as independent pursuant to the legislation and regulations in force from time to time and applicable and/or the codes of conduct regarding corporate governance drafted by regulated market management companies or the

⁴ Pursuant to CONSOB Resolution no. 76 of 30 January 2023, the shareholding determined by CONSOB pursuant to Article 144-quater of the CONSOB Issuers' Regulation is 2.5%.

trade associations that the Company is a member of;

the declaration in which each candidate accepts their candidacy;
any other additional or different declaration, disclosure and/or document required by the legislation and regulations in force on each occasion.
1. In the event of non-fulfilment of the obligations set forth in this Article, the list is considered as not having been presented. Any changes that should be verified until the day of actual conduct of the Shareholders' Meeting are promptly communicated to the Company.
1. The lists are filed within the terms set forth in the legislation and regulations in force from time to time, which are indicated in the call notice, at the registered office of the Company or transmitted via distance communication means, according to the methods indicated therein. They are provided to the public according to the terms and methods set out in the legislation and regulations in force from time to time".

Article 16. Election of the Board of Directors

1. Each party entitled to vote can vote on only one list. The vote of each shareholder will concern the list and, therefore, all candidates indicated therein, with no possibility of variations or exclusions. The votes expressed in violation of said prohibition shall not be allocated to any list.
1. The candidates will be elected from the lists that obtained the highest number of votes according to the following criteria:
2. a. all Directors to be elected, minus one, are drawn from the list which obtained the highest number of votes ("Majority List"), based on the sequential number with which they were listed;
3. b. from the second list that received the highest number of votes and which is not connected, not even indirectly with the shareholders who presented, or with those who voted, the Majority List (the "Minority List"), one Director will be taken, in the person of the candidate indicated with the first number on said list.
1. In the event of a tied vote between the lists, the Shareholders' Meeting will conduct a new vote, resolving according to the legal majorities, exclusively with regard to the tied lists, with the list which received the highest number of votes prevailing.
1. If, according to the methods indicated above, the provisions governing the independence requirements are not respected, the following steps are taken: the candidate, who does not meet the independence requirements established according to the legislation and regulations in force from time to time applicable to the Independent Directors, elected last in sequential order from the Majority List, shall be replaced by the first candidate who meets the independence requirements established according to the legislation and regulations in force from time to time, applicable to the independent Directors, not elected from said list, according to sequential order. If said procedure does not ensure the presence of the necessary number of Directors who meet the independence requirements established according to the legislation and regulations in force from time to time, applicable to the Independent Directors, the replacement shall be made by means of a resolution passed by the Shareholders' Meeting according to the legal majorities, based on prior presentation of the applications of the individuals who meet the aforementioned independence requirements.
1. If, using the methods indicated above, the provisions governing gender balance recalled in previous Article 15, paragraph 7) are not respected, the candidates from the most represented gender elected last in sequential order from the Majority List are replaced with the first unelected candidates taken from the same list, belonging to the other gender; in the event in which it is not possible to implement said replacement procedure, in order to guarantee compliance with the provisions established above regarding the distribution between genders, the missing Directors will be elected by the Shareholders' Meeting according to the legal

methods and majorities, without the application of the list voting mechanism.

1. Nonetheless, account will not be taken of lists that have not obtained a percentage of votes of at least equal to half of that needed to present said lists.
1. If only one list has been presented, the Shareholders' Meeting will express its vote on that and if it obtains a relative majority, the candidates listed in sequential order shall be elected Directors, up to the number established by the Shareholders' Meeting, without prejudice to the obligation to appoint a number of Independent Directors pursuant to Article 147-ter of the Consolidated Law on Finance equal to the minimum number established by these Articles of Association, the law and the legal and regulatory provisions, in force from time to time, as well as to respect the gender balance requirement, where applicable. If the minimum number of Directors belonging to the less represented gender and independent established by these Articles of Association and the legal and regulatory provisions, in force from time to time, is not elected, the Shareholders' Meeting shall replace the Directors marked by the lowest sequential number and who do not meet the requirement(s) in question, by appointing the next candidates who meet the necessary requirement(s), choosing them from the only list presented. If, also by applying said replacement criterion, suitable replacements are not identified, the Shareholders' Meeting shall resolve in accordance with the legal majorities. In said scenario, the replacements shall be made starting from the candidates marked by the lowest sequential number.
1. If the number of candidates inserted in the Majority List and the Minority List is lower than the number of Directors to be elected, the remaining Directors are elected by the Shareholders' Meeting according to the legal majorities, without prejudice to the obligation of appointment, by the Shareholders' Meeting, of a number of Directors belonging to the less represented gender and independent of no less than the minimum number established by the Articles of Association and the legal and regulatory provisions, in force from time to time. All Directors will be appointed based on the same methods and majorities also in the event in which no list is presented".

It should be noted that in addition to the legal and regulatory provisions (among which the most important are Bank of Italy Circular no. 288 of 3 April 2015, as subsequently amended and supplemented, the Italian Decree of the Ministry of Economy and Finance no. 169 of 23 November 2020, in force since 30 December 2020, containing the "Regulation on the requirements and criteria of suitability for the performance of the office of corporate representatives of banks, financial intermediaries, credit guarantee consortia, electronic money institutions, payment institutions and depositor guarantee systems", Bank of Italy Measure published on 4 May 2021 containing: "Provisions on the procedure of assessment of the suitability of representatives of banks, financial intermediaries, electronic money institutions, payment institutions and depositor guarantee systems" and Article 36 of Italian Decree Law no. 201/2011, later converted by Italian Law no. 214 of 22 December 2011), which introduced an explicit interlocking ban to the Italian legal system for entities operating in the financial and insurance market), of the Consolidated Law on Finance and the provisions of the Articles of Association and the Corporate Governance Code, the Issuer is not subject to other requirements regarding the composition of the Board of Directors.

With regard to information on the role of the Board of Directors and the Board committees in the processes of selfassessment, appointment and succession of directors, please refer to Section 7 of this Report.

4.3 Composition (pursuant to Article 123-bis, paragraph 2, letters d) and d-bis), of the TUF)

Pursuant to the Articles of Association, the management of the Company is entrusted to a Board of Directors composed of a number of members between 5 and 9, as resolved by the Ordinary Shareholders' Meeting.

The following table lists the composition of the Board of Directors of the Issuer in office at the end date of the Financial Year.

Name and surname	Office	Place and date of birth	First appointment
Maurizio Dallocchio()()(***)	Chairperson of the BoD	Milan (MI), 12 April 1958	21/06/2021
Mauro Selvetti()(***)	Deputy Chairperson of the BoD	Sondrio (SO), 31 July 1960	08/03/2022
Massimo Gianolli(***)	Chief Executive Officer	Biella (BI), 21 January 1966	23/10/1990
Annalisa Raffaella Donesana()()(***)	Director	Treviglio (BG), 9 June 1966	08/03/2022
Leonardo Luca Etro()(***)	Director	Milan (MI), 22 June 1978	18/10/2018
Maria Luisa Mosconi()()(***)	Director	Varese (VA), 18 May 1962	04/11/2015
Marta Bavasso()()(***)	Director	Florence (FI), 22 March 1969	29/06/2022
Gabriele Albertini()()(***)	Director	Milan (MI), 6 July 1950	10/11/2023
Federica Casalvolone ()()(***)	Director	Biella (BI), 8 November 1971	10/11/2023

(*) Independent director pursuant to Article 147-ter, paragraph 4, of the TUF.

(**) Independent Director pursuant to Article 2 of the Corporate Governance Code.

(***) Executive Director.

(****) Non-Executive Director.

In this regard, it should be noted that on 5 April 2024, the Shareholders' Meeting appointed Gabriele Albertini and Federica Casalvolone, already co-opted by the Board of Directors pursuant to Article 2386 of the Italian Civil Code, as directors with effect from 18 December 2023.

The Company, also on the basis of the self-assessment exercise conducted by the Board of Directors - which concerned the verification of its composition and functioning and those of the internal board committees - approved during the meeting of 4 February 2025(5) , considers that all members of the Board of Directors have adequate professionalism and skills for the tasks assigned to them. The Company also believes that the number and skills of non-executive directors are such as to ensure that they carry significant influence in the adoption of board resolutions and to guarantee effective management monitoring. As per the previous table, all non-executive directors are independent pursuant to the Consolidated Law on Finance and the Corporate Governance Code.

In this regard, it should be noted that the Issuer, in view of the calling of the next shareholders' meeting that will be convened to resolve on the financial statements for the financial year 2024 and, among other things, on the appointment of the Board of Directors and the Board of Statutory Auditors, in line with the recommendations of the Corporate Governance Code and taking into account the results of the self-assessment, on 22 February 2025(6) , approved and published the guidelines of the Board of Directors on the quantitative and qualitative composition of the administrative body considered optimal, which are available on the Company's website (www.generalfinance.it, "Governance/Shareholders' Meeting" Section) as well as on the authorised storage mechanism eMarket Storage () and at the Company's registered office.

Professional profile of the Directors in office

⁵ The outcome of the self-assessment exercise conducted by the Board of Directors revealed, among other conclusions, that: (i) all Directors consider the size of the Board of Directors to be adequate and believe that the current qualitative composition covers all the skills required by the Issuer's complex business needs, also allowing the establishment of internal board committees with the necessary skills; (ii) within the Board of Directors, "diversity" in terms of age brackets, seniority of office, gender and geographical areas of origin is well represented, ensuring the effectiveness of the Board of Directors in its role of guidance and control of the Company; (iii) the skills and experience present in the current Board of Directors are considered adequate and, in view of the renewal of the Board of Directors, the majority of Directors deem it useful to renew the office of most of the current members, with a view to continuity, given the knowledge of the Company they have acquired; (iv) the Board of Directors verified the suitability of the Directors for assumption of the post in relation to the requirements of integrity and professionalism and the criteria of professional competence and fairness as envisaged by the regulations, as well as independence and time commitment, in addition to compliance with the accumulation of offices; (v) the Board of Directors has verified that each member of the Board of Directors does not have any incompatibility conditions pursuant to Article 36 of Italian Legislative Decree 201/2011, converted into Law no. 214/2011 ( "Interlocking Ban").

⁶ The guidelines of the Board of Directors were disclosed before the publication of the Notice of call of the Shareholders' Meeting and the provision of the Shareholders' Meeting documentation, to best support the shareholders in view of the Shareholders' Meeting scheduled - as per the financial calendar - on the 10 April 2025.

Below is a summary curriculum vitae of each member of the Board of Directors in office at the date of this Report, which shows the expertise and experience gained in business management.

Maurizio Dallocchio – was born in Milan on 12 April 1958. He is Full Professor of Corporate Finance and member of the Board of the Department of Finance at Luigi Bocconi Business University in Milan, of which he was Dean. He is a Senior Lecturer at SDA Bocconi School of Management (Business Management School of Bocconi University), of which he was director of the Master in Corporate Finance. He is a member of the Editorial Committee of the Corporate & Business Strategy Review magazine and of the Scientific Committee of the Centro Studi Economia Applicata – CSEA (Centre of Applied Economics Studies) at Università Cattolica del Sacro Cuore in Milan. He has been a visiting professor at prestigious international schools and universities (among others, New York University, London Business School, IMD Lausanne). He is a chartered accountant and statutory auditor. He has contributed to the management and control bodies of numerous listed and private institutions, domestic and international. He is a member of the Board of Directors and the Advisory Board and an active supporter of numerous non-profit organisations. He is the author of several publications and articles.

Mauro Selvetti – was born in Sondrio on 31 July 1960. In the Credito Valtellinese Group since 1981, he has developed significant experience in the commercial field and in the management and development of human resources, as HR manager of Credito Valtellinese, Credito Artigiano and therefore of the Human Resources Department of the Credito Valtellinese Group. He was Deputy General Manager of Credito Siciliano from 2006 to 2008, as well as, from 2010, Deputy General Manager of Credito Valtellinese with responsibility for "IT and Operations", coordinating the activities and development of Creval Sistemi e Servizi. From 2014 to 2016, he was head of the "Sales Area" of Credito Valtellinese; in 2016 he was appointed General Manager. On 5 June 2018, he was appointed Director of Credito Valtellinese by co-optation and, as from 1 July 2018, Chief Executive Officer, confirmed on 15 October 2018 following the recomposition of the Board of Directors. He leaves his offices in 2019. Since 2021, he has held the role of Industrial Advisor for Nextalia SGR.

Massimo Gianolli – was born in Biella on 21 January 1966. In 1980 he began studying in Verona and working in the countryside, on his family's land. In 1988 he was called back to Biella for a short stint at Prestoleasing S.p.A. (now Generalfinance), at the time active in the leasing sector, in order to liquidate it. On the contrary, the company is forced to convert its activities from leasing to factoring. He has been a director and CEO of the Company since 1990. In 2005, he decided to create "La Collina dei Ciliegi", a brand created from the project to convert the Veronese land to the wine/hotel business. In 2013, he opened the CLUB SkyLounge VIP, La Collina dei Ciliegi at the San Siro stadium in Milan, combining great cooking with football and entertainment. In 2015 he founded GGH, and in 2017 opened Generalfinance's capital to the entry of Creval. In 2018, under the umbrella of La Collina dei Ciliegi, the Ca' del Moro Wine Retreat resort (Verona) was inaugurated. He is the Chief Executive Officer of Generalfinance S.p.A. and Generalbroker S.r.l., a company specialised in insurance brokerage, established in 1991.

Leonardo Luca Etro – was born in Milan on 22 June 1978. Since 2002, he has been a professor of Corporate Finance at SDA Bocconi School of Management (Business Management School of the Bocconi University) and at Luigi Bocconi Business University in Milan. At SDA Bocconi School of Management (Business Management School of the Bocconi University), he was director of the Administration, Control, Corporate Finance and Real Estate Area in the two-year period 2015-2016, Member of the Management Committee from 2015 to 2020 and Director of International Development from 2018 to 2020. He carries out professional strategic-financial and investment advisory activities through the companies Madison Corporate Finance and Madison Capital, established in 2007 and 2011 respectively. He is an independent director in various companies.

Maria Luisa Mosconi – was born in Varese on 18 May 1962. She has a degree in Business Economics and is qualified as a chartered accountant and statutory auditor; she has been enrolled in the Association of Chartered

Accountants of Milan since 1992 and in the Register of Independent Experts for the negotiated settlement of company crisis at the Milan Chamber of Commerce. Since 1997, she has been enrolled in the Register of Consultants of the Judge at the Court of Milan, with specific reference to company valuations, extraordinary finance transactions, insolvency proceedings. She is an associate of the ODV231 – Association of Members of Supervisory Bodies pursuant to Italian Legislative Decree no. 231/2001. She works as a chartered accountant with particular reference to bankruptcy proceedings and consultancy relating to corporate restructuring and crises, as well as appraisals. She acts as receiver and judicial liquidator at the Court of Milan, Bankruptcy Section. She has held and holds the position of Chairperson and member of the board of statutory auditors, the board of directors and the supervisory board and judicial liquidator in various listed and unlisted companies. During her career, she gained significant experience in various listed and unlisted companies, including in regulated sectors, in the banking, insurance, financial intermediaries and asset management companies sectors. She is Chairperson or member of supervisory bodies pursuant to Italian Legislative Decree no. 231/2001.

Annalisa Raffaella Donesana – was born in Treviglio (BG) on 9 June 1966. In 1990, she graduated in Economics and Commerce from Luigi Bocconi Business University in Milan and, in the same year, she began working, first as a Junior Auditor and then as a Senior Auditor, at Arthur Andersen S.p.A., carrying out auditing and due diligence activities. From 1993 to 2003, she worked as an associate senior manager at a Legal and Tax Advisory Firm (linked to the auditing firm Arthur Andersen – Deloitte) where she worked on the development of the tax division of the M&A sector, assisting leading Italian and international clients. From 2004 to 2009, she was a partner in Studio Guido Severgnini e Associati, where she carried out tax consultancy, opinions, tax rulings, transfer pricing analysis, assistance in corporate reorganisation in crisis contexts. In October 2009, she co-founded Studio ACTA, of which she is managing partner until 2020, in which she provides tax advisory services with particular reference to international tax law and to listed companies operating in highly regulated sectors such as motorway concessions and multi-utilities (energy, water and gas sectors) as well as opinion-making activities, tax rulings, tax assistance, transfer pricing analysis and tax due diligence activities. She is the author of several articles and reports published in trade magazines as well as in collective works published by "Il Sole 24Ore", "Giuffré" and "Ipsoa" as well as a speaker at numerous conferences on tax matters. She is enrolled in the Register of Chartered Accountants of Milan. She has held and holds the position of independent director and statutory auditor in listed and unlisted companies. Marta Bavasso – was born in Florence (FI) on 22 March 1969 and graduated with full marks in law from the University of Florence in 1993. In 1992, she obtained an LLM in EU Law and Institutions, EU Competition Law, International Business Law from the University College London (UCL), Faculty of Laws. She has been authorised to practice law since 1997. She has carried out her professional activity both in internationally renowned law firms, gaining a wealth of skills primarily in corporate and commercial law in general and in technology and (tele)communications law, and in-house, on behalf of leading companies. She has been a founding member of the law firm Gambino-Scanzano-Pesce-Bavasso and is responsible for the corporate-M&A-private equity and TMT sectors. She is a director in Philogen S.p.A. (as well as lead independent director); she is also a director at Ericsson Telecomunicazioni S.p.A.

Federica Casalvolone – was born in Biella (BI) on 8 November 1971. She has a degree in Economics and Commerce from the University of Pavia. Enrolled in the Board of Accountants and Commercial Experts of Vercelli and Biella since June 1996. Enrolled in the Board of Accountants and Commercial Experts of Biella from October 1998 until June 2001. Enrolled in the Register of Chartered Accountants and Accounting Experts of Biella since June 2001. Enrolled in the Register of Statutory Auditors since December 1999. Since 1991 she has worked with Studio Bernero – Barazzotto, a professional firm in Biella, first as a trainee Accountant, then as an independent professional Accountant, then as a trainee Chartered Accountant/Statutory Auditor and finally a partner. She

currently carries out professional, accounting, corporate and tax consultancy activities for various companies, operating at the offices in Biella and Milan. Among other things, she deals with extraordinary transactions, analyses of company situations and assessments, assistance in negotiations and tax aspects relating to acquisitions and sales of companies, business units, controlling or minority shareholdings, preparation of due diligence reports for companies that buy or sell companies, business units, examination of corporate documentation and documents relating to properties and contracts, feasibility studies and execution of corporate restructuring transactions, including mergers, transfers, demergers, transformations, liquidations and insolvency proceedings of companies and entities.

Gabriele Albertini – was born in Milan (MI) on 6 July 1950. He obtained a high school diploma from the "Istituto dei frati gesuiti Leone XIII", and a degree in law from the University of Milan. From 1974 to 1997 he was Deputy Chairperson and Chief Executive Officer of "Albertini S.p.A.", a company founded in 1932 by his father Cesare, Deputy Chairperson of Assolombarda (Lombardy Industry Association) and Chairperson of Federmeccanica (Italian Metalworking Industry Trade Union Federation). Mayor of Milan for two terms: 1997-2001 and 2001-2006. Member of the European Parliament for two legislatures: 2004-2009, with the function of Vice-Chairperson of the Transport Commission, and 2009-2013, with the function of Chairperson of the Foreign Affairs Commission of the European Parliament. Senator of the Republic of Italy for one term (2013-2018).

Verification of the requirements of integrity, professionalism and independence, as well as the absence of causes of ineligibility or forfeiture of directors also pursuant to Italian Ministerial Decree 169/2020, as well as compliance with the rules on the interlocking ban.

The Board of Directors verified that all Directors and each Director met the requirements of integrity required by Article 147-quinquies of the Consolidated Law on Finance and the implementing regulation adopted by Italian Decree of the Ministry of Justice no. 162/2000, as they: (i) were not subject to preventive measures ordered by the judicial authorities; and (ii) have not been convicted with an irrevocable judgement, except for the effects of rehabilitation (a) to custodial sentence for one of the offences envisaged by the rules governing banking, financial and insurance activities and by the rules on markets and financial instruments, in tax matters and payment instruments; (b) imprisonment for one of the crimes provided for in Title XI of Book V of the Italian Civil Code and in Italian Royal Decree no. 267 of 16 March 1942; (c) imprisonment for a period of not less than six months for a crime against the public administration, public faith, property, public order and the public economy; and (d) imprisonment for a period of not less than one year for any offence committed with criminal intent. Furthermore, at the date of the Report, none of the penalties provided for in point (ii) above were applied to the Directors at the request of the parties.

During the meeting on 4 February 2025, based on the declarations submitted by each interested party, the Board of Directors also conducted a periodic assessment to ensure that the Directors Maurizio Dallocchio, Mauro Selvetti, Leonardo Luca Etro, Maria Luisa Mosconi, Annalisa Raffaella Donesana, Marta Bavasso, Federica Casalvolone and Gabriele Albertini met the independence requirements set forth in Article 147-ter, paragraph 4, of the Consolidated Law on Finance (which refers to Article 148, paragraph 3, of the Consolidated Law on Finance) and Article 2 of the Corporate Governance Code.

With regard to the identification of the quantitative and qualitative parameters used to identify and assess the relationships referred to in letters c) and d) of Recommendation 7 of the Corporate Governance Code ("significance criteria"), at the meeting on 4 February 2025, the Board of Directors confirmed the significance criteria for the assessment of the independence of non-executive directors already adopted by resolution of 9 May 2022. For more information, please refer to Section 4.7 below.

With regard to the specific regulatory provisions set forth on the assessment of the suitability of representatives of

banks, financial intermediaries, electronic money institutions, payment institutions and depositor guarantee systems, during the meetings of 28 July 2022, 23 March 2023 and 10 November 2023, the Board of Directors of the Company verified the satisfaction of the eligibility requirements pursuant to the Bank of Italy Circular of 3 April 2015, Italian Decree of the Ministry of Economy and Finance no. 169 of 23 November 2020 and the Provisions on the procedure for assessing the suitability of representatives of banks, financial intermediaries, electronic money institutions, payment institutions and depositor guarantee systems, issued by the Bank of Italy on 4 May 2021.

In addition, the Board of Directors periodically verified (recently at the meeting on 8 January 2025) compliance, by its members, with the prohibition envisaged by Article 36 of the Salva Italia (Save Italy) Decree, according to the interpretation provided by Bank of Italy, CONSOB and ISVAP in the document entitled "Criteria for the application of Article 36 of Italian Decree Law "Salva Italia", which provides for: "holders of offices in management, supervisory and control bodies and officers of the top management in companies or groups of companies operating in the credit, insurance and financial markets are prohibited from assuming or exercising similar positions in competing companies or groups of companies". Verification of the absence of causes determining the prohibition envisaged by Article 36 of the Salva Italia Decree was renewed by the Board of Directors at its meeting held on 10 November 2023, for all directors in office at the date of the Report.

At the end of the above checks, the Board of Directors positively evaluated, for each of its members:

possession of the requirements of integrity and professionalism in compliance with the legislative and regulatory provisions in force for the representatives of a financial intermediary;
compliance with the criteria of competence and fairness set forth in Italian Ministerial Decree no. 169/2020;
the absence of the circumstances envisaged by Article 13, paragraph 1, letters a), b), c), h) and i) of Italian Ministerial Decree 169/2020 for which there may be a risk of influence in relation to independence of mind;
the absence of causes for suspension pursuant to the laws and regulations in force;
the absence of incompatible offices pursuant to Article 36 of the Salva Italia Decree, deeming its composition adequate with reference to both the quantitative and qualitative aspects envisaged by current legislation and compliant with the purposes and tasks assigned by it to the body with strategic supervision functions.

Diversity criteria and policies in the composition of the Board and in the company organisation

It should be noted that the rules that require the allocation of the members of the Board of Directors to be elected to be carried out on the basis of a criterion that ensures the balance between genders, pursuant to the provisions of Article 147-ter, paragraph 1-ter, of the Consolidated Law on Finance, were acknowledged in Article 14, paragraph 4, and Article 16, paragraphs 5 et seq. of the Articles of Association.

With reference to gender diversity, the composition of the Board of Directors of the Issuer complies with the requirements set forth in Article 147-ter, paragraph 1-ter, of the Consolidated Law on Finance from the Trading Start Date, as the less represented gender exceeds the two fifths of the elected directors.

Furthermore, the Company applies diversity criteria by age and career path in the composition of the Board of Directors, in compliance with the priority objective of ensuring adequate competence and professionalism of its members, pursuant to Article 2, Principle VII, of the Corporate Governance Code.

The Articles of Association already provide for rules for the composition of the lists and supplementary voting mechanisms aimed at ensuring the presence on the Board of Directors of the minimum number of members belonging to the less represented gender, in accordance with the provisions of the applicable regulations. Please refer to Section 4.2 of this Report for detailed information.

At the date of this Report, the composition of the Board of Directors is adequately diversified by age, gender and training and professional background.

The Company has not formally adopted diversity policies in relation to the composition of the management body,

with specific reference to aspects such as age and training and career path, since – de facto – it already applies principles of personal and professional diversification in the appointments, to guarantee a balanced composition of the body.

The Company has not adopted a specific policy aimed at promoting equal treatment and opportunities between genders within the entire company organisation. It should be noted, however, that the Company has adopted a Code of Ethics (as defined below) which contains the set of principles with which it must comply in conducting its business, carrying out its activities and in managing relationships with its stakeholders. These principles include, inter alia, those of fairness and impartiality, pursuant to which the Company conducts monitoring to ensure that all forms of discrimination are prevented. The Company undertakes to ensure that forms of discrimination based on age, sex, sexual orientation, race, language, nationality, political and trade union opinions, religious beliefs or other conditions or personal characteristics not related to the work are not tolerated in the work environment and it operates in a fair and impartial manner, adopting the same behaviour towards all stakeholders with whom it comes into contact. The Company's employees must in fact be impartial, in form and substance; all decisions must be made objectively without discriminating against any stakeholder for reasons related to gender, sexual orientation, age, nationality, health status, political and trade union opinions, race, religious beliefs and any personal trait in general. Pursuant to the Code of Ethics (as defined below), the Company also undertakes to offer equal opportunities in the work and professional development of all employees.

Maximum number of offices held in other companies

Also taking into account the fact that the Corporate Governance Code recommends that the administrative body of only "large companies" express a view on the maximum number of offices in the management or control bodies in other listed companies or companies of significant size that may be considered compatible with the effective performance of the office of director of the company, the Board did not deem it necessary to define general criteria for its directors. This is without prejudice to the duty of each director to assess the compatibility of the offices held in other companies with the diligent performance of the duties undertaken as a director of the Issuer. In this regard, it should be noted that the guidelines of the Board of Directors on the quantitative and qualitative composition of the administrative body considered optimal - detailed previously - highlight that it is considered appropriate for all candidate Directors, in accepting their candidacy, to not only meet, in any case, all the necessary requirements and eligibility criteria, but should carefully assess whether they have enough time to devote to the diligent performance of the position, taking into account both the number and type of offices held in the management and control bodies of other companies, and the commitment required of them by additional work and professional activities or any positions held.

For an examination of the offices held at the date of this Report and in the last five years by the members of the Board of Directors, please refer to Annex 1 to this Report.

Induction Program

With the aim of providing adequate knowledge of the business sector in which Generalfinance operates, its product, its organisation, company dynamics and their evolution, the control and risk management system, the reference regulatory framework, the main trends that may have an impact on the current performance and on the short-, medium- and long-term growth strategy of the Company, during the Financial Year the Issuer (on 9 May 2024) organised – at its Milan office – for the Directors, Statutory Auditors and the Company's management, a Board Induction session for the in-depth analysis of the topics of anti-money laundering and combating terrorism (phenomenon of money laundering and industry legislation; regulatory framework; in-depth analysis of anomaly indicators and Case Studies; reporting of suspicious transactions (SOS) and sanctions).

4.4 Functioning of the Board of Directors (pursuant to Article 123-bis, paragraph 2, letter d), of the TUF) The Board of Directors is responsible for Company management, which carries out the operations necessary for the implementation of the corporate purpose.

The Chairperson of the Board of Directors calls and chairs the Board of Directors, establishes its agenda and coordinates its conduct. In the event of the absence of the Chairperson of the Board of Directors, the Board of Directors elects the Chairperson based on an absolute majority of the directors present.

The meeting is called using all the suitable means in consideration of the notice periods, sent normally at least 5 (five) calendar days before the meeting to each member of the Board of Directors and of the Board of Statutory Auditors and, in urgent cases, this term may be reduced to 24 (twenty-four) hours before the meeting. Meetings of the Board of Directors shall be considered validly constituted, including where not formally called, when all of the Directors and the majority of Standing Auditors in office are present and all entitled parties have been informed beforehand of the meeting and there have been no objections to the discussion of the items on the agenda.

The call notice of the Board of Directors indicates the location, date and time of the meeting and the items on the agenda. In the notice of call, it may be established that the Board of Directors is held exclusively by telecommunication means, omitting the indication of the physical location of the meeting.

The Board of Directors is validly constituted with the presence of the majority of its members in office and validly passes resolutions with the favourable vote of the absolute majority of the directors present, except for resolutions regarding (i) the remuneration policy proposal to be submitted to the Shareholders' Meeting for examination; (ii) any adoption of a dividend policy; (iii) the approval of the procedure adopted by the Company for related party transactions pursuant to the legislation and regulations in force on each occasion; and (iv) the approval and/or amendment of the Company's strategic plans (including therein the business plan), for which the Board of Directors validly passes resolutions with the favourable vote of the majority of its members in office. In the event of a tie, the Chairperson of the Board of Directors has the casting vote.

The resolutions of the Board of Directors must be documented in the minutes signed by the Chairperson and by the secretary. Said minutes, even if drafted by public deed, must be transcribed immediately in the book of Directors' decisions kept in accordance with the law.

The meetings of the Board of Directors can also be held, as provided, from time to time, in the notice of call, with the attendees in multiple neighbouring or distant locations, via video- or tele-conference, provided that each member can be identified by all the others and that each member is able to participate in real time in the discussion of the matters examined, as well as to receive, send and view documents.

The calendar of board meetings is defined by the Board of Directors on the proposal of the Chairperson, after consulting the CEO. In any case, the meetings of the Board of Directors – even those not envisaged in the calendar – are convened by the Chairperson, after consulting the CEO, in compliance with the law and the Articles of Association.

The topics to be discussed during the meeting, together with any other information useful for scheduling the meeting, are indicated in the call notice in a clear and concise manner and are reported therein according to a progressive order.

Before each meeting, the Company makes available to the directors and statutory auditors the documentation reasonably necessary to provide adequate information with respect to the items on the agenda, in a manner suitable to guarantee the necessary confidentiality. This documentation, as prepared by the competent corporate functions, is made available as soon as it is possible and in any case at least two calendar days before the date of the meeting, except in cases of urgent calling and in exceptional justified cases in which the information may be provided within a shorter term or during the meeting, as well as in ways other than those indicated above (for example, by making

the information available in paper format during the meeting)(7) . Where, in specific cases of necessity and urgency, it is not possible to provide the necessary information with sufficient advance notice, the Chairperson, with the help of the Secretary, ensures that adequate and timely analyses are carried out during the meetings of the Board of Directors.

During each meeting:

a. the Chairperson ensures that the work is carried out in an orderly manner, in compliance with the agenda or by modifying the agenda and specifying to directors the reasons for it, that it is possible to present the proposals in an appropriate manner, as well as to address questions and requests for clarification or additional information in a reasonable and useful manner, that answers are provided in an appropriate manner, that one can actively participate in the discussion; all while reserving adequate time to discuss each item on the agenda;
b. directors called upon to present a proposal must ensure that adequate information is provided and be available to answer questions from other directors;
c. each director participates proactively, reserving adequate time for the performance of the Board's work, promptly declares any interests they holds on their own behalf or on behalf of third parties with respect to a given matter on the agenda, pursuant to law, as well as any correlation relations pursuant to the regulations on transactions with related parties. Each director may request, at a meeting, that additional information be provided with respect to the pre-board meeting information or that given during the meeting, in order to be able to act in an informed manner.

In addition to the items already included on the agenda, the Chairperson of the Board of Directors may propose and communicate any additional items relating to urgent issues and those that cannot be postponed. In this case, the Board of Directors must unanimously resolve on the inclusion of the item on the agenda. Unless otherwise specified, it will be included in the margin of the other items on the agenda.

Any invitees (managers of the competent company functions, executives, middle managers, employees, consultants of the Company, as well as other external parties), whose presence is deemed useful in relation to the matters to be discussed or to support the better performance of the works of the Board of Directors, may be called to participate in the meetings of the Board itself, without the right to vote, and to take the floor during the same, limited to the phase of the discussion of the matters within their competence only at the invitation of the Chairperson, in agreement with the CEO (if necessary also based on the request of individual directors), to illustrate disclosures and documents or provide information, insights and clarifications.

Once all the presentations, replies and responses have been completed, the Chairperson declares the discussion closed and invites the Board of Directors to deliberate. Voting takes place by open ballot. The directors abstain in cases where this is required by the applicable legal provisions.

For the sole purpose of facilitating the minutes of the meeting and unless otherwise ordered by the Chairperson, the meetings of the Board of Directors may be recorded with audio instruments; these records and any transcriptions will be kept only until the approval of the related minutes.

Following the meeting, the draft minutes prepared by the Secretary and previously shared with the Chairperson are sent to all directors and statutory auditors for any observations. The final text of the minutes is then submitted for the approval of the Board of Directors at the next board meeting (except in cases of resolutions adopted that require

⁷ The self-assessment exercise conducted by the Board of Directors (which was outlined previously) showed that: (i) the Directors believe that the Board of Directors has received, over the past year, adequate and precise information on all areas of greater strategic importance for the Company in economic and financial, business and risk management terms and on the competitive and market context; (ii) the documentation provided to the Directors in preparation for the meetings was considered by everyone to be complete and clear, including an introductory summary of the main content to be discussed, which facilitates consultation thereof and allows the Board of Directors to carry out its role in an informed manner; (iii) the pre-meeting documentation has been received, as a rule, well in advance.

immediate execution, for which a simultaneous approval of the board minutes is required), for the purposes of subsequent filing.

The Chairperson or the Secretary may issue statements regarding the resolutions passed at meetings of the Board of Directors when the minutes of said meetings have not yet been filed.

It should be recalled that, on 20 May 2022 (the resolution was then confirmed at the Trading Start Date), in compliance with the provisions of Recommendation 11 of the Corporate Governance Code, the Board of Directors approved the Regulation of the Board of Directors that defines the rules of functioning of the body itself, including the methods for recording the minutes of the meetings and the procedures for the management of the information to the directors⁸ . On 18 April 2023, the Board of Directors approved the first update of the Regulation of the Board of Directors.

During the Financial Year, 19 meetings of the Board of Directors were held (with an average duration of approximately 75 minutes). At the date of the Report, 5 meetings have been held and at least a further 3 meetings are planned for 2025. Except in rare cases of fully justified absence, the overall percentage of attendance of the Directors was almost total.

During the Financial Year, the Board of Directors, among the various issues pertaining to the matters within its competence as per the Articles of Association and Regulation of the Board of Directors, also resolved on the following aspects:

financial situation of the Company and related interim (quarterly and half-yearly) reports;
the financial statements;
periodic verification of the independence requirements of the directors;
periodic verification that the members of the Board of Directors and the Board of Statutory Auditors do not have any reasons for incompatibility pursuant to Article 36 of Italian Law Decree no. 201/2011;
Sustainability report 2023;
verification of the possible need to make changes to the company procedure for transactions with related parties;
the corporate governance system of the Company and the assessment of the adequacy of the organisational, administrative and accounting structure of the Company, with particular reference to the internal control and risk management system;
the adoption and updating of the regulations, procedures and internal policies deemed necessary or appropriate for the organisation of the Issuer, or for compliance with the law or the Supervisory Provisions or compliance with the Corporate Governance Code;
authorisation to open a branch office in Spain;
authorisation to purchase upon the verification of certain conditions precedent of 100% of the share capital of Workinvoice S.r.l.

Pursuant to Article 21, paragraph 3 of the Issuer's Articles of Association, the Board of Directors can also internally establish committees with advisory and proposal-making functions, determining their powers, also for the purpose of ensuring the corporate governance system complies with the codes of conduct drafted by the regulated market management companies and by the trade associations that the Company is a member of.

At the meeting held on 9 May 2022, the Board of Directors established the Control, Risk and Sustainability Committee and the Appointments and Remuneration Committee, approving their Regulations which support the Regulation of the Board of Directors. The aforementioned regulations were specifically approved by each of the committees concerned.

⁸ Please refer to Section 4.4 of this Report for detailed information.

For information on the functioning of the internal Board Committees set up by the Issuer, please refer to Sections 7.2, 8.2 and 9.3 of the Report.

Article 21, paragraph 4, of the Articles of Association reserves to the Board of Directors, subject to the mandatory opinion of the Board of Statutory Auditors, the appointment of the Financial Reporting Manager pursuant to Article 154-bis of the Consolidated Law on Finance. The Board of Directors also orders their revocation, where applicable. For further information in this regard, please refer to Section 9.7 of the Report.

4.5 Role of the Chairperson of the Board of Directors

Pursuant to Article 19 of the Articles of Association, the Board of Directors appoints a Chairperson from its members, when the Shareholders' Meeting does not make provision for this; it can also appoint one or more Deputy Chairpersons and a Secretary, the latter also chosen from outside its members and outside the Company.

The Chairperson of the Board of Directors promotes internal dialogue and the effective functioning of the corporate governance system. He/She does not hold executive roles, nor carries out, including de facto, management functions, except where permitted by the applicable provisions from time to time.

In addition to the powers that may be delegated to him/her by the Board of Directors and in addition to exercising the functions attributed to them by law, the Articles of Association and other provisions of the Regulation of the Board of Directors, the Chairperson – with the help of the Secretary – carries out the following activities:

a. ensures the correct and effective functioning of the Board's work;
b. acts as a liaison between executive directors and non-executive directors;
c. defines, after consulting the CEO, the proposed calendar of Board meetings;
d. convenes the Board meetings, defining their date and time, as well as the place of call, the agenda in agreement with the CEO – and the methods of participation, as well as any intervention by external parties to the Board of Directors;
e. chairs, organises and coordinates the work of the Board of Directors and guides the conduct of the related meetings, guaranteeing the effectiveness of the Board debate and favouring in a neutral manner the reasoned participation of the directors, in particular, non-executive and independent directors, encouraging their active participation in the discussion and resolution on the matters being dealt with;
f. ensures the provision of the documentation reasonably necessary to ensure adequate disclosure to the directors with respect to the items on the agenda in order to allow the directors to act in an informed manner in the performance of their role;
g. ensures that the activities of the Committees are coordinated with the activities of the Board of Directors, being able – for example – to request and exchange information with the Chairpersons of the Committees, as well as with the corporate structures in charge, view the opinions and proposals of the committees in advance of Board meetings, know in advance the calendar of meetings of the Committees;
h. ensures, in agreement with the CEO, that the executives of the Company, managers of the competent corporate functions according to the subject matter, intervene, where appropriate or necessary, at the Board meetings, also at the request of individual directors, to provide the appropriate in-depth information on the items on the agenda;
i. organises induction sessions for the members of the Board of Directors and/or the Board of Statutory Auditors, at the beginning and – where deemed appropriate – during their mandate, aimed at providing them with adequate knowledge of the business sectors in which the Company operates, company dynamics and their evolution also with a view to creating value in the long-term, as well as compliance with the principles of proper risk management, the law and the Corporate Governance Code;
j. oversees the adequacy and transparency of the self-assessment process of the management body, with the

support of the Appointments and Remuneration Committee;

k. formulates in agreement with the CEO proposals for the adoption or amendment of a policy for the management of dialogue with the shareholder base, as well as with institutional investors and asset managers, also taking into account the engagement policies adopted by the latter;
l. as part of the organisation of the board's work, ensures that the Board of Directors is informed of the development and the significant contents of the dialogue with all the parties referred to in the previous point;
m. formulates, in order to ensure the correct management of corporate information and in agreement with the CEO, proposals for the adoption of a procedure for the internal management and external communication of documents and information concerning the company, with particular reference to inside information;
n. is responsible for taking the minutes of the board's work.

The Chairperson may not hold an executive role or perform, even de facto, management functions, except in cases where:

a. these functions are clearly defined and documented;
b. the composition and number of members of the Board of Directors ensures adequate dialogue within the body itself;
c. suitable controls are adopted for the identification and prevention of conflicts of interest;
d. the Chairperson is not simultaneously assigned powers with regard to internal controls and powers relating to other aspects of company operations;
e. the Company qualifies as a "minor intermediary" pursuant to the "Supervisory Provisions" contained in Circular no. 288 of 3 April 2015 of the Bank of Italy.

During the meeting of 8 March 2022, the Shareholders' Meeting appointed Maurizio Dallocchio as Chairperson, who is not a controlling shareholder of the Company.

During the Financial Year, the directors and statutory auditors received, in the two days prior to the board meetings, the documentation and information necessary to express their opinions on the matters submitted for their examination. In cases where it was not possible to send the documentation or part of it well in advance, full disclosure was ensured by the Chairperson of the Board of Directors on the matter under review during the board meeting, thus guaranteeing that fully-informed decisions could be taken. The meetings of the Board of Directors, at the invitation of the Chairperson and the CEO, may be attended by representatives of management or other company functions in order to promote precise and in-depth knowledge of the Company's activities.

The Chairpersons of the Control, Risk and Sustainability Committee and of the Appointments and Remuneration Committee inform the Board of Directors, at the first possible meeting, of the issues dealt with respectively by the committees. For the organisation of its work, the Control, Risk and Sustainability Committee and the Appointments and Remuneration Committee rely on the support of the Secretary appointed by the Board of Directors, who is entrusted, inter alia, with the task of drawing up the minutes of the meetings, under the direction of the committee Chairperson.

With reference to the Induction Program, the self-assessment of the Board of Directors and the dialogue with the shareholders, please refer, respectively, to Sections 4.3, 7 and 12 of this Report for detailed information.

Secretary of the Board

In compliance with the provisions of Article 19, paragraph 1, of the Articles of Association, the Board of Directors may appoint a Secretary, also chosen from outside its members and also from outside the Company, it being understood that this figure is normally chosen from among persons with adequate expertise and experience in corporate law and corporate governance.

The resolutions of the Board of Directors must be documented in the minutes signed by the Chairperson and by

the Secretary.

Pursuant to the Regulation of the Board of Directors, the Secretary supports the activities of the Chairperson, providing, with impartiality of judgement, assistance and advice to the Board of Directors on every relevant aspect for the correct functioning of the corporate governance system, pursuant to the law, the Articles of Association and Regulations.

At the meeting held on 29 June 2022, the Board of Directors appointed Stefano Saviolo, Head of the Legal and Corporate Affairs Department, as Secretary of the Company's Board of Directors.

4.6 Executive Directors

Chief Executive Officer

Pursuant to Article 21, paragraph 1, of the Articles of Association, the Board of Directors can delegate, within the limits envisaged by the legislation and regulations in force from time to time, part of its responsibilities to one or more of its members or to an executive committee composed of some of its members (the "Chief Executive Officer").

The content of these powers, where permitted, is determined in detail, with clarity and precision, to allow the collective body to correctly verify the proper fulfilment of obligations, as well as exercise its management and advocacy powers.

The Board of Directors and the Board of Statutory Auditors are informed, also by the delegated bodies, of the general operating performance, its outlook and the most important transactions, owing to their size or characteristics, carried out by the Company and its subsidiaries; in particular, the delegated Directors promptly report on a quarterly basis to the Board of Directors and the Board of Statutory Auditors on the activities carried out and on the most important economic, financial and equity transactions carried out by the Company and its subsidiaries and, in particular, the transactions in which they hold an interest, on their own behalf or on behalf of third parties. The disclosure is normally provided at the meetings of the Board of Directors.

At the meeting held on 29 June 2022, the Board of Directors ratified the appointment of Massimo Gianolli as Managing Director and CEO, already resolved – with effect from the Trading Start Date – at the meeting held on 20 May 2022, confirming the attribution to said person of the powers indicated in Annex 4 to this Report.

Disclosure to the Board by the directors/delegated bodies

Pursuant to Article 21, paragraph 2, of the Articles of Association, the Board of Directors is informed, also by the delegated bodies, on the general performance of operations, on its outlook and on the most significant transactions, due to their size or characteristics, carried out by the Company and its subsidiaries.

In particular, the Chief Executive Officers report promptly, and on a quarterly basis, to the Board of Directors on the activities carried out and on the most significant economic, financial and equity transactions carried out by the Company or by its subsidiaries and, in particular, on the transactions in which they have an interest, on their own behalf or on behalf of third parties.

Pursuant to the Regulation of the Board of Directors, the latter periodically examines the information prepared by the delegated functions with regard to the activities carried out by them in execution of the mandate received. In particular, the CEO and the managers of the company departments, who have been granted operating powers and/or powers of attorney, prepare a quarterly report, at the time of the approval of the interim situations and the financial statements.

Other executive directors

At the date of this Report, there are no other executive Directors in the Company. The Chairperson of the Board of Directors does not hold executive roles. Please refer to Section 4.5 of this Report for detailed information on the role of the Chairperson of the Board of Directors.

4.7 Independent Directors and Lead Independent Director

Independent Directors

The Board of Directors of the Issuer includes 8 (eight) directors (including the Chairperson) who meet the independence requirements pursuant to Article 148, paragraph 3, of the Consolidated Law on Finance (as referred to in Article 147-ter, paragraph 4, of the Consolidated Law on Finance), as well as the independence requirements pursuant to Article 2, Recommendation no. 7 of the Corporate Governance Code. The independent directors of the Issuer, pursuant to Article 148, paragraph 3, of the Consolidated Law on Finance, are as follows:

1. Maurizio Dallocchio;
1. Mauro Selvetti;
1. Leonardo Luca Etro;
1. Maria Luisa Mosconi
1. Annalisa Raffaella Donesana;
1. Marta Bavasso;
1. Federica Casalvolone;
1. Gabriele Albertini.

In compliance with Recommendation no. 5 of the Code, the Issuer considers the number of Independent Directors in office adequate to the size of the Board of Directors and the activity carried out by the Issuer, as well as suitable to allow the establishment of governance committees within the Board according to the recommendations of the Corporate Governance Code.

As mentioned above, the Board of Directors, during the meeting held on 4 February 2025, verified with a favourable outcome the satisfaction of the independence requirements by the independent directors, on the basis of the documentation provided by the interested parties and the documents, nonetheless, available to the Issuer.

In carrying out the above assessments, the Board applied all the criteria set out in the Corporate Governance Code. In particular, for the purposes of the independence assessment, the Board of Directors (as also with the Board of Statutory Auditors) takes into account, on the basis of all the information available, any circumstance that affects or may appear likely to affect the independence of the director according to the criteria indicated by the Corporate Governance Code, with particular reference to the quantitative and qualitative parameters for assessing the relationships referred to in letters c) and d) of Recommendation 7 of the Corporate Governance Code ("significance criteria"), which are referred to below(9) :

any relationship of a commercial or financial or professional nature with the Company or with the relative executive directors or top management, as well as with a party that, also together with others through a shareholders' agreement, controls the Company or with the relative executive directors or top management, carried out in one of the three financial years prior to taking office (the "Reference Period") is to be considered "significant", if the consideration exceeds, for each financial year included in the Reference Period, at least one of the following parameters: (i) 10% of the annual turnover of the company, entity, professional firm or consulting company over which the director has control or of which they are an executive director or partner; (ii) 10% of the director's annual income as a natural person;
in the case of the director who is also a partner of a professional firm or a consulting company, the Board of Directors assesses the significance of the professional relationships that may have an effect on their position and role within the firm or of the consulting company or that in any case pertain to important transactions of the

⁹ With regard to the identification of the quantitative and qualitative parameters used to identify and assess the relationships referred to in letters c) and d) of Recommendation 7 of the Corporate Governance Code ("significance criteria"), at the meeting on 4 February 2025, the Board of Directors confirmed the significance criteria for the assessment of the independence of non-executive directors already adopted by resolution of 9 May 2022.

Company, even regardless of the quantitative parameters;

the additional remuneration paid during the Reference Period by the Company or its subsidiaries with respect to the fixed remuneration for the office and that envisaged for participation in the committees recommended by the Corporate Governance Code or provided for by the regulations in force is to be considered significant, if higher, in each financial year included in the Reference Period, than 60% of the fixed remuneration received during the year for carrying out the office of director.

Consequently, and in compliance with the provisions of Recommendation no. 6 of the Code, the Board of Directors assesses the independence of each non-executive director during the course of the mandate in the event of circumstances relevant to independence and in any case at least once a year.

It should be noted that on the occasion of their respective applications, the independent directors of the Company declared that they meet the independence requirements envisaged by the combined provisions of Article 147-ter, paragraph 4 and Article 148, paragraph 3, of the Consolidated Law on Finance, as well as the independence requirements contained in Recommendation 7 of the Corporate Governance Code and, at the same time, they undertook to promptly notify the Board of Directors and the Board of Statutory Auditors of any changes with respect to the requirements, including those of independence, as well as any subsequently occurred causes of forfeiture.

In line with the recommendations of the Corporate Governance Code, the Board of Statutory Auditors positively verified, on 4 February 2025, the correct application of the assessment criteria and procedures adopted by the Board of Directors to assess the independence of its members.

Since the Company does not qualify as a "large company", it is not required to comply with the principles and recommendations of the Corporate Governance Code relating to independent directors (Recommendation 5). For this reason, no specific meetings of the independent directors were held during the Financial Year. However, it should be noted that the internal Board Committees are composed of members, all of whom meet the independence requirements set forth in the Consolidated Law on Finance and the Corporate Governance Code.

Lead Independent Director

Pursuant to Recommendation 13 of the Corporate Governance Code, taking into account that:

a. the Chairperson of the Board of Directors is not the CEO, nor do they hold relevant management powers;

b. the office of Chairperson is not held by the person who controls, even jointly, the Company;
c. the Issuer is not classified as a large company pursuant to the Corporate Governance Code;

the Board of Directors did not decide to appoint an independent director as lead independent director.

5. MANAGEMENT OF CORPORATE INFORMATION

In compliance with the laws and regulations in force, the Issuer has adopted specific internal procedural provisions aimed at guaranteeing the highest level of correctness, accuracy and timeliness in the process of managing corporate information, as well as the utmost transparency and accessibility to the market.

In particular, as a result of the assumption of the status of listed company, the members of the administration and control bodies of Generalfinance, as well as all those who, due to their work or professional activity, have access to inside information concerning the Company, are subject to the obligation to keep such information confidential. Inside information, pursuant to applicable regulations, is all information of a precise nature, which has not been made public, directly or indirectly concerning the Company or the financial instruments issued by it (including shares and debt securities) and which, if made public, could have a significant effect on the price of these instruments.

Therefore, in compliance with Recommendation no. 1, letter f) of the Corporate Governance Code, at the meeting held on 20 May 2022 the Issuer's Board of Directors approved a code for the internal management and external disclosure of inside information (the "Inside Information Code"), which identifies the principles and rules to be followed by the recipients of the code for the management and external disclosure of inside information, as identified by Article 17 of Regulation (EU) no. 596/2014 of the European Parliament and of the Council of 16 April 2014 ("Market Abuse Regulation").

The Inside Information Code identifies, inter alia: (i) the information that qualifies as inside information; (ii) the recipients of the code; (iii) the methods for disseminating and communicating inside information to the market; (iv) the process for the activation of the procedure of the delay in the public disclosure of inside information and the verification of the existence of the conditions for the delay; and (v) the principles of conduct that must be observed by the parties and the corporate organisational structures involved in various capacities in the processing of inside information and confidential information.

The Inside Information Code also governs the establishment and management of the register of persons who have access to inside information ("Insider Register"), pursuant to Article 18 of the Market Abuse Regulation, which, inter alia, defines: (i) the identification of the parties responsible for keeping the aforementioned Insider Register; (ii) the criteria for identifying the persons to be included in the Insider Register; (iii) the methods and functioning of the Insider Register; (iv) the content and notification of the entry; (v) updating of the Insider Register.

In addition, the Inside Information Code governs the establishment of the register of persons who have access to specific relevant information which, on the basis of a concrete assessment, has a sufficient probability of becoming, at a later time, inside information.

Generalfinance complied with the rules on internal dealing dictated by current legislation and secondary regulations, adopting – again at the Board meeting of 20 May 2022 – a code for the management of the disclosure obligations deriving from the internal dealing regulations pursuant to Article 19 of the Market Abuse Regulation, Article 114, paragraph 7, of the Consolidated Law on Finance, and Articles 152-quinquies.1, 152-sexies, 152-septies and 152 octies of the Issuers' Regulation (the "Internal Dealing Code"). In particular, the Internal Dealing Code is aimed at regulating the disclosure obligations towards the competent supervisory authorities and the public as well as the behavioural methods related to the fulfilment by the "relevant parties" (i.e., the members of the Board of Directors of the Company and the of the Board of Statutory Auditors of the Company, as well as the senior executives who have regular access to inside information of the Company and have the power to take management decisions that may affect the evolution and future prospects of the Company), the relevant shareholders (i.e., controlling shareholders and those holding a stake of at least 10% of the Company's share capital) and "persons closely associated with relevant parties and relevant shareholders" of transactions involving financial instruments issued by the Company.

The Corporate Governance Code and the Internal Dealing Code are preventive measures to control the possible occurrence of abuse of Inside Information, market manipulation and unlawful disclosure of Inside Information envisaged in Articles 8, 10 and 12 of the Market Abuse Regulation and Articles 184 et seq. of the Consolidated Law on Finance, offences also relevant for the purposes of Decree 231 on the administrative liability of entities.

Market abuse offences were included in the catalogue of predicate offences defined by 231 Model and the Code of Ethics (as defined below) adopted by the Company.

The Inside Information Code and the Internal Dealing Code are published on the Company's website (www.generalfinance.it, "Governance/Documents and Procedures" Section).

The disclosure of press releases is entrusted to the Investor Relations function. For the transmission and storage of Regulated Information, the Company uses the EMARKET and the EMARKET Storage mechanism available at , managed by Teleborsa S.r.l. – with registered office in Piazza di Priscilla, 4 - Rome – following the CONSOB authorisation and Resolutions no. 22517 and 22518 of 23 November 2022.

6. INTERNAL BOARD COMMITTEES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER D), OF THE TUF)

Pursuant to Article 21, paragraph 3 of the Articles of Association, the Board of Directors can also internally establish committees with advisory and proposal-making functions, determining their powers, also for the purpose of ensuring the corporate governance system complies with the codes of conduct drafted by the regulated market management companies and by the trade associations that the Company is a member of.

As a result of the above, also in compliance with Standard XI and Recommendations 16 and 17 of the Corporate Governance Code, on 9 May 2022, the Board of Directors resolved, with effectiveness subject to the Trading Start Date, to establish the following committees, also approving the relative regulations:

a. the Control, Risk and Sustainability Committee;
b. the Appointments and Remuneration Committee.

The Control, Risk and Sustainability Committee has also been assigned the functions of Related Party Transactions Committee, except for decisions regarding transactions involving the remuneration of directors and key management personnel of the Company, whose competence has been attributed to the Appointments and Remuneration Committee.

It should be noted that at the date of the Report, the Board of Directors has not reserved to itself any function that the Code assigns to the committees.

The Board of Directors determined the composition of the committees by favouring the expertise and experience of the relative members, as shown by the profiles of the directors who are members of it, not taking into strict consideration the concentration of offices held by the members of the committees given that the Issuer is not classified as a "large company" pursuant to the Corporate Governance Code.

At its meeting of 29 June 2022, the Board of Directors confirmed and ratified the establishment of the Appointments and Remuneration Committee and the Control, Risk and Sustainability Committee, the related responsibilities, the relevant regulations and approved their composition as follows:

for the Appointments and Remuneration Committee, Maria Luisa Mosconi, Annalisa Donesana and Mauro Selvetti, given the fulfilment of the requirements envisaged by the applicable regulations, and Maria Luisa Mosconi as Chairperson;
for the Control, Risk and Sustainability Committee, Maria Luisa Mosconi, Annalisa Raffaella Donesana and Mauro Selvetti, given the fulfilment of the requirements envisaged by the applicable regulations, and Maria Luisa Mosconi as Chairperson;
acting as Related Party Transactions Committee, the Control, Risk and Sustainability Committee and, in the case of transactions involving the remuneration of directors and key management personnel of the Company, the Appointments and Remuneration Committee.

It should be noted that, on 20 May 2022, in compliance with the provisions of Recommendation 11 of the Corporate Governance Code, the Board of Directors approved the Regulations of the Board of Directors and the Regulations of the two internal board committees, regulations that define, inter alia, each to the extent of their competence, the rules for the functioning of the body, including the methods for recording the minutes of the meetings and the procedures for the management of the information to the directors that comprise them, specifying the terms for the prior sending of the information and the methods for protecting the confidentiality of the data and information provided so as not to jeopardise the timeliness and completeness of information flows.

For further information on the structure of the internal board committees, please refer to Table 3.

Additional committees

At the date of this Report, the Board of Directors of the Company did not decide to establish additional internal

board committees.

7. SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS –APPOINTMENTS AND REMUNERATION COMMITTEE, IN THE ROLE OF APPOINTMENTS COMMITTEE

7.1 Self-assessment and succession of directors

Self-assessment of the Board of Directors

Pursuant to the Regulation of the Board of Directors, in compliance with the Principles and Recommendations of the Code, the Board of Directors periodically assesses the effectiveness of its activities and the contribution made by its individual members, through formalised procedures whose implementation it oversees. To this end, the Board of Directors, at least every three years – in view of its renewal – carries out a formalised self-assessment process. The Chairperson, with the help of the Secretary, ensures the adequacy and transparency of this self-assessment process.

The self-assessment process is carried out in order to assess the effectiveness of the activities of the Board of Directors and the Committees and express an opinion on the actual functioning, size and composition of the body as a whole and of the same Committees, also considering the role it had in defining the strategies and monitoring the management performance and the adequacy of the internal control and risk management system. The selfassessment also considers the contribution made by each director, taking into account the professional characteristics, experience, knowledge, skills and gender of its members, as well as their seniority in office. Following the self-assessment activity, the Board of Directors identifies any necessary or appropriate corrective actions.

The Chairperson of the Board of Directors assesses the opportunity for the Company to make use of external consultants to carry out the self-assessment activity.

The self-assessment, when carried out according to internal procedures and without the support of external consultants, unless otherwise established by the Board of Directors, can be carried out through:

i. the sending of a questionnaire to each director containing some questions that require them to express an opinion on the size, composition and functioning of the Board of Directors and the Committees, with the possibility of providing suggestions or proposals for action;
ii. the transmission of the completed questionnaires to the Secretary, who draws up a document summarising the opinions expressed and the suggestions provided, in aggregate and anonymous form;
iii. the submission of the summary document to the examination of the Appointments and Remuneration Committee for the purpose of formulating proposals or considerations to be submitted to the Board of Directors for the appropriate assessments and resolutions.

It is acknowledged that, during the meeting of 4 February 2025 - every three years, in view of its renewal (Recommendation 22) - the Board of Directors approved the final document that reports the outcome of the selfassessment exercise conducted by the Board of Directors regarding the verification of its composition and functioning, as well as those of the internal board committees which revealed, among other conclusions: (i) all the Directors consider the size of the Board of Directors to be adequate and believe that the current qualitative composition covers all the skills required by the Issuer's complex business needs, also allowing the establishment of internal board committees with the necessary skills; (ii) within the Board of Directors, "diversity" in terms of age brackets, seniority of office, gender and geographical areas of origin is well represented, ensuring the effectiveness of the Board of Directors in its role of guidance and control of the Company; (iii) the skills and experience present in the current Board of Directors are considered adequate and, in view of the renewal of the Board of Directors, the majority of Directors deem it useful to renew the office of most of the current members, with a view to continuity, given the knowledge of the Company they have acquired; (iv) the Board of Directors verified the suitability of the Directors for assumption of the post in relation to the requirements of integrity and professionalism and the criteria

of professional competence and fairness as required by law, as well as independence and time commitment, in addition to compliance with the accumulation of offices; (v) the Board of Directors verified that no incompatibility conditions exist for each member of the Board of Directors pursuant to Article 36 of Legislative Decree 201/2011, converted into Law no. 214/2011 ( "Interlocking Ban").

Succession of Executive Directors

Please note that at the date of the Report, no plans for the succession of the CEO and executive directors had been adopted.

In particular, also taking into account the fact that the Code recommends the definition of a succession plan only for "large companies", until now, the Company has decided not to adopt a succession plan for executive directors.

7.2 Appointments and Remuneration Committee

In compliance with the provisions of Principle XI and Recommendations 16 and 17 of the Corporate Governance Code, as well as pursuant to Articles 4 and 5 of the Code, on 9 May 2022, the Board of Directors resolved, with effectiveness subject to the Trading Start Date, the establishment of an Appointments and Remuneration Committee.

In consideration of the organisational needs of the Company, the operating methods and the size of its Board of Directors, the Company has established a single remuneration and appointments committee pursuant to Articles 4 and 5 of the Corporate Governance Code, with investigative, advice and proposal-making functions vis-à-vis the Board of Directors.

Composition and functioning of the Appointments and Remuneration Committee (pursuant to Article 123-bis, paragraph 2, letter d), of the TUF)

At the meeting held on 9 May 2022, the Board of Directors appointed Federica Casalvolone (Chairperson), Mauro Selvetti and Maria Luisa Mosconi as members of the Appointments and Remuneration Committee. At the same meeting, the Board of Directors approved its Regulation.

Subsequently, at its meeting held on 29 June 2022, the Board of Directors replaced, as a member of the Appointments and Remuneration Committee, the director Federica Casalvolone, with the director Annalisa Donesana. At the same meeting, the Board of Directors confirmed and ratified its establishment, responsibilities and regulations. At the date of this Report, the Appointments and Remuneration Committee is composed of the following non-executive directors: Maria Luisa Mosconi (Chairperson), Annalisa Donesana and Mauro Selvetti, members.

In this regard, the Issuer believes that this composition is in line with the provisions of the Corporate Governance Code, due to the satisfaction, by all members, of the independence requirements indicated by the Consolidated Law on Finance and the Corporate Governance Code, as well as possession of adequate experience in financial matters or regarding remuneration policies.

The Appointments and Remuneration Committee is an advisory and proposal-making body, which meets as often as necessary for the performance of its functions by means of a call notice sent by the Chairperson or by a person appointed by them, as a rule at least three days before the date set for the meeting. In case of urgency, this notice may be sent at least twenty-four hours before the time set for the meeting.

The Appointments and Remuneration Committee must also be called if requested by the Chairperson of the Board of Statutory Auditors, the Chairperson of the Board of Directors or the Chief Executive Officer.

The notice contains an indication of the location, day and time of the meeting, as well as the list of matters to be discussed. The Appointments and Remuneration Committee may also meet exclusively by videoconference and/or teleconference provided that all participants can be identified, have the documentation to be analysed, are allowed to share any documents relating to the issues to be discussed and are permitted to follow the discussion and to

intervene in real time in the discussion of the topics dealt with. If these conditions are met, the meeting of the Appointments and Remuneration Committee is considered to be held in the place where the secretary of the meeting is located.

The Appointments and Remuneration Committee may validly meet even in the absence of a formal convocation sent according to the aforementioned terms and methods where all its members are present.

The Chairperson ensures, in a manner suitable to guarantee the necessary confidentiality, the transmission of the documentation reasonably necessary to guarantee adequate disclosure of the members of the Appointments and Remuneration Committee with respect to the items on the agenda, so as to allow them to act in an informed manner in the performance of their role within the Appointments and Remuneration Committee. To this end, the Chairperson has access to the corporate functions in order to acquire the information reasonably necessary for the performance of their duties, as well as for the performance of the functions assigned to the Committee.

The disclosure intended for the Appointments and Remuneration Committee is sent by the Chairperson or by a person authorised by the Chairperson, to all its members at least two calendar days before the date of the meeting, although the committee may also discuss items on the agenda whose documentation was sent in a shorter period of time if all members of the Committee declare that they are sufficiently informed. If there are special requirements, the information may be provided within a shorter period of time or during the meeting, as well as using methods other than those indicated above (for example, by making the information available in paper format during the meeting).

The Appointments and Remuneration Committee is duly constituted with the presence of the majority of its members and the resolutions are adopted accordingly by an absolute majority of those present. In the event of a tie, the Chairperson has the casting vote.

No director may participate in meetings of the Appointments and Remuneration Committee in which their own remuneration is examined.

The Chairperson informs the Board of Directors of the activities carried out by the Appointments and Remuneration Committee at the first possible meeting.

The Appointments and Remuneration Committee appoints a secretary, also chosen from outside the Committee, who takes the minutes of the meetings. The minutes of the resolutions of the Appointments and Remuneration Committee, signed by the secretary and the Chairperson, are transcribed by the secretary in the register of meetings and resolutions of the Appointments and Remuneration Committee, kept by the Company together with the other company books. For the sole purpose of facilitating the minutes of the meeting and unless otherwise provided by the Chairperson of the meeting, the meetings of the Committee may be recorded with audio instruments; these records and any transcriptions will be kept only until the approval of the related minutes. The minutes are also sent to the members of the Committee, and are available to the Chairperson of the Board of Statutory Auditors as well as the Chairperson of the Board of Directors and the Chief Executive Officer of the Company. The minutes are normally approved at the next meeting of the Committee.

At its meeting held on 15 July 2022, the Appointments and Remuneration Committee appointed as its secretary Stefano Saviolo, already Secretary of the Board of Directors and Head of the Legal and Corporate Affairs

Department.

The Appointments and Remuneration Committee must have adequate financial resources to carry out its duties. To this end, the Board of Directors may decide alternatively to allocate a specific budget available to the Appointments and Remuneration Committee or to provide for any expenditure requirements any time that may be necessary.

Functions of the Appointments and Remuneration Committee with regard to appointments

With regard to appointments, in accordance with the provisions of Recommendation 19 of the Corporate Governance Code, the Appointments and Remuneration Committee is responsible for assisting the Board of Directors in the activities of: (i) self-assessment of the Board of Directors and its committees, supporting the Chairperson in overseeing the adequacy and transparency of the Board of Directors; (ii) definition of the optimal composition of the Board of Directors and its committees; (iii) identification of candidates for the office of director in the event of co-optation; and (iv) identification of a list, according to the methods that ensure its transparent formation and presentation, for the election of the Board of Directors itself and (v) preparation, updating and implementation of any plan for the succession of the Chief Executive Officer and the other executive directors (if the Board of Directors decides to adopt it).

The Chairperson of the Appointments and Remuneration Committee has access to the company functions in order to acquire the information reasonably necessary for the performance of their duties, as well as for the performance of the functions assigned to the Appointments and Remuneration Committee.

During the Financial Year, 4 meetings of the Appointments and Remuneration Committee were held (with an average duration of approximately forty minutes). At the date of the Report, 2 meetings have already been held and at least a further 2 meetings are planned for 2025. The meetings were regularly attended by the majority of the members of the Board of Statutory Auditors. With a total attendance percentage of approximately 100%, the attendance percentage of each member of the Appointments and Remuneration Committee in office at the date of the Report was respectively equal to: (i) Maria Luisa Mosconi 100%; (ii) Annalisa Donesana 100%; and (iii) Mauro Selvetti 100%. The meetings of the Appointments and Remuneration Committee, at the invitation of the Chairperson and having informed the Chief Executive Officer, were attended by representatives of management or other company functions in order to promote precise and in-depth knowledge of the Company's activities.

During the Financial Year, the Appointments and Remuneration Committee, in its function of appointments committee, among other things:

previously met with the candidate to take on the functions of Head of the Sales Department;
examined the draft self-assessment of the Board of Directors.

8. REMUNERATION OF DIRECTORS – APPOINTMENTS AND REMUNERATION COMMITTEE, IN THE FUNCTION OF REMUNERATION COMMITTEE

8.1 Remuneration of directors

Remuneration Policy

The Issuer has adopted a remuneration policy for directors, members of the control body and top management, in line with the provisions of Article 123-ter of the Consolidated Law on Finance (the "Remuneration Policy") which, in compliance with the legal and regulatory provisions in force, was approved by the Shareholders' Meeting on 5 April 2024.

On 8 March 2022, at the same time as the appointment of the administrative body in office from the Trading Start Date, the Ordinary Shareholders' Meeting of the Issuer resolved to grant the Board of Directors a total gross annual fee of up to EUR 1,000,000.00 (one million/00) and without considering the variable remuneration deriving from incentive plans that may be approved by the Company, in addition to the reimbursement of expenses incurred for exercising their respective functions, to be divided among the individual members of the Board of Directors, based on the resolution of said Board, subject to the Trading Start Date, without prejudice to the fact that each director was allocated a gross annual fixed remuneration for said office of EUR 15,000.00 (fifteen thousand/00), plus the aforementioned reimbursement of expenses.

At the meeting held on 29 June 2022, the Board also resolved to ratify the resolution of the Board of Directors of 6 June 2022, and as a result of confirming, by way of remuneration for the particular offices held pursuant to Article 2389, third paragraph, of the Italian Civil Code, on an annual basis, to the following directors the remuneration indicated below:

EUR 450,000.00 (four hundred and fifty thousand/00) to Massimo Gianolli, as CEO and Managing Director;
EUR 50,000.00 (fifty thousand/00) to Maurizio Dallocchio, as Chairperson of the Board of Directors.

At the meeting held on 12 December 2022, the Board of Directors, in consideration of the provisions and recommendations of the Corporate Governance Code, resolved to pay the members of the two internal Board Committees the following fee for the office they held, with effect from the time of appointment of the interested parties:

a. Control, Risk and Sustainability Committee:
- Chairperson, EUR 7,500.00 (seven thousand five hundred/00) gross on an annual basis;
- Member, EUR 5,000.00 (five thousand/00) gross on an annual basis.
b. Appointments and Remuneration Committee:
- Chairperson, EUR 7,500.00 (seven thousand five hundred/00) gross on an annual basis;
- Member, EUR 5,000.00 (five thousand/00) gross on an annual basis.

Share-based remuneration plans

With particular reference to top management, at the meeting held on 22 November 2022, the Board of Directors confirmed the resolution taken on 6 June 2022 relating to the approval of the Company's incentive plan and the related regulations, including its annexes, identifying as beneficiaries the Chief Executive Officer, Massimo Gianolli, and the Company's key management personnel, Ugo Colombo and Alessandro Ferrari, the Head of the Sales Department, Riccardo Gianolli and the Head of the ICT and Organisation Department, Stefano Biondini. The purpose of the Company's incentive plan and the related regulation is to incentivise the beneficiaries to achieve the company objectives, including the enhancement of the Company (also in the long-term), and at the same time to create a tool to ensure the latter's loyalty, by assigning the right to receive a bonus under the conditions set out in the regulation of the Company's incentive plan.

Among the various aspects, therefore, as far as relevant herein, the regulation in question provides for the payment

by the Company of the bonus accrued by the beneficiaries according to the level of achievement of the objectives: (i) for an amount equal to 50% of the bonus accrued with the fees relating to the first month following the approval of the financial statements for the year 2024; (ii) for an amount equal to 25% of the bonus accrued (the "First Deferred Portion") with the fees relating to the first month following the approval of the 2025 financial statements; lastly, (iii) for an amount equal to the residual 25% of the bonus accrued (the "Second Deferred Portion" and, together with the First Deferred Portion, the "Deferred Portions") with the amounts relating to the first month following the approval of the 2026 financial statements. The Deferred Units will be paid in the form of phantom shares linked to the price of the Company's shares on Euronext Milan (the "Phantom Shares"). In particular, the Phantom Shares will be calculated by dividing 50% of the bonus accrued by the average price of the shares in the three months prior to the meeting of the Board of Directors, which will resolve on the final balance of the incentive plan with the approval of the financial statements relating to the financial year as at 31 December 2024, and subsequently multiplying the number of Phantom Shares thus determined by the average price of the shares in the three months prior to the date of approval of the financial statements relating to the financial year as at 31 December 2025, as regards the First Deferred Portion, and as at 31 December 2026, as regards the Second Deferred Portion. In this regard, it is specified that the objective of aligning the long-term interests of the beneficiaries of the LTI plan with those of the Company's shareholders is considered effectively pursued, albeit in partial derogation from the provision set forth in Recommendation no. 28 of the CG Code, which indicates that a prevalent part of the plan makes provision for a total period of right vesting and maintenance of the shares assigned of at least five years. In fact, the Company envisaged a period for the vesting of the rights and maintenance of the Upfront Units of less than five years, as referred to above; on the other hand, the full availability of all the Units is guaranteed to all beneficiaries of the LTI Plan only at the end of a period (considered as a whole) greater than six years.

By resolution dated February 28, 2025, the Board of Directors approved a new long-term incentive plan for the Chief Executive Officer and executives with strategic responsibilities within the Company for the 2025-2027 period. The new plan will be submitted for approval at the ordinary shareholders' meeting convened for April 10, 2025. It essentially replicates the rules and application principles of the incentive plan for the 2022-2024 period.

For more details, please consult the document "Remuneration Policy - FY 2025 and Summary disclosure on remuneration paid in FY 2024" approved by the Board of Directors on 28 February 2025 – as well as the Information document on the 2025-2027 long-term incentive plan published on the Company's institutional website – in preparation for the Ordinary Shareholders' Meeting called for 10 April 2025.

Directors' indemnity in the event of resignation, dismissal or termination of employment following a takeover bid (pursuant to Article 123-bis, paragraph 1, letter i), of the TUF)

At the date of this Report, no agreements have been entered into between the Issuer and the directors that provide for indemnities in the event of resignation or dismissal/revocation without just cause or if the employment relationship ceases following a takeover bid.

The Issuer, after the Trading Start Date, on the occasion of the possible termination of office and/or the dissolution of the relationship with an executive director or a general manager (where appointed), will disclose, following the internal processes that lead to the allocation or recognition of indemnities and/or other benefits, detailed information in this regard, through a press release disseminated to the market, in line with Recommendation no. 31 of the Code.

8.2. Appointments and Remuneration Committee As indicated in Paragraph 7.2 above, on 9 May 2022, the Board of Directors resolved, in accordance with the provisions of the Corporate Governance Code and effective from the Trading Start Date, the appointment of the Appointments and Remuneration Committee, defining its tasks and functions. For more information on the

composition and functioning of the Appointments and Remuneration Committee, please refer to Paragraph 7.2 above.

With regard to remuneration, the Appointments and Remuneration Committee is responsible for the tasks set forth in Recommendation 25 of the Corporate Governance Code, namely: (i) assisting the Board of Directors in drawing up the remuneration policy; (ii) submitting proposals or expressing opinions on the remuneration of executive directors and directors who hold specific offices as well as on the setting of performance objectives related to the variable component of said remuneration; (iii) monitoring the actual application of the remuneration policy and verifying, in particular, the actual achievement of the performance objectives; and (iv) periodically assessing the adequacy and overall consistency of the remuneration policy for directors and top management.

In line with Recommendation no. 26 of the Corporate Governance Code, no director takes part in the meetings of the Appointments and Remuneration Committee in which proposals are made to the Board of Directors regarding their remuneration.

In carrying out its functions, the Appointments and Remuneration Committee has the right to access the information and company functions necessary for the performance of its duties as well as to make use of external consultants. The Company, within the terms established by the Board of Directors, will also make available to the Appointments and Remuneration Committee adequate financial resources for the performance of its duties, within the limits of the budget approved by the Board of Directors.

For further information on the functioning of the Appointments and Remuneration Committee, please refer to Section 7.2 of the Report.

The Appointments and Remuneration Committee, in its function of remuneration committee, during the Financial Year, among other things, fulfilled its functions and primarily:

performed the tasks required by the Related Party Transactions Procedure on the occasion of transactions concerning the allocation and/or increase of remuneration or economic benefits of directors and key management personnel;
assisted the Board of Directors in drawing up the policy for the remuneration of directors, members of the control body and top management (remuneration system in place: management by objectives system of the Company (2024 MBO and annual bonus); Report on remuneration policy and remuneration paid pursuant to Article 123 ter, of the Consolidated Law on Finance);
monitored the practical application of the remuneration policy and verified, in particular, the actual achievement of the performance objectives (verification of the final balance of the remuneration paid under the 2024 MBO and annual bonus regulations);

9. INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - CONTROL RISK AND SUSTAINABILITY COMMITTEE

9.1 Foreword

In compliance with Recommendation no. 1 of the Corporate Governance Code, the Board of Directors, which is responsible for the internal control and risk management system as a whole, defines the nature and level of risk compatible with the strategic objectives of the Company, including all elements in its assessments which may be relevant in view of the Issuer's sustainable success. The risk management system must not be considered separately from the internal control system in relation to the financial reporting process; both are actually elements of the same system. This system is aimed at guaranteeing the soundness, accuracy, reliability and timeliness of financial reporting.

The design approach in the construction of the internal control and risk management system was inspired by international standards and industry best practices.

The Board of Directors defines the guidelines of the internal control and risk management system, so that the main risks relating to the Issuer and its subsidiaries are correctly identified, as well as adequately measured, managed and monitored, determining the compatibility of these risks with management of the company that is consistent with the strategic objectives identified.

9.2 Phases of the existing risk management and internal control system in relation to the financial reporting process

The main components of the risk management system are indicated below.

Planning and control model: the system aims to provide management in a timely manner with all information necessary to support decision-making activities. This information must allow a correct understanding of the economic, financial, equity and management situation of the Issuer and is strictly connected (i) to the achievement of the strategic objectives set out in the business plan, defined with a three-year horizon, (ii) to the management and/or the monitoring of company performance with respect to the budget for the year, drawn up and approved annually, (iii) management and/or monitoring of competitive advantages and critical success factors that favour the achievement of company objectives, as well as (iv) management and/or monitoring of business risks.
technical accounting tools: the control and management system is aimed at guiding the strategic decisions of management and supporting the company in defining and monitoring company objectives. To allow these results, the Issuer has adopted a series of tools and software used to record company events, both current and future, with an economic, equity and financial impact (including Target, TOR, Excel, QlikSense, etc.);
planning: the strategic planning, programming and forecasting processes allow the definition of the Issuer's medium-long term strategic objectives. This system is based on the definition of a strategic business plan, on a three-year basis, with respect to which, annually, an operating budget is approved, which represents the first step for the implementation of the economic-financial and equity guidelines outlined in the plan;
Corporate and Business reporting and indicators: the Issuer's reporting system aims to monitor the most relevant indicators for the business in a timely manner to allow management to intervene, if necessary, with targeted corrective actions. The main indicators used to monitor the critical success factors and business risk factors are (i) the economic-financial indicators, aimed at monitoring the main financial and financial statement dimensions, (ii) the performance indicators ( KPIs), specifically intended to monitor the main critical success factors, and (iii) the risk indicators ( KRIs), aimed at monitoring the main business risks;
integration between IT systems;
Risk Appetite Statement: subject to the favourable opinion expressed by the Control, Risk and Sustainability

Committee, at the meeting held on 26 March 2024, the Board of Directors approved the "Risk Appetite Statement" prepared by the Company, aimed at defining the main concepts of risk appetite, risk tolerance, risk capacity and risk profile, in preparation for identifying the scope of action within which the Company, in its entire structure, implements the strategic guidelines according to the mission and the development objectives assigned, according to the business model and the organisational design defined. In addition, it analytically illustrates the Risk Appetite metrics that translate the risk objectives or risk appetite objectives into quantitative and qualitative indicators, consistent with the defined strategic and operational planning, in relation to various elements such as:

the external market context and the regulatory context;
the strategic objectives defined by the Board of Directors with respect to the expected positioning of the risk profile;
the capital adequacy assessments deriving from the implementation of the ICAAP process, as well as from assessments deriving from the execution of stress tests on the current and prospective risk profile.

At the meeting held on 27 March 2024, the Board of Directors updated the Risk Appetite limits with reference to the year 2024.

To monitor the risk of incorrect financial reporting, the Company has identified an ad hoc methodology (described in a specific manual), which includes different areas of analysis according to the following areas: (i) internal controls at company level; (ii) controls of administrative and financial processes; (iii) IT governance controls. In detail, the model envisages the presence of (i) an adequate system of internal controls at functional company level, aimed at reducing the risks of errors and incorrect behaviour for accounting and financial reporting purposes, such as adequate management processes of risk, adequate codes of conduct, effective organisational structures, clear models for the assignment of powers and responsibilities, adequate information and communication system; (ii) control processes for production of accounting and financial information; (iii) controls on the governance of the technological infrastructure and applications relating to administrative and financial processes.

The model also requires the adequacy and effective application of the internal control system overseeing the Issuer's financial reporting to be verified every six months.

The main roles and responsibilities of the functions involved are shown below:

the Board of Directors is responsible for the establishment and effective operation of the internal control system:
- approves the 262 Manual and subsequent updates, subject to the opinion of the Board of Statutory Auditors and of the Control, Risk and Sustainability Committee;
- ascertains that the Financial Reporting Manager has adequate powers and means to exercise the tasks assigned to them, as well as the effective compliance with administrative and accounting procedures;
- approves the 262 audit plan and, in particular, the materiality thresholds proposed by the Company's Financial Reporting Manager and the resulting relevant scope;
- examines the reports prepared by the Offices/Control Owners to support the periodic certifications of the Chief Executive Officer and the Financial Reporting Manager.
Chief Executive Officer:
- certifies with a specific report the financial statements, the condensed consolidated half-yearly financial report, together with the Financial Reporting Manager;
Financial Reporting Manager:
- prepares adequate administrative procedures for the drafting of the Issuer's financial statements, as well as any other company financial communication;
- supports management in identifying and assessing financial reporting risks and identifies the related

monitoring key controls;

defines and updates on an annual basis the levels of materiality, the scope of investigation relating to the significant financial statement items ("scoping" phase);
defines the independent monitoring plan and agrees on the test procedures/verification activities;
receives extracts from the minutes of the Board of Directors that are relevant for the purposes of the certifications and any other relevant documentation for the purposes of financial reporting;
receives the summary reports on the control activities of the other independent functions;
assesses any deficiencies identified by the internal control system on financial reporting and establishes specific remediation plans;
prepares an annual and a half-yearly report on the assessment of the control system on financial reporting to support the issue of the certifications and submits it, after examination by the Control, Risk and Sustainability Committee, to the Board of Directors;
certifies with a specific report the financial statements, together with the Chief Executive Officer of the Issuer;
certifies that the deeds and communications of the Issuer disclosed to the market, and relating to the Issuer's accounting information (including interim reports), correspond to the documentary results, books and accounting records of the same.
Head of ICT and Organisation Department (Chief Information Officer):
- identifies and assesses the risks on financial reporting for the processes under their responsibility, as well as oversees the establishment and maintenance of key controls, with reference to IT General Controls;
- carries out their verification and monitoring activities by assessing the design and operation of the IT General Controls and issues a periodic letter of certification to the Financial Reporting Manager;
- supports the Financial Reporting Manager in assessing the deficiencies of IT General Controls.

The verification of the adequate formalisation of the processes concerns all the processes identified as relevant for the purposes of the reliability of financial reporting. The Financial Reporting Manager verifies the formalisation of the relevant processes with the related identification of the risks of incorrect financial reporting and the related controls, as an initial condition for proceeding with the assessment of the internal control system overseeing financial reporting. In their audit activity, the Financial Reporting Manager is supported by the individual process owners, also following reports received directly from the control owners.

For the purposes of issuing the certification by the Financial Reporting Manager and the Chief Executive Officer pursuant to Article 154-bis of Italian Legislative Decree 58/98, the Company's administrative and financial governance model provides for the necessary and prior issue of a specific certification by:

a. the management, at different levels of the organisation, which is responsible for collecting and providing to the Financial Reporting Manager and the Chief Executive Officer information relevant to the preparation of financial reporting;
b. the IT Function in relation to the proper operation of IT General Controls.

In order to express the overall judgement of the internal control system on financial reporting, the Financial Reporting Manager, with the support of Internal Audit, analyses the anomalies and findings identified (and not remedied by compensatory controls, activation of specific action plans, etc.) to assess the potential impact on financial reporting and the related probability of occurrence.

The Financial Reporting Officer, once the activities have been completed and the information base has been consolidated, presents the results of the assessment of the administrative and financial processes through the

preparation of a report that documents the adequacy and effective application of the administrative and accounting procedures.

9.3 Roles and Functions involved

The internal control system ("ICS") consists of the set of rules, functions, structures, resources, processes and procedures aimed at ensuring, in compliance with sound and prudent management, the achievement of the following objectives:

verification of the implementation of company strategies and policies;
safeguarding the value of assets and protection against losses;
effectiveness and efficiency of business processes;
reliability and security of company information and IT procedures;
prevention of the risk of involvement, even involuntary, in illegal activities (with particular reference to those connected with money laundering, usury and financing of terrorism);
compliance of transactions with the law and supervisory regulations, as well as internal policies, regulations and procedures.

It is structured as follows:

third-level internal audit function (Internal Audit);
second-level control function with specialised activities on risk management issues (Risk Management);
second-level control function with specialised activities on anti-money laundering and regulatory compliance issues (AML and Compliance Function). The Head of the Anti-Money Laundering Function is also granted the mandate for the Reporting of Suspicious Transactions ("SOS"), pursuant to Article 35 of Italian Legislative Decree no. 231 of 21 November 2007.

To ensure effectiveness of their action, the control functions are guaranteed with direct access to all useful information for the performance of their duties.

Each head of the second- and third-level control functions has adequate professional requirements and is placed in an adequate hierarchical-functional position: the heads of the risk control and compliance functions report directly to the Chief Executive Officer; the Head of the internal audit function, on the other hand, reports directly to the body with strategic supervision function. No control function head has direct responsibility in operational areas subject to control.

The control functions produce periodic reports in relation to the activities carried out and, at least annually, a report on the activities carried out during the previous year intended for the Board of Directors.

The levels of the internal control system can be summarised as follows:

Primo I ivello	Secondo I ivello	Terzo Livello
•Controlli di primo livello - o controlli di linea - diretti ad assicurare il corretto svolgimento delle attività. I controlli sono effettuati dalle stesse unità aziendali di business, previsti dalle procedure o da unità di linea	·l a funzione AML e Compliance è incaricata della corretta applicazione e del rispetto del framework normativo di riferimento nonché del presidio AML di secondo livello; ·l a funzione Risk Management controlla e indirizza i rischi attraverso la definizione di policy e metodologie nel rispetto di norme interne/esterne e dei regolamenti.	· Internal Audit è una funzione indipendente ed è parte integrante del sistema dei controlli interni della Società ed esegue attività di assurance e consulenza al fine di valutare, aggiungere valore e migliorare il sistema dei controlli interni

The Company's internal control system is completed by:

the Board of Directors, which assesses the adequacy of the ICS and plays a strategic steering role, dealing with - among other things - approving the Risk Appetite Statement, aimed at formalising the risk objectives and risk appetite objectives in line with the strategic and operational planning and establishes their respective internal limits (Risk Tolerance and Risk Capacity);
the Chief Executive Officer, as responsible for the functionality of the internal control and risk management system;
the Board of Statutory Auditors, required to ascertain the effectiveness of all the structures and functions involved in the internal control system, the correct performance of the tasks and their adequate coordination, and promote the corrective actions of the deficiencies and irregularities identified;
the Control, Risk and Sustainability Committee, which has the task of supporting the assessments and decisions of the Board of Directors relating to the internal control and risk management system, as well as promoting the continuous integration of national and international best practices in the Company's corporate governance;
the Supervisory Body, which monitors the effectiveness and adequacy of the organisation, control and management Model;
the independent auditors, which verifies the regular keeping of the company accounts and the correct recognition of the operating events in the accounting records, and that the financial statements present a true and fair view of the equity and financial situation and the economic result;
the Company's Financial Reporting Manager, who, on the basis of the provisions of the Consolidated Law on Finance, prepares adequate administrative and accounting procedures for the preparation of the financial statements and, where envisaged, the consolidated financial statements, as well as any other financial communication.
- 9.4. The individual corporate control functions

9.4.1 Anti-Money Laundering Function

The Anti-Money Laundering Function is placed under the AML and Compliance Office, reporting directly to the body with management functions (Chief Executive Officer), with direct access to the Board of Directors through periodic information flows.

The Anti-Money Laundering Function (hereinafter AML) deals with:

monitoring the risk of money laundering, overseeing the proper functioning of business processes;
preparing activities related to combating money laundering and the financing of international terrorism;
overseeing compliance with anti-money laundering regulations within the Company and monitoring its development, verifying the consistency of anti-money laundering and anti-terrorism processes with respect to regulatory requirements;
carrying out checks and controls on customer due diligence and proper data storage.

In addition, it is involved in the preliminary investigation process prior to reporting suspicious transactions to the relevant bodies. In compliance with the general principle of proportionality, the Head of the AML Function is also granted the mandate for the Reporting of Suspicious Transactions ("SOS"), pursuant to Article 35 of Italian Legislative Decree no. 231 of 21 November 2007. The AML Function sends to the Board of Directors, to the Board of Statutory Auditors, at least once a year, a report on the activities carried out during the previous year.

Purpose of the Function

The Anti-Money Laundering Function is responsible for: (i) monitoring the risk of money laundering, overseeing the proper operation of company processes; (ii) preparing activities relating to the fight against money laundering and

the financing of international terrorism; (iii) overseeing compliance with anti-money laundering regulations within the Company and monitoring its evolution, verifying the consistency of anti-money laundering and anti-terrorism processes with respect to regulatory requirements; (iv) carrying out checks and controls on customer due diligence and correct data storage.

Tasks

The function continuously verifies that company processes are consistent with the objective of preventing and combating the violation of rules on money laundering and financing of terrorism. To this end, it:

identifies the applicable rules and assesses their impact on internal processes and procedures;
collaborates in the identification of the internal control system and procedures aimed at preventing and combating the risks in question;
provides advice and assistance to corporate bodies and top management; if new products and services are offered, the function carries out the relevant assessments in advance;
verifies the reliability of the information system for the inputting of data to the company's single IT archive (AUI);
verifies the monthly transmission by the Supervisory Reporting Office to the FIU of the aggregate data concerning the registrations in the Single IT Archive;
handles, in cooperation with the other qualified corporate training functions, the preparation of an adequate training plan on anti-money laundering issues, aimed at achieving continuous updating of employees and associates;
prepares information flows to the corporate bodies and the heads of the Departments;
prepares and sends a document to the body with management function and the body with strategic supervision function that defines responsibilities, tasks and operating methods in the management of the risk of money laundering (anti-money laundering manual). The document - constantly updated - must be available and easily accessible to all personnel;
pays special attention to the adequacy of the internal procedures regarding customer due diligence and registration obligations as well as the systems for verifying, assessing and reporting suspicious transactions, and the effective verification of other situations subject to the obligation of communication as well as the appropriate storage of the documentation and evidence required by the regulations. In assessing the adequacy of these procedures, the function may carry out checks on a sample basis to verify their effectiveness and functionality and identify any critical issue areas;
at least once a year, submits to the strategic supervision, management and control bodies a report on the initiatives undertaken, on the malfunctions ascertained and on the related remedial actions to be taken as well as on the personnel training activity;
as a specialised company anti-money laundering unit, collaborates with the Authorities referred to in Title I, Chapter II of Italian Legislative Decree 231/2007;
ensures the preventive adequacy, functionality and reliability of anti-money laundering and anti-terrorism controls, in compliance with the provisions of the legislation in force at the time;
continuously verifies the adequacy of the anti-money laundering risk management process and the suitability of the internal control system and procedures and proposes organisational and procedural changes aimed at ensuring adequate monitoring of money laundering risks;
verifies the adequacy of the enhanced verification process carried out by the line structures, subjecting its implementation methods and results to careful control;
conducts, in cooperation with the Head of SOS (reporting of suspicious transactions), checks on the

functionality of the reporting process and on the adequacy of the first-level assessments carried out on customers' operations;

collaborates in defining the money laundering risk governance policies and the various structuring phases of this risk management process;
conducts, in cooperation with the other corporate functions concerned, the annual self-assessment of the money laundering risks to which the recipient is exposed;
provides support and assistance to the corporate bodies and top management and prepares information flows to them;
assesses in advance the risk of money laundering related to the offer of new products and services, the significant change to products or services already offered, the entry into a new market or the start of new activities and recommends the necessary measures to mitigate and manage these risks;
together with the ICT and Organisation Department, verifies the reliability of the information system for the fulfilment of customer due diligence obligations, data storage and reporting of suspicious transactions;
handles, in cooperation with the other qualified corporate training functions, the preparation of an adequate training plan, aimed at achieving continuous updating of the personnel, and of the effectiveness indicators of the training carried out;
promptly informs the corporate bodies of significant violations or deficiencies found in the exercise of its duties and of the progress of the remedial actions adopted.

Suspicious transactions:

Pursuant to Article 42, paragraph 4 of Italian Decree 231/2007, as delegated by the Chief Executive Officer, the Anti-Money Laundering Officer is responsible for:

assessing reports of suspicious transactions received;
sending the Financial Intelligence Unit (FIU) the reports considered well-founded;
archiving the assessments carried out.

9.4.2. Compliance Function

The Compliance Function assesses the adequacy of internal procedures with respect to the objective of preventing the violation of mandatory (laws and regulations) and self-regulation (articles of association, codes of conduct, codes of corporate governance) rules applicable to the Company. To this end:

it identifies on an ongoing basis in collaboration with the Legal and Corporate Affairs Department and with any other Functions directly involved - the rules applicable to the Company and the activities it performs and measures/assesses their impact on company processes and procedures;
proposes organisational and procedural changes aimed at ensuring adequate control of the compliance risks with the regulations identified;
prepares direct information flows to the corporate bodies and other corporate functions/structures involved;
carries out second-level controls aimed at ascertaining the compliance of company operations with the rules, including self-regulation rules;
verifies in advance and subsequently monitors the effectiveness of the organisational adjustments recommended for preventing compliance risks.
In coordination with the Data Protection Officer (DPO) team, it keeps the documentation on personal data upto-date.

Purpose of the Function

The Compliance Function is responsible for the activities relating to compliance with the regulations. It monitors the compliance with and observance of the company procedures, regulations and policies with the legislative provisions

and identifies the rules applicable to the Company and assesses and measures their impact on the business, proposing appropriate organisational changes in order to ensure effective and efficient monitoring of the identified compliance and reputational risks.

The Compliance Function is involved through adequate information flows in the ex-ante assessment of compliance with the applicable regulations of all innovative projects (including operations in new products or services) that the Company intends to undertake, as well as in the prevention and management of conflicts of interest also with reference to employees and corporate officers.

Tasks

Without prejudice to the responsibilities of the Compliance Function for the performance of the tasks envisaged by specific regulations (e.g. the rules on the transparency of transactions and the fairness of relations between intermediaries and customers), other areas of intervention of the Compliance Function are:

verification of the consistency of the company bonus system (in particular staff remuneration and incentives) with the objectives of compliance with the rules, the Articles of Association as well as any codes of ethics or other standards of conduct applicable to the Company;
advice and assistance to the Company's corporate bodies in all matters in which compliance risk is relevant as well as collaboration with external bodies, where present, in personnel training on the provisions applicable to the activities carried out, in order to spread a corporate culture of awareness, based on the principles of honesty, fairness and respect for the spirit and letter of the regulations;
the specialised control on Data Protection, in support of the DPO.

9.4.3 Risk Management Function

In the Generalfinance organisation, the Risk Management Function is placed under the Risk Management Office, reporting directly to the body with management functions (Chief Executive Officer), with direct access to the Board of Directors through periodic information flows. Risk management activities aim to verify compliance with prudential supervisory rules and the management of company risks. In particular, this office contributes to the process of identifying, analysing, modelling, evaluating and measuring risks, verifying ongoing compliance with the overall prudential supervisory limits imposed by the Supervisory Authority.

Purpose of the Function

The Risk Control Function ensures the performance of second-level controls on risk management, in line with the provisions of the reference regulations (Bank of Italy Circular 288).

Tasks

collaborates in defining the governance policies and the risk management process, as well as the related procedures and methods of verification and control, checking their adequacy on an ongoing basis;
continuously verifies the adequacy of the risk management process and the relative operating limits;
verifies the adequacy of the capital profile assessment process (ICAAP), in compliance with the specific relevant policy;
is responsible for the development and maintenance of risk measurement and control systems; in this context, it collaborates in the definition of indicators capable of highlighting anomalies (with particular reference to loans classified as in "watchlist" and stage 2, as well as stage 3), also in the context of the policy on "classification and assessment of credit exposures";
constantly monitors the evolution of company risks and compliance with the operating limits on the assumption of the various types of risk;
analyses the risks of new products and services and those deriving from the entry into new operating and market segments;

verifies the correct performance of credit trend monitoring and periodically reports to the Chief Executive Officer and the Board of Directors on the quality and indicators of the managed credit portfolio, through ad hoc reporting;
verifies the adequacy and effectiveness of the measures adopted to remedy the deficiencies identified in the risk management process.

9.4.4 Internal Audit Function

The Internal Audit Function is carried out by the Internal Audit Office, which reports directly to the Board of Directors, ensuring compliance with sound and prudent management.

The internal audit activity is aimed, on the one hand, at checking the regularity of operations and risk trends, including through ex-post checks at the individual organisational units, and on the other hand at assessing the functionality of the overall internal control system and bringing to the attention of the Board of Directors possible improvements to risk management policies, control mechanisms and procedures.

Purpose of the Function

The Internal Audit Function - which reports directly to the Board of Directors - assesses the completeness, adequacy, functionality (in terms of efficiency and effectiveness) and reliability of the internal control system and the information system and carries out assessments aimed at identifying any violations of procedures and regulations.

Tasks

carries out internal audit activities, i.e. controls, with ex-post checks, the regular performance of operations and the trend in risks, by assessing the functionality of the overall internal control system and, in general, of the organisational structure and, if applicable, brings to the attention of the Board of Directors possible improvements to risk management policies, control mechanisms and procedures. The internal audit activity is conducted through periodic checks, also through assessments like inspections, based on the audit plan. The frequency of checks is consistent with the activity carried out, according to a risk-based approach;
oversees the dissemination and promotion within the corporate organisational structure of the culture of risks and controls, making use of the other corporate functions;
sends the Board of Directors and the Board of Statutory Auditors periodic reports on the activity carried out and, at least annually, a report on the activities carried out in the previous year and a plan of activities planned for the following financial year, with reference to internal audit activities;
annually prepares the report linked to the controls carried out on the Important Outsourced Functions (FEI)

9.5 Control, Risk and Sustainability Committee

As already specified above, the Company established the Control, Risk and Sustainability Committee within the Board of Directors, with the task of supporting the assessments and decisions of the Board of Directors relating to the internal control and risk management system, as well as promoting the continuous integration of national and international best practices in the Company's corporate governance and of environmental, social and governance factors in the corporate strategies targeted at pursuing sustainable success.

The Committee, in compliance with the recommendations of the Corporate Governance Code and the legal and regulatory provisions, carries out the following tasks with regard to control and risks:

supports the Board of Directors in carrying out the following activities:
the definition of the guidelines of the internal control and risk management system in line with the strategies of the Company;
the assessment, at least annually, of the adequacy of the internal control and risk management system with respect to the characteristics of the company and the risk profile assumed, as well as its effectiveness;

the appointment and removal of the Head of the internal audit function, the definition of his/her responsibilities and his/her remuneration in line with company policies, as well as the assignment of adequate resources to him/her to carry out their own duties;
the approval, at least once a year, of the work plan prepared by the Head of the internal audit function, after consulting the Board of Statutory Auditors and the delegated bodies;
the assessment of the opportunity to adopt measures to ensure the effectiveness and impartiality of judgement of the other company functions involved in the controls (such as the risk management function and legal and compliance risk control function), verifying that they possess adequate professional skills and resources;
the attribution to the Board of Statutory Auditors or a body specifically established for the purpose of the supervisory functions pursuant to Article 6, paragraph 1, lett. b) of Italian Legislative Decree no. 231/2001;
the assessment, after consulting the Board of Statutory Auditors, of the results presented by the independent auditors in any letter of suggestions and in the additional report addressed to the control body;
the description, in the report on corporate governance, of the main characteristics of the internal control and risk management system and the methods of coordination between the parties involved in it, its overall assessment of the adequacy of the system itself and of the choices made regarding the composition of the Supervisory Body;
assesses, after consulting the financial reporting manager, the statutory auditor and the Board of Statutory Auditors, the correct use of the accounting standards adopted and their uniformity for the purposes of drafting the consolidated financial statements, where drafted by the Company;
assesses the suitability of periodic financial and non-financial information to correctly represent the business model, the strategies of the Company, the impact of its activities and the performance achieved;
examines the content of periodic non-financial information relevant to the internal control and risk management system;
expresses opinions on specific aspects relating to the identification of the main corporate risks and supports the assessments and decisions of the Board of Directors relating to the management of risks deriving from prejudicial events of which the latter has become aware;
examines the periodic reports and those of particular relevance prepared by the internal audit function;
monitors the autonomy, adequacy, effectiveness and efficiency of the internal audit function;
may entrust the Internal Audit Function with the performance of audits on specific operating areas, simultaneously notifying the Chairperson of the Board of Statutory Auditors and, where deemed appropriate, also the Chief Executive Officer.

The Committee receives information from the Chief Executive Officer relating to any problems and critical issues that have emerged in the performance of his/her activities or of which he/she has become aware, so that the Committee can implement the appropriate initiatives.

The Head of the Internal Audit Function reports to the Committee at least on a half-yearly basis and whenever deemed necessary by the Committee itself, in particular on the activities carried out, on the methods with which risk management is carried out and on compliance with the plans defined for their containment. The Head of the Internal Audit Function also sends to the Committee the reports prepared on particularly important events, including those requested by the Board of Statutory Auditors, with which he/she maintains a constant exchange of information.

9.6 Organisation, Management and Control Model pursuant to Italian Legislative Decree no. 231/2001 on the administrative liability of companies and entities

By resolution of the Board of Directors of 27 October 2015, the Issuer adopted an organisation, management and

control model (the "231 Model" or "OMCM"). At the same time, the Issuer appointed a specific supervisory body, independent from the top management of the company and with autonomous powers, with the task of supervising the functioning, effectiveness and observance of the 231 Model, as well as overseeing its updating (the "Supervisory Body").

Since the reference legislation (Italian Legislative Decree no. 231 of 8 June 2001 and subsequent amendments and additions) expressly requires the 231 Model to identify the areas of activity, within which the predicate offences may be committed, the Company - whenever deemed necessary (following an internal reorganisation or the issuing of specific regulatory amendments) - prepares specific business analyses in order to identify, within its organisational structure, the roles and hierarchical lines into which the Departments and the company functions are divided, as well as the sensitive activities subject to intervention. This examination is conducted on the basis of the information collected from the company representatives (Department and Function Heads) who, due to the role held, have the broadest and most in-depth knowledge of the operations of the sector for which they are responsible. The OMCM adopted by Generalfinance is structured into two sections:

General Part, which (i) describes the contents of the Decree and the main other applicable regulations as well as the process of implementation of the Model; (ii) lists the Predicate Offences and the "activities at risk" (or, more generally, the situations classifiable as "risky" with respect to the activity carried out by the Company); (iii) illustrates the measures adopted to eliminate the critical issues identified or - where this is not possible to limit their consequences as much as possible; (iv) defines the sanctions envisaged in the event of violation of the procedural rules adopted and, more generally speaking, of the provisions of the Decree; (v) describes the role and function of the Supervisory Body - called upon to: supervise the effectiveness, efficiency and adequacy of the Model itself; report to the Board of Directors on its implementation; approve the annual programme of supervisory activities; communicate the outcome of the activities carried out in the exercise of the assigned tasks - as well as the information flows between the latter and the corporate bodies;
Special Part, which contains the Operating Protocols (the "Protocols") by means of which, for specific topics considered of particular interest, special controls have been put in place, or more precisely defined operating or behavioural rules.

The prevention system implemented by Generalfinance in execution of the provisions of Decree 231 is fully implemented in the Code of Ethics, adopted by the Company by resolution of the Board of Directors on 15 July 2010 and most recently updated with the resolution of the Board of Directors on 11 July 2023 (the "Code of Ethics"). The 231 Model and the Code of Ethics, while each maintaining a specific identity and autonomy, constitute a single body that represents the prevention system adopted by the Company in execution of the provisions of Decree 231. The 231 Model is completed by the Regulations of the Supervisory Body.

Reports relating to alleged predicate offences are handled according to the Whistleblowing Policy referred to in paragraph 9.7 below, to which reference should be made for further details.

It should be noted that, at the date of this Report, the Company was not subject to precautionary measures, nor to convictions for offences pursuant to Italian Legislative Decree no. 231/2001.

The 231 Model and the Code of Ethics are published on the Company's website (www.generalfinance.it, "Model 23" Section).

9.6.1 Supervisory Body

Taking into account the dimensional characteristics of Generalfinance and its operations, the related corporate governance rules, the need to achieve a fair balance between costs and benefits as well as the academic literature, case law and practice on the matter, the Company has established a Supervisory Body of a collective nature. It consists of two members, one external and independent from the Company, with the functions of Chairperson

(Standing auditor of the Company), and the other internal, belonging to the Legal and Corporate Affairs Department. After its appointment, the Supervisory Body adopts its own internal regulation, which governs its operating methods, the regulation of information flows and reporting by the Supervisory Body to the other internal and external control bodies, and the obligations to be fulfilled in the execution of the assignment.

The Supervisory Body remains in office for the number of financial years established by the Board of Directors at the time of appointment and, in any case, for no longer than three financial years, and may be re-elected. At the date of this Report, the Supervisory Body is composed of two members: (i) Maria Enrica Spinardi, standing auditor, appointed by resolution of the Board of Directors of 20 October 2017, as Chairperson; and (ii) Margherita De Pieri, belonging to the Company's Legal and Corporate Affairs Department, appointed by resolution of the Board of Directors on 7 June 2021.

9.7 "Whistleblowing" regulations, Italian Legislative Decree no. 24 of 10 March 2023, containing: "Implementation of Directive (EU) no. 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law and laying down provisions concerning the protection of persons who report breaches of national regulatory provisions".

In accordance with the provisions of Italian Legislative Decree no. 24/2023, the Company has adopted a specific whistleblowing policy, which provides for a reporting system with high levels of confidentiality and which allows employees, associates, customers and suppliers to report to the Company or to the Supervisory Body (depending on competence) any unlawful conduct, irregularities or violations of the law.

The reporting system has the following characteristics:

it is accessible by anyone who intends to make a report;
it guarantees the highest levels of confidentiality with reference to the information communicated and the identity of the whistleblower, the reported person as well as any other person involved;
it offers whistleblowers the possibility of choosing between alternative reporting methods: (i) web platform, hosted on an independent server, (ii) telephone line/voice message accessible via landline or mobile phone, and (iii) direct meeting;
it allows interaction between the Company and whistleblowers;
it is managed by a third party company not linked to Generalfinance, specialised in compliance management services;
it complies with the provisions of Italian Legislative Decree no. 24 of 10 March 2023 transposing EU Directive no. 2019/1937, concerning the protection of persons who report violations of European Union law.

The reporting platform and the related documents are accessible on the institutional website of the Company.

9.8 Assessment of adequacy of the Management Control System

The Management Control System appears to be generally adequate for the Company's operating needs. During the meeting of 8 February 2024, the Control, Risk and Sustainability Committee had the opportunity to examine the Company's internal control system, expressing a favourable opinion, without making any observations.

The adequacy and suitability judgement was certified by the annual reports – approved at the Board meeting on 22 April 2024 – presented respectively by the Heads of the Risk Management Function and Internal Audit Function on the activities carried out in the reference year, both accompanied by the presentation of the plan of activities for the subsequent year.

9.9 Chief Executive Officer

On 29 June 2022, the Board of Directors resolved to confirm and ratify the previous resolution of 20 May 2022 by which it identified the Managing Director Massimo Gianolli as CEO of the Company, effective from the Trading Start

Date. In the same way, the Board of Directors assigned to the CEO, as the person in charge of the establishment and maintenance of the internal control and risk management system, the tasks and functions indicated in the paragraph "Chief Executive Officer" of Section 4.6, therefore Annex 3 in particular, to which reference is made. During the Financial Year, the CEO:

a. managed the identification of the main corporate risks, taking into account the characteristics of the activities carried out by the Company and its subsidiaries, periodically submitting them to the examination of the Board of Directors;
b. implemented the guidelines defined by the Board of Directors, overseeing the design, implementation and management of the internal control and risk management system and constantly verifying its adequacy and effectiveness;
c. dealt with the adaptation of this system to the dynamics of the operating conditions and the legislative and regulatory framework;
d. promptly reported to the Board of Directors on internal control and risk management and on the problems and critical issues that emerged in the performance of their activities or of which they became aware, so that it could take the appropriate actions;

9.10. Control, Risk and Sustainability Committee:

In compliance with the provisions of Principle XI and Recommendations 16 and 17 of the Corporate Governance Code, as well as pursuant to Article 6 of the same, on 9 May 2022 and 29 June 2022, the Board of Directors resolved to confirm and ratify the previous resolution of 20 May 2022 with which it established, with effectiveness subject to the Trading Start Date, the Control, Risk and Sustainability Committee.

9.10.1 Composition and functioning of the Control, Risk and Sustainability Committee

At the meeting held on 9 May 2022, the Board of Directors appointed Federica Casalvolone (Chairperson), Mauro Selvetti and Maria Luisa Mosconi as members of the Control, Risk and Sustainability Committee. At the same meeting, the Board of Directors approved its Regulation.

Subsequently, at the meeting held on 29 June 2022, the Board of Directors replaced, as a member of the Control, Risk and Sustainability Committee, the outgoing director Federica Casalvolone, with the director Annalisa Donesana. At the same meeting, the Board of Directors confirmed and ratified the establishment of the Control, Risk and Sustainability Committee, the related responsibilities and regulations. At the date of this Report, the Committee in question is composed of the following non-executive directors: Maria Luisa Mosconi (Chairperson), Annalisa Donesana and Mauro Selvetti, members.

In this regard, the Issuer believes that this composition is in line with the provisions of the Corporate Governance Code, due to the possession, by all members, of the independence requirements set out by the Consolidated Law on Finance, as well as those established by the Code, adequate experience in financial matters as well as knowledge and experience in accounting and financial and/or risk management matters, in addition to specific knowledge in the business sector in which the Company operates, needed to identify and assess the related risks. The Control, Risk and Sustainability Committee is a body with advisory and proposal-making functions, which, in accordance with the provisions of Recommendation 32 of the Corporate Governance Code, has the task of supporting the assessments and decisions of the Board of Directors relating to the internal control and risk management system, as well as those relating to the approval of periodic financial and non-financial reports.

In particular, the Control, Risk and Sustainability Committee, in accordance with the provisions of Recommendation 35 of the Corporate Governance Code, in assisting the Board of Directors in carrying out the tasks assigned to the latter by the Corporate Governance Code regarding internal control and risk management matters:

assesses, after consulting the financial reporting manager, the statutory auditor and the Board of Statutory Auditors, the correct use of the accounting standards adopted;
assesses the suitability of periodic financial and non-financial information to correctly represent the business model, the strategies of the Company, the impact of its activities and the performance achieved;
examines the content of periodic non-financial information relevant to the internal control and risk management system;
expresses opinions on specific aspects relating to the identification of the main corporate risks and supports the assessments and decisions of the Board of Directors relating to the management of risks deriving from prejudicial events of which the latter has become aware;
examines the periodic reports and those of particular relevance prepared by the internal audit function;
monitors the autonomy, adequacy, effectiveness and efficiency of the internal audit function;
entrusts the Internal Audit Function with the performance of audits on specific operating areas, simultaneously notifying the Chairperson of the Board of Statutory Auditors;
reports to the Board of Directors, at least every six months, at the time of the approval of the annual and halfyearly financial reports, on the activities carried out as well as on the adequacy of the internal control and risk management system.

The Control, Risk and Sustainability Committee also provides support to the Board of Directors, in accordance with the provisions of Recommendation 33 of the Corporate Governance Code, on the following issues:

guidelines of the internal control and risk management system, in line with the strategic objectives identified;
adequacy and effectiveness of the internal control and risk management system with respect to the characteristics of the Company and the risk profile assumed;
adoption of measures to ensure the effectiveness and impartiality of judgement of the other corporate functions;
approval, at least once a year, of the work plan prepared by the Head of the Internal Audit Function, after consulting the Board of Statutory Auditors and the Chief Executive Officer;
description, in the report on corporate governance, of the main characteristics of the internal control and risk management system and of the methods of coordination between the parties involved in it, including the assessment of the adequacy of the system itself;
assessment, after consulting the Board of Statutory Auditors, of the results presented by the statutory auditor in any letter of suggestions and in the report on the fundamental issues that emerged during the statutory audit;
appointment, dismissal and remuneration of the Head of the internal audit function, as well as the adequacy of the resources assigned to the latter for the performance of their functions;
support of the Board of Directors in the analysis of issues relevant to the generation of long-term value.

In carrying out its functions, the Control, Risk and Sustainability Committee has the right to access the information and company functions necessary for the performance of its duties as well as to make use of external consultants. The Committee meets as often as necessary for the performance of its functions by means of a call notice sent by the Chairperson or by a person appointed by them, as a rule at least three days before the date set for the meeting. In case of urgency, this notice may be sent at least twenty-four hours before the time set for the meeting.

The Committee must also be called if requested by the Chairperson of the Board of Statutory Auditors.

The notice contains an indication of the location, day and time of the meeting, as well as the list of matters to be discussed. The Control, Risk and Sustainability Committee may also meet exclusively by videoconference and/or

teleconference provided that all participants can be identified, have the documentation to be analysed, are allowed to share any documents relating to the issues to be discussed and are permitted to follow the discussion and to intervene in real time in the discussion of the topics dealt with. If these conditions are met, the meeting of the Control, Risk and Sustainability Committee is considered to be held in the place where the secretary of the meeting is located.

The Control, Risk and Sustainability Committee may validly meet even in the absence of a formal convocation sent according to the aforementioned terms and methods where all its members are present.

The Chairperson may invite the Chairperson of the Board of Directors, the Chief Executive Officer, the other directors and, informing the Chief Executive Officer, the representatives of the competent corporate functions according to the subject matter or consultants of the Company or other persons whose presence may contribute to the best performance of the functions of the Control, Risk and Sustainability Committee, with reference to all or individual items on the agenda. The Chairperson of the Board of Statutory Auditors, or another member designated by them, and the Head of the Internal Audit Function (unless the Committee expresses its opinion on the remuneration of the same Head of the Internal Audit Function) participate in the work of the Control, Risk and Sustainability Committee. In any case, the other statutory auditors may also participate in the meetings of the Control, Risk and Sustainability Committee.

The Chairperson ensures, in a manner suitable to guarantee the necessary confidentiality, the provision of the documentation reasonably necessary to guarantee adequate information to the members of the Control, Risk and Sustainability Committee with respect to the items on the agenda, so as to allow them to act in an informed manner in the performance of their role within the Control, Risk and Sustainability Committee. To this end, the Chairperson has access to the corporate functions in order to acquire the information reasonably necessary for the performance of their duties, as well as for the performance of the functions assigned to the Control, Risk and Sustainability Committee.

The disclosure intended for the Control, Risk and Sustainability Committee is sent by the Chairperson or by a person authorised by the Chairperson, to all its members at least two calendar days before the date of the meeting, although the committee may also discuss items on the agenda whose documentation was sent in a shorter period of time if all members of the Committee declare that they are sufficiently informed. If there are special requirements, the information may be provided within a shorter period of time or during the meeting, as well as using methods other than those indicated above (for example, by making the information available in paper format during the meeting). The Control, Risk and Sustainability Committee is duly constituted with the presence of the majority of its members and the resolutions are accordingly adopted by an absolute majority of the members. In the event of a tie, the Chairperson has the casting vote.

The Chairperson informs the Board of Directors of the activities carried out by the Committee at the next meeting. The Control, Risk and Sustainability Committee reports to the Board of Directors, at least on the occasion of the approval of the annual and half-yearly financial reports, on the activities carried out and on the adequacy of the internal control and risk management system.

The Control, Risk and Sustainability Committee appoints a secretary, also chosen from outside the Control, Risk and Sustainability Committee, who takes the minutes of the meetings. The minutes of the resolutions of the Control, Risk and Sustainability Committee, signed by the secretary and the Chairperson, are transcribed by the secretary in the register of meetings and resolutions of the Control, Risk and Sustainability Committee, kept by the Company together with the other company books. For the sole purpose of facilitating the minutes of the meeting and unless otherwise provided by the Chairperson of the meeting, the meetings of the Committee may be recorded with audio instruments; these records and any transcriptions will be kept only until the approval of the related minutes. The

minutes are also sent to the members of the Control, Risk and Sustainability Committee, and are available to the Chairperson of the Board of Statutory Auditors as well as the Chairperson of the Board of Directors and the Chief Executive Officer of the Company. The minutes are normally approved at the next meeting of the Committee.

At the meeting held on 2 August 2022, the Control, Risk and Sustainability Committee appointed Stefano Saviolo as Secretary, already Secretary of the Board of Directors and Head of the Legal and Corporate Affairs Department. The Committee must have adequate financial resources to carry out its duties. To this end, the Board of Directors may decide alternatively to allocate a specific budget available to the Control, Risk and Sustainability Committee or to provide for any expenditure requirements any time that may be necessary.

In support of the Issuer's internal control and risk management system, in addition to the Control, Risk and Sustainability Committee, Recommendation 32 of the Corporate Governance Code requires the Chief Executive Officer to be in charge of establishing and maintaining the internal control and risk management system.

The Chairperson of the Control, Risk and Sustainability Committee has access to the company functions in order to acquire the information reasonably necessary for the performance of their duties, as well as for the performance of the functions assigned to the Control, Risk and Sustainability Committee.

During the Financial Year, 13 meetings of the Control, Risk and Sustainability Committee were held (with an average duration of approximately 85 minutes). At the date of the Report, 3 meetings have been held and at least a further 3 meetings are planned for 2025. The meetings were regularly attended by the majority of the members of the Board of Statutory Auditors. With a total attendance percentage of approximately 100%, the attendance percentage of each member of the Control, Risk and Sustainability Committee in office at the date of the Report was respectively equal to: (i) Maria Luisa Mosconi 100%; (ii) Annalisa Donesana 85%; and (iii) Mauro Selvetti 92%. The meetings of the Control, Risk and Sustainability Committee, at the invitation of the Chairperson and having informed the Chief Executive Officer, were attended by representatives of management or other company functions in order to promote precise and in-depth knowledge of the Company's activities.

During the Financial Year, the Control, Risk and Sustainability Committee, among other things, expressed its opinion and its valuations primarily on:

the draft financial statements as at 31 December 2023: assessment of the correct application of accounting standards;
the half-yearly financial report: assessment of the correct application of accounting standards;
adequacy of the internal control and risk management system with respect to the characteristics of the Issuer and the risk profile assumed, as well as its effectiveness, also by periodically meeting the heads of the control functions;
correct use of the accounting standards adopted and their uniformity for the purposes of drafting the financial statements, after consulting the financial reporting manager, the statutory auditor and the Board of Statutory Auditors;
identification of the main corporate risks, examination of the Risk Appetite Framework and support for the assessments and decisions of the Board of Directors relating to risk management;
examination of the periodic reports and those of particular relevance prepared by the internal audit function;
approval of the update of the Related Parties Register and of the list of Related Parties and Transactions with Related Parties;
update of internal regulations, if necessary (e.g. review of the update of the Policy on the classification and assessment of credit exposures);
Issuer's Sustainability Report;

9.11 Head of the internal audit function

By means of a decision of 26 January 2023, subject to the favourable opinion of the Control, Risk and Sustainability Committee, the Board of Directors authorised the hiring and appointment of John Frederick Tschuor, as Head of the Internal Audit Function, also authorising his remuneration in line with company policies, in compliance with Recommendation 33, letter "b" of the Corporate Governance Code.

The Internal Audit Function is responsible for internal audit activities aimed, on the one hand, at checking the regularity of operations and risk trends, including through ex-post checks at the individual organisational units of the Issuer; and on the other hand at assessing the functionality of the overall internal control system and bringing to the attention of the Board of Directors possible improvements to risk management policies, control mechanisms and procedures.

a. verifies, both on an ongoing basis and in relation to specific needs and in compliance with international standards, on the operation and suitability of the internal control and risk management system, through an audit plan approved by the management body, based on a structured process of analysis and prioritisation of the main risks;
b. preparation of periodic reports containing adequate information on its activities, on the methods with which risk management is carried out as well as on compliance with the plans defined for their containment. The periodic reports contain an assessment of the suitability of the internal control and risk management system;
c. also at the request of the control body, prompt preparation of reports on events of particular importance;
d. transmission of the reports referred to in points b) and c) to the Chairpersons of the control body, of the Control, Risk and Sustainability Committee, of the management body, as well as to the Chief Executive Officer, except in cases where the subject of these relations specifically concern the activities of these parties;

e. verifies, as part of the audit plan, the reliability of the information systems, including the accounting systems. Furthermore, the Head of the Internal Audit Function is responsible for verifying the functionality, adequacy and consistency of the internal control and risk management system with respect to the guidelines defined by the management body.

Pursuant to Recommendation no. 36 of the Corporate Governance Code, the Head of the Internal Audit Function is not responsible for any operating area and reports hierarchically to the Board of Directors. He has direct access to all useful information for the performance of the assignment.

During the Financial Year, the Head of the Internal Audit Function performed all the above tasks. Among other things, he drew up and presented his annual report on the activities carried out in 2023, as well as the "Plan of the activities of the Internal Audit Function for the year 2024", which obtained the favourable opinion of the Control, Risk and Sustainability Committee and was subsequently approved by the Board of Directors at the meeting of 22 April 2024, after consulting the Board of Statutory Auditors and the CEO, pursuant to Recommendation 33, letter c) of the Corporate Governance Code.

In addition, it is hereby stated that the Head of Internal Audit attended all meetings of the Control, Risk and Sustainability Committee.

9.12 Independent Auditors

At the date of this Report, the company appointed to audit the financial statements of the Issuer is Deloitte & Touche

S.p.A., as Independent Auditors, as described in Section 1 of the Report.

On 15 February 2018, the Shareholders' Meeting of the Issuer assigned to the Independent Auditors the task of auditing the financial statements of the Issuer, as well as verifying the proper keeping of the accounts and the correct recognition of the operating events in the accounting records and verification of the consistency of the report on operations with the financial statements and its compliance with the law for the nine-year period 2017-2025, pursuant to Article 13 of Italian Legislative Decree no. 39 of 27 January 2010.

By resolution of 8 March 2022, with effectiveness subject to the start of trading of the shares on Euronext Milan, a market organised and managed by Borsa Italiana S.p.A., STAR segment and from that date due to the change in status of the Issuer from "entity subject to intermediate regime" ("ESIR") pursuant to Article 19-bis of Italian Legislative Decree no. 39/2010 to a "public interest entity" ("PIE") pursuant to Article 16 of Italian Legislative Decree no. 39/2010, the Shareholders' Meeting of the Issuer approved the consensual termination of the aforementioned appointment and the assignment, pursuant to Article 13 of Italian Legislative Decree no. 39/2010 and on the reasoned proposal of the Board of Statutory Auditors, to the Independent Auditors of a new statutory audit engagement (including the verification of the regular keeping of the accounts and the correct recognition of the operating events in the accounting records, the verification of consistency of the report on operations and some specific information contained in the report on corporate governance and ownership structures indicated in Article 123-bis of the Consolidated Law on Finance with the financial statements and their compliance with the law, as well as the limited audit of the condensed half-yearly financial statements), pursuant to Italian Legislative Decree no. 39/2010 and Regulation (EU) 537/2014.

The procedure described was necessary in order to bring the statutory audit engagement into line with the regulations applicable to the PIE audit, taking into account the regulatory references indicated in the assignment granted by the Issuer in its ESIR status on 15 February 2018(10).

The engagement assigned by virtue of the Shareholders' Meeting resolution of 8 March 2022 will expire at the time of the Shareholders' Meeting called to approve the financial statements as at 31 December 2025, as the Company has also included, within the maximum nine-year duration envisaged by law for the PIE, the activity already carried out by the Independent Auditors with reference to the financial years 2017-2021 in compliance with the regulations applicable to ESIRs.

In this regard, it should be noted that, precisely in consideration of the fact that the mandate granted to Deloitte & Touche S.p.A. will expire at the end of the 2025 financial year, the Company's Shareholders' Meeting held on 5 April 2024 resolved the assignment of the statutory audit engagement, for the financial years 2026-2034, to the independent auditors EY S.p.A. with registered office in Milan (MI), Via Meravigli no. 12. The Shareholders' Meeting deemed it appropriate to determine well in advance the party who will have to take on the role of independent auditor starting from the 2026 financial year, in order to guarantee an adequate handover period between the current and the future independent auditor and avoid the assignment, during the financial year prior to the start of the new mandate (cooling in period), of prohibited tasks pursuant to Article 5.1, letter e) of EU Regulation 537/2014, to the entity in charge of the audit.

9.13 Financial reporting manager and other corporate roles and functions

Article 21 of the Issuer's Articles of Association requires the Board of Directors to appoint a financial reporting manager, based on the prior mandatory opinion of the Board of Statutory Auditors. The Board of Directors also orders their revocation, where applicable. In compliance with the Articles of Association, the financial reporting

¹⁰ It should be noted that the Company became a public interest entity only starting from the Trading Start Date (i.e. as from 29 June 2022); therefore, the regulations pursuant to Article 11 of Regulation (EU) no. 537/2014 were not applicable with reference to the audit activities relating to the financial statements as at 31 December 2021.

manager must have acquired at least three years' experience in administration, finance and control matters and meet the integrity requirements established for Directors. The loss of the requirements entails the forfeiture of the office.

In this regard, it should be noted that the Board of Directors, on 6 August 2019, appointed Ugo Colombo – Chief Financial Officer and responsible for the Company's finance and administration department – as the financial reporting manager pursuant to Article 154-bis of the Consolidated Law on Finance, with the powers set forth for this office in the same Article 154-bis of the Consolidated Law on Finance.

At the time of appointment, the Board of Directors assigned to the financial reporting manager all the powers and means for the exercise of the tasks assigned to them by current legislation and by the Articles of Association, including direct access to all functions, offices and information necessary for the production and verification of accounting, financial and economic data, without the need for any authorisation.

Pursuant to Article 154-bis of the Consolidated Law on Finance, the financial reporting manager:

a. certifies that the deeds and communications of the Company disclosed to the market, and relating to the Company's accounting information, including interim reports, correspond to the documentary results, books and accounting records;
b. prepares adequate administrative and accounting procedures for the drafting of the financial statements, as well as any other financial communication; and
c. together with the delegated administrative body, certifies with a specific report, attached to the financial statements and the condensed half-yearly financial statements, among other things, the adequacy and effective application of the procedures under (ii) during the period to which the documents refer, as well as their correspondence with the results of the accounting books and records and their suitability to provide a true and fair view of the equity, economic and financial situation of the Company.

With reference to the activities and obligations assigned to the financial reporting manager, the Company has prepared a specific Methodological Manual that defines the guidelines and operating practices used to monitor the risk of incorrect financial reporting (the "Regulation of the Financial Reporting Manager"). Specifically, this Manual was drafted as part of the organisational and operational adaptation process of Generalfinance S.p.A. to the provisions of Italian Law 262/05 with the aim of describing the methodology adopted by all the structures involved in the process, on the basis of the activities under its responsibility. The main issues dealt with in the aforementioned document are reported below. The most relevant aspects of the Methodological Manual are listed below:

regulatory context;
methodological model;
company level controls;
controls of administrative processes;
IT general controls;
information flows to support the assessment;
assessment of anomalies and findings;
issue of periodic certificates.

The Methodological Manual was approved by the Board of Directors on 10 February 2023.

At the date of approval of the Report, the Board of Directors of the Company has not appointed persons responsible for internal control and risk management other than those described herein.

9.14 Coordination between the parties involved in the internal control and risk management system

The internal control and risk management system adopted by the Company is described in this Section 9, to which

reference should be made for the identification of the parties mainly involved and for the identification of the main methods of coordination between them.

10. DIRECTORS' INTERESTS AND TRANSACTIONS WITH RELATED PARTIES

On 28 February 2022, the Board of Directors resolved to adopt, with effect from the Trading Start Date, the "Related Party Transactions Procedure" pursuant to Article 2391-bis of the Italian Civil Code and the RPT Regulation (the "RPT Procedure"). The adoption of the RPT Procedure was confirmed at the board meeting held on 29 June 2022 at the time of formal installation of the new Board of Directors. Following its establishment, on 2 August 2022, the RPT Procedure was submitted to the assessment of the Control, Risk and Sustainability Committee (responsible for transactions with related parties) and, having obtained a favourable opinion, pursuant to Article 4, paragraph 3, of the Regulation containing provisions on transactions with related parties (adopted by CONSOB with Resolution no. 17221 of 12 March 2010, subsequently amended with Resolutions no. 17389 of 23 June 2010, no. 19925 of 22 March 2017, no. 19974 of 27 April 2017, no. 21396 of 10 June 2020, no. 21624 of 10 December 2020 and no. 22144 of 22 December 2021), again submitted for ratification by the Board of Directors, on 5 August 2022. It should be noted that, subject to the favourable opinion of the Control, Risk and Sustainability Committee, and the authorisation resolution of the Board of Directors of 28 December 2023, the RPT Procedure has been updated, in the form of a simple correction of a material error.

The RPT Procedure governs, inter alia, the procedures for assessing and approving transactions with related parties defined as of greater significance on the basis of the criteria indicated in the Related Party Transactions Regulation and transactions with related parties defined as of lesser significance, meaning those transactions other than transactions of greater significance and transactions of a small amount; the latter are those transactions that, individually considered, have a value not exceeding EUR 150,000.00 (one hundred and fifty/00) when the Related Party is a natural person, or a value not exceeding EUR 300,000.00 (three hundred thousand/00) when the Related Party is a person other than a natural person.

The RPT Procedure, in accordance with the Related Party Transactions Regulation, defines as transactions of greater significance with related parties also those carried out by any Italian or foreign subsidiaries, in which at least one of the relevance indices indicated in the Related Party Transactions Regulation exceeds the thresholds set forth therein.

The RPT Procedure envisages that the Company avails itself of the exemption granted by Article 10, paragraph 1, of the Related Party Transactions Regulation, as a recently listed company, and, therefore, the approval of the transactions of greater significance with related parties will take place according to the procedure envisaged for the approval of transactions of lesser significance with Related Parties until the deadline referred to in the same article. In compliance with the Related Party Transactions Regulation, the RPT Procedure requires, before the approval of a transaction with related parties governed by the RPT Procedure, the Control, Risk and Sustainability Committee to express a reasoned non-binding opinion on the Company's interest in carrying it out as well as on the cost effectiveness and substantive correctness of the conditions set forth.

The rules envisaged by the RPT Procedure do not apply in the following cases of exemption, identified on the basis of Articles 13 and 14, paragraph 2, of the RPT Regulation:

a. to the shareholders' meeting resolutions referred to in Article 2389, first paragraph, of the Italian Civil Code, relating to the remuneration due to the members of the Board of Directors of the Company, nor to the resolutions on the remuneration of directors vested with particular offices falling within the total amount determined, if applicable, in advance by the shareholders' meeting pursuant to Article 2389, third paragraph,

of the Italian Civil Code;

b. to the shareholders' meeting resolutions pursuant to Article 2402 of the Italian Civil Code, relating to the fees due to the members of the Board of Statutory Auditors;
c. to transactions of a small amount (as identified pursuant to the RPT Procedure);
d. to transactions resolved by the Companies and addressed to all shareholders on equal terms, including but not limited to:
- i. share capital increases under option, also to service convertible bonds, and free share capital increases envisaged by Article 2442 of the Italian Civil Code;
- ii. full or partial demergers, with proportional share allocation criteria;
- iii. the reductions of the share capital through reimbursement to shareholders envisaged by Article 2445 of the Italian Civil Code;
- iv. purchases of treasury shares pursuant to Article 132 of the Consolidated Law on Finance;
- e. remuneration plans based on financial instruments approved by the Shareholders' Meeting pursuant to Article 114-bis of the Consolidated Law on Finance and the related executive transactions;
f. to resolutions, other than those indicated in letter (a) above, on the remuneration of directors vested with special offices as well as other key management personnel, provided that:
- i. the Company has adopted a remuneration policy approved by the Shareholders' Meeting;
- ii. in the definition of the remuneration policy, a committee consisting exclusively of non-executive directors with a majority of independent directors has been involved;
- iii. the remuneration awarded is identified in compliance with this policy and qualified with criteria that do not involve discretionary assessments;
g. to ordinary transactions that are concluded at conditions equivalent to market or standard conditions (as identified pursuant to the RPT Procedure). In the event that the ordinary transaction is a transaction of greater significance, without prejudice to the provisions of Article 17 of the Market Abuse Regulation, the Company: (i) informs CONSOB as well as the Control, Risk and Sustainability Committee, within the deadline indicated in Article 5, third paragraph, of the RPT Regulation, of the counterparty, the object and the consideration of the transactions that benefited from the exclusion as well as the reasons for which this transaction was deemed to be an ordinary transaction, providing objective evidence; and (ii) indicates in the interim report on operations and in the annual report on operations, as part of the information required by Article 5, paragraph eight, of the RPT Regulation, which of the transactions subject to the disclosure obligations indicated in the latter provision have been concluded by availing of this exemption;
h. to transactions with related parties with or between subsidiaries, also jointly, as well as those with associates, provided that in the subsidiaries or associates that are counterparties to the transaction there are no significant interests of other related parties of the company.

Furthermore, in accordance with Article 30.3 of the Articles of Association, the RPT Procedure makes provision for the white-wash mechanism, i.e. the possibility for the Board of Directors to approve transactions of greater significance despite the contrary opinion of the RPT Committee, provided that the execution of the transaction of greater significance is authorised, pursuant to Article 2364, paragraph 1, number 5), of the Italian Civil Code, by the Shareholders' Meeting. In this case, the Shareholders' Meeting resolves with the majorities set forth by law, provided that, where the unrelated shareholders present at the Shareholders' Meeting represent at least 10% of the share capital with voting rights, the majority of the unrelated shareholders voter in the shareholders' meeting do not vote against it.

It is hereby stated that, on 29 January 2025, the Control, Risk and Sustainability Committee (acting as Related

Party Transactions Committee), approved the update to the Related Parties Register prepared on the basis of the most recent update of the list of related parties of the Company and related party transactions. The Related Parties Register reports the related parties identified in accordance with the RPT Procedure and all related parties transactions of greater significance and lesser significance.

In addition, on 18 February 2025, the Board of Directors conducted the periodic verification of the need to make changes and additions to the RPT Procedure, also taking into account any legislative and regulatory changes and variations in the application normal practice, as well as any changes in the organisational structure of the Company. After having obtained the favourable opinion of the Control, Risk and Sustainability Committee, the Board of Directors deemed it unnecessary to make changes and additions to the procedure, considering that, as of the last approved amendment, there have been no legislative and regulatory changes or variations in the application normal practice, as well as in the organisational structure of the Company that justify a modification.

The RPT Procedure is available on the Company's website (www.generalfinance.it, "Governance/Documents and Procedures" Section), to which reference should be made for further details.

In addition to the RPT Procedure, on 4 July 2024, the Company adopted a Policy for the management of potential conflicts of interest ("Policy on conflicts of interest"), pursuant to Article 2391, paragraph 1, of the Italian Civil Code, of Recommendation no. 37 of the Corporate Governance Code (which provides that "The member of the control body who, on his/her own behalf or on behalf of third parties, has an interest in a given company transaction, shall promptly and comprehensively inform the other members of the same body and the chairperson of the management body on the nature, terms, origin and extent of his/her interest") as well as the Company's Code of Ethics (which requires, inter alia, that the Company adopt "specific rules to ensure transparency, integrity and correctness - both substantive and procedural - (i) of the transactions in which the private interests of the directors and members of the corporate bodies intersect and (ii) of the transactions with related parties, in compliance with the relevant legislative and regulatory provisions").

In the event of an interest, the Policy on conflicts of interest requires the interested party to send a written report to the Legal and Corporate Affairs Department in good time for the meeting of the Board of Directors, which will resolve on the transaction. The Legal and Corporate Affairs Department promptly informs the Chairperson of the Board of Directors and of the Board of Statutory Auditors of the report received so that it is made available in good time to the two corporate bodies. During the Board meeting, the interested party is allowed to participate in the discussion and explain the reasons underlying his/her interest, but may not participate in the vote as he/she is obliged to abstain. In the event that the interested party is the Chief Executive Officer, the latter must refrain from carrying out the transaction and refer the same to the Board of Directors.

The resolutions passed by the Board of Directors regarding transactions in which a representative has an interest must adequately justify the reasons and the benefit of them for the Company.

The Company decided to include among the recipients with relevant interests (pursuant to Article 2391 of the Italian Civil Code) in relation to the performance, or not, of certain transactions, not only the members of the Board of Directors but also those of the Board of Statutory Auditors.

The Policy on conflicts of interest is available on the Company's website (www.generalfinance.it, "Governance/Documents and Procedures" Section), to which reference should be made for further details.

11. BOARD OF STATUTORY AUDITORS

11.1 Appointment and replacement

The text of Articles 23, paragraphs 5 et seq., 24 and 25 of the Articles of Association containing provisions on the appointment and replacement of the Board of Statutory Auditors is reported hereunder: Article 23

23.5 The Board of Statutory Auditors is elected by the Ordinary Shareholders' Meeting based on the lists presented by the shareholders, according to the provisions set out hereunder, ensuring that the gender balance is respected based on the legal and regulatory provisions in force from time to time.
23.6 The presentation of lists is regulated by the legislation and regulations in force from time to time and by these Articles of Association.
23.7 Shareholders who, alone or together with others, at the moment the list is presented, represent at least the stake in share capital required by previous Article 15 for the presentation of lists of candidates for the office of Director, are entitled to present lists11.
23.8 The lists are filed within the terms set forth in the legislation and regulations in force from time to time, which are indicated in the call notice, at the registered office of the Company or transmitted via distance communication means, according to the methods indicated therein. They are provided to the public according to the terms and methods set out in the legislation and regulations in force from time to time.
23.10 Each shareholder, the shareholders participating in a relevant shareholders' agreement in accordance with Article 122 of the Consolidated Law on Finance, the parent company, the subsidiaries and those subject to common control and other entities between whom connection relationships are in place, including indirect, pursuant to the legislation and regulations in force from time to time, cannot present or contribute to the presentation, either through third parties or trust companies, of more than one list, nor vote on different lists.
23.11 Each candidate may be presented in only one list, under penalty of ineligibility.
23.12 Each list contains a number of candidates, sequentially numbered, not exceeding the number of members to be elected.
23.13 The lists are split into two sections: one for candidates for the office of Standing Auditor, the other for candidates for the office of Alternate Auditor. The first of the candidates of each section must be enrolled in the register of auditors and have performed statutory auditing activities for a period of no less than 3 (three) years.
23.14 For the period of application of the legislation and regulations in force from time to time governing gender balance, each list that – considering both sections – presents a number of candidates of equal to or greater than 3 (three) must also include candidates belonging to both genders, at least in line with the minimum quota required by the legal and regulatory provisions in force from time to time, according to the specifications of the call notice of the Shareholders' Meeting.
23.15 The following must be filed together with presentation of the lists:
- a) information relating to the shareholders who presented the list and their percentage shareholding;
- b) a declaration from the shareholders other than those who hold, including jointly, a controlling interest or a relative majority, certifying the absence of any connection relationships with the latter, including indirect, pursuant to the legislation and regulations currently in force;
- c) the curriculum vitae of the candidates as well as a declaration in which each candidate certifies, under their own responsibility, that there are no grounds for ineligibility and incompatibility and that the

¹¹ Pursuant to CONSOB Resolution no. 76 of 30 January 2023, the shareholding determined by CONSOB pursuant to Article 144-quater of the CONSOB Issuers' Regulation is 2.5%.

requirements to fulfil the respective offices are satisfied;

d) a disclosure relating to the candidates with an indication of the directorships and auditing posts held in other companies, as well as a declaration from said candidates certifying that they meet the requirements set forth in the legislation and regulations in force from time to time and the Articles of Association;
e) the declaration in which each candidate accepts their candidacy;
f) any other additional or different declaration, disclosure and/or document required by the legislation and regulations in force from time to time.
23.16 In the event of non-fulfilment of the obligations set forth in this Article, the list is considered as not having been presented. Any changes that should be verified until the day of actual conduct of the Shareholders' Meeting are promptly communicated to the Company.

Article 24

24.1 The Board of Statutory Auditors is elected according to the following provisions:
- a) two standing members and one alternate member are taken from the list which obtained the highest number of votes ("Majority List"), based on the sequential number with which they appear in said list;
- b) the remaining standing member, who will also be appointed Chairperson of the Board of Statutory Auditors, and the other alternate member, shall be taken from the list that obtained the second highest number of votes at the Shareholders' Meeting and which is not connected, even indirectly, with the shareholders who presented or with those who voted for the Majority List (the "Minority List"), in the sequential order in which they appear in said list. In the event in which several lists have received the same number of votes, a new ballot is held between said lists by all parties entitled to vote present at the Shareholders' Meeting, with the candidates elected from the list that obtains the relative majority.
24.2 If the gender balance has not been ensured according to the provisions of the legislation and regulations in force from time to time, the candidate belonging to the most represented gender and elected, indicated last in sequential order in each section of the Majority List, shall be replaced by the candidate belonging to the less represented gender and not elected taken from said list according to the sequential order of presentation.
24.3 If the number of candidates elected based on the lists presented is less than the number of Statutory Auditors to be elected, the remainder shall be elected by the Shareholders' Meeting which resolves according to the legal majorities and to ensure that the gender balance required by the legislation and regulations in force from time to time is complied with.
24.4 In the event only one list is presented, the entire Board of Statutory Auditors is taken from said list in compliance with the legislation and regulations in force from time to time. By contrast, in the event no list is presented, the Shareholders' Meeting resolves on the basis of a relative majority in accordance with the legal provisions. In said scenario, the Chairperson of the Board of Statutory Auditors is appointed by the Shareholders' Meeting which resolves on the basis of the relative majority of the votes represented therein.

Article 25

25.1 If, during the year, a Standing Auditor should leave office, they shall be replaced by the first alternate member on the same list as the auditor replaced, until the next Shareholders' Meeting, to ensure compliance with the legal and regulatory provisions, in force from time to time governing gender balance, where applicable. In the event in which the first replacement does not make it possible to ensure compliance with the legal and regulatory provisions in force from time to time governing gender balance, they are replaced by the second alternate member taken from the same list.
25.2 In the event of replacement of the Chairperson of the Board of Statutory Auditors, the Chairperson is

assumed, until the next Shareholders' Meeting, by the Alternate Auditor taken from the Minority List, where it exists, without prejudice, in any case, to respect for the legal and regulatory provisions in force from time to time governing gender balance, where applicable.

25.3 If the Board of Statutory Auditors is not completed with the Alternate Auditors, the Shareholders' Meeting must be called to supplement the Board of Statutory Auditors, in compliance with the legislative and regulatory provisions in force from time to time. This Shareholders' Meeting resolves in compliance with the principle of representation of minorities.
25.4 In the event the standing auditors and/or alternate auditors taken from the majority list need to be replaced, the Shareholders' Meeting pursuant to Article 2401 of the Italian Civil Code applies the provisions of the Italian Civil Code and resolves according to the legal majorities; in the event the standing auditors and/or alternate auditors taken from the minority list need to be replaced, the Shareholders' Meeting resolves in observance of the principle of representation of minorities.

It should be noted that in addition to the legal and regulatory provisions (among which the most important are Bank of Italy Circular no. 288 of 3 April 2015, as subsequently amended and supplemented, the Italian Decree of the Ministry of Economy and Finance no. 169 of 23 November 2020, in force since 30 December 2020, containing the "Regulation on the requirements and criteria of suitability for the performance of the office of corporate representatives of banks, financial intermediaries, credit guarantee consortia, electronic money institutions, payment institutions and depositor guarantee systems" and Article 36 of the Salva Italia Decree, which introduced an explicit interlocking ban to the Italian legal system for entities operating in the financial and insurance market), of the Consolidated Law on Finance and the provisions of the Articles of Association and the Corporate Governance Code, the Issuer is not subject to other requirements regarding the composition of the Board of Statutory Auditors.

11.2 Composition and operation (pursuant to Article 123-bis, paragraph 2, letters d) and d-bis), of the TUF) Pursuant to Article 23 of the Articles of Association, the Board of Statutory Auditors is composed of three standing members and two alternate members.

The members of the Board of Statutory Auditors remain in office for three financial years and their term of office expires on the date of the Shareholders' Meeting called to approve the financial statements relating to the third year of office.

The statutory auditors can be re-elected.

The members of the Board of Statutory Auditors must meet the requirements set forth by the legislation and regulations in force and applicable from time to time. The following subjects are considered to relate strictly to the Company's business domain: commercial law, corporate law, financial markets law, tax law, business economics, corporate finance, disciplines with a similar or comparable object, as well as, lastly, subjects relating to the Company's business sector.

On 8 March 2022, the Ordinary Shareholders' Meeting of the Issuer (i) acknowledged that all the members of the Board of Statutory Auditors in office at the date of the Report have resigned with effect subject to the Trading Start Date; and (ii) appointed, with effect subject to the Trading Start Date, Paolo Francesco Maria Lazzati as Chairperson of the Board of Statutory Auditors, Marco Carrelli and Maria Enrica Spinardi as standing auditors and Andrea di Giuseppe Cafà and Luca Zambanini as alternate auditors (the "Members of the Board of Statutory Auditors") for three financial years.

The Members of the Board of Statutory Auditors therefore took office on the Trading Start Date and will remain there until the approval of the financial statements as at 31 December 2024.

The following table shows the members of the Board of Statutory Auditors in office at the date of this Report:

Name and surname	Office	Place and date of birth	First appointment
Paolo Francesco Maria Lazzati	Chairperson	Milan (MI), 16 May 1958	29/06/2017
Marco Carrelli	Standing Auditor	Domodossola (VB), 23 August 1985	08/03/2022
Maria Enrica Spinardi	Standing Auditor	Turin (TO), 14 July 1960	08/03/2022
Andrea di Giuseppe Cafà	Alternate Auditor	Teramo (TE), 6 March 1970	29/06/2022
Luca Zambanini	Alternate Auditor	Biella (BI), 1 April 1974	29/06/2022

A brief curriculum vitae of each member of the Board of Statutory Auditors is provided below, showing their expertise and accrued experience.

Paolo Francesco Maria Lazzati – was born in Milan on 16 May 1958. He has a degree in Economics and Commerce from Università Cattolica del Sacro Cuore in Milan (specialisation in Business Economics) and is qualified as a chartered accountant. He began his career at Gaetano Lazzati's practice. In 1990, after a period of collaboration, he joined the Law Firm Paolo Maria Tabellini e Associati as an associate and in 2000 he founded his own professional firm, where he mainly provides tax and corporate assistance to companies and groups, also in the phases of corporate reorganisation, expansion and restructuring, as well as assistance to families in the management and organisation of their own assets. He was a lecturer in the Tax Law course from 1993 to 2001 at the University of Trento and from 2000 to 2015 at the University of Pavia, again in the Faculty of Economics and Commerce. He has held and holds positions as director, statutory auditor and chairperson of the board of statutory auditors in various companies.

Maria Enrica Spinardi – was born in Turin on 14 July 1960. In 1983, she graduated in Economics and Commerce from the University of Turin. From 1983 to 1985 she worked as an internal auditor at Olivetti S.p.A. Since 1985, she has carried out auditing activities in a leading auditing firm. She has been an auditor since 1996. She is enrolled in the register of Auditors of Local Authorities. From 2001 to 2012, she was a partner in a leading auditing firm. She carries out legal consultancy and auditing activities. She is an auditor and member of several Supervisory Bodies pursuant to Italian Legislative Decree no. 231/2001.

Marco Carrelli – was born in Domodossola (VB) on 23 August 1985. He has a degree in Economics from the University of Pavia. Provides tax consultancy and assistance, tax planning for corporations, businesses, selfemployed and private individuals, also through the drafting of interpretative opinions on corporate law, bankruptcy law, tax litigation, extraordinary corporate transactions. He provides assistance with direct, indirect and substitute taxation and defence during tax disputes. He provides assistance in tax returns under the ordinary and tax consolidation regime as well as accounting consultancy and preparation of group separate financial statements and consolidated financial statements. He is enrolled in the list of professionals who carry out sales transactions pursuant to Article 179-ter of the Italian Civil Procedure Code at the Court of Biella. He holds positions as a member of the board of statutory auditors in various companies.

Andrea di Giuseppe Cafà – was born in Teramo on 6 March 1970. In 1996, he graduated in Business Economics from Luigi Bocconi Business University in Milan. In 1997, he began to collaborate with Studio Mattina Bracchitta, carrying out tax and corporate consultancy activities and in 2000 he became a partner (until 2002). In 1999, he qualified as an accountant. From 2002 until 2018 he was a consultant for New Team Service S.r.l. From 2012 to 2019 he was a partner of Studio Mazzocchi & Associati. Since 2014 he has been a partner of Lloyd & Moore, a company operating in the auditing sector. Since 2000 he has been chairperson of the board of directors of Italian Trust Company S.r.l. and since 2002 he has been chairperson and standing member of the boards of statutory auditors of numerous companies. He obtained numerous master's degrees: in 1998 the Master's Degree in Taxation at Luigi Bocconi Business University in Milan, in 2003 the Master's Degree in Corporate Law and Corporate

Governance, in 2005 the Master's Degree in Non-Profit Entities, in 2008 the Master's Degree in Law Bankruptcy and in 2009 the Specialisation Master's Degree on Government and Auditing of Entities. From 2009 to 2012 he was the statutory auditor of the Municipality of Cologno Monzese. He is the author of numerous publications.

Luca Zambanini – was born in Biella on 1 April 1974. From 1993 to 2005 he collaborated with Studio Bernero – Barazzotto Commercialisti Associati, first as a trainee accountant and then as a professional accountant and a trainee chartered accountant. Since 2006, he has carried out professional, accounting, corporate and tax consultancy activities at his offices for a number of national companies and companies belonging to multinational groups. He has been an accountant since 1997 and a statutory auditor since 1999. In 2001, he graduated in Economics and Commerce from the University of Eastern Piedmont. Since 2004 he has been a statutory auditor, sole auditor, standing auditor and alternate auditor in various private and public companies. In 2006, he obtained the qualification as a chartered accountant. Since 2007, he has been a trustee in bankruptcy and a professional in charge of foreclosures for the Court of Biella. Since 2015, he has been teaching as part of training plans for company personnel.

During the Financial Year, 11 meetings of the Board of Statutory Auditors were held (with an average duration of approximately 60 minutes). At the date of the Report, 1 meeting has been held and at least a further 4 meetings are planned for 2025. With a total attendance percentage of approximately 100%, the attendance percentage of each member of the Board of Statutory Auditors in office at the date of the Report was respectively equal to: (i) Paolo Francesco Maria Lazzati 100%; (ii) Marco Carrelli 100%; and (iii) Maria Enrica Spinardi 100%.

Independence and professionalism

For the purposes of the independence assessment, the significance criteria set out in Section 4.7 for the Board of Directors are applied to the Board of Statutory Auditors.

The Board of Statutory Auditors, also on the basis of the information provided by the same statutory auditors, assesses, on an annual basis and with reference to each of its members, the existence of the independence requirements envisaged by the Consolidated Law on Finance and the Corporate Governance Code and provides complete disclosure to the market.

In this regard, it should be noted that the Board of Statutory Auditors, at its meeting on 21 February 2024, verified the satisfaction of the independence requirements, set forth in Article 148, paragraph 3 of the Consolidated Law on Finance and Article 2 of the Corporate Governance Code, of all its members and conducted the periodic selfassessment of the body itself regarding the continued satisfaction of the requirements envisaged for its members as well as the correctness and effectiveness of its operation, according to the provisions of the rules of conduct of the Board of Statutory Auditors of listed companies drawn up by the National Institute of Chartered Accountants and Accounting Experts.

Furthermore, at the meeting of 25 November 2024, in compliance with the provisions of Articles 26 and 110 of the Consolidated Law on Banking, as well as Title II, Chapter 2, of the provisions contained in Circular no. 288 of 3 April 2015 of the Bank of Italy, the Board of Statutory Auditors also verified compliance by the same members of the Board of Statutory Auditors with Article 36 of the Salva Italia Decree regarding the interlocking ban.

Diversity criteria and policies

It should be noted that the rules that require the allocation of the members of the Board of Statutory Auditors to be elected to be carried out on the basis of a criterion that ensures the balance between genders, pursuant to the provisions of Article 148, paragraph 1-bis, of the Consolidated Law on Finance, have been incorporated in the Articles of Association.

With reference to gender diversity, despite Article 148, paragraph 1-bis, of the Consolidated Law on Finance, as amended by Italian Law no. 160 of 27 December 2019, stating that the provisions on gender balance apply from

the first renewal of the Board of Statutory Auditors following the Trading Start Date, the composition of the Issuer's Board of Statutory Auditors already complies with said requirements, given that the rule is respected which states that the less represented gender must obtain at least one fifth of the statutory auditors elected at the first renewal and at least two fifths of the statutory auditors elected on the occasion of the next five consecutive terms (in any case rounded upwards, with the exception of the corporate bodies formed by three members for which the rounding is down to the lowest unit).

At the date of this Report, the composition of the Board of Statutory Auditors was suitably diversified by age, gender and training and professional background.

The Company has not formally adopted diversity policies in relation to the composition of the control body, with specific reference to aspects such as age and training and career path, since – de facto – it already applies principles of personal and professional diversification in the appointments, to guarantee a balanced composition of the body.

Remuneration

The remuneration of the statutory auditors is commensurate with the commitment required, the importance of the role held as well as the size and sector characteristics of the Issuer. In this regard, it should be noted that, for the purposes of determining the remuneration of the statutory auditors, the Shareholders' Meeting, in particular, took into account the growing commitment required as a result of the envisaged greater complexity deriving from the admission to trading of the Issuer's shares on Euronext Milan, a market organised and managed by Borsa Italiana S.p.A., STAR segment.

Interest management

As far as the Issuer is aware, at the date of the Report, none of the members of the Board of Statutory Auditors of the Issuer have private interests in conflict with their obligations deriving from the office held within the Issuer.

In the RPT Procedure, the Issuer has provided that the statutory auditor who, on their own behalf or on behalf of third parties, has an interest in a specific transaction of the Issuer, promptly and comprehensively informs the other statutory auditors of the nature, terms, origin and extent of the own interest.

In addition, the Issuer deemed it appropriate to include the members of the Board of Statutory Auditors among the recipients of the Conflicts of Interest Procedure.

The RPT Procedure and the Conflicts of Interest Procedure are available on the Company's website (www.generalfinance.it, "Governance/Documents and Procedures" Section), to which reference should be made for further details.

For further information on the composition of the Board of Statutory Auditors, please refer to Table 4 attached to the Report.

11.3 Role

During the Financial Year, the Board of Statutory Auditors carried out, among other things, the following activities:

assessments in preparation for the 2023 Annual Financial Report and verification of the suitability of periodic financial information to correctly represent the business model, the strategies of the Company, the impact of its activities and the performance achieved;
examination of the adequacy of the organisational structure of the Company, of the internal control system and of the administrative-accounting system as well as on the reliability of the latter in correctly representing the operating events;
verification of the methods of actual implementation of the corporate governance rules envisaged by the Corporate Governance Code with which the Company complies;
verification of the independence requirements of the Board of Statutory Auditors;

periodic self-assessment of the Board of Statutory Auditors regarding the continued satisfaction of the requirements envisaged for its members as well as on the correctness and effectiveness of its operation;
obligations inherent and consequent to the "Additional Report for the Internal Control and Audit Committee" prepared by the independent auditors Deloitte & Touche S.p.A., pursuant to Article 11 of Regulation (EU) 537/2014;
meeting to update and exchange information with the Company's Supervisory Body;
half-yearly Financial Report: assessment of the correct application of accounting standards;
meeting with the Financial Reporting Manager;
meeting with the Independent Auditors;
report of the Internal Audit functions on operations, Risk Management and Anti-Money Laundering activities carried out during the first half of the year;
report of the Financial Reporting Manager on the adequacy of the relevance thresholds pursuant to the Related Party Transactions Procedure;
verification that the members of the Board of Statutory Auditors do not have any reasons for incompatibility pursuant to Article 36 of Italian Law Decree no. 201/2011 ("interlocking ban").

12. RELATIONS WITH SHAREHOLDERS AND OTHER RELEVANT STAKEHOLDERS

12.1 Access to information

In compliance with the provisions of Article 1, Principle IV, of the Corporate Governance Code, the Company intends to ensure constant and open dialogue with the shareholders and with the other interested parties (hereinafter, jointly, the "Interested Parties") in order to increase their level of understanding about the activities carried out by the Company, its economic and financial performance and its strategies aimed at pursuing sustainable success, as well as maintaining an adequate channel of information with these subjects, based on principles of fairness and transparency in compliance with the law.

Starting from the Trading Start Date, the Issuer has set up a special section ("Investor Relations") within its website, easily identifiable and accessible, in which the regulated information as well as the information concerning the Issuer that is significant for its shareholders has been made available, so as to allow the latter to exercise their rights in an informed manner.

In addition, the Company appointed Ugo Colombo, a professionally qualified person in charge of managing relations with investors, in his role as investor relator, in order to ensure correct, continuous and complete communication with shareholders and other relevant stakeholders.

12.2 References of the investor relator

The references of the investor relator are as follows: Generalfinance S.p.A., Chief Financial Officer – Investor Relations, Ugo Colombo, [email protected], +39 3355761968.

12.3 Dialogue with shareholders and other relevant stakeholders

It should be noted that, on 20 May 2022, the Board of Directors, on the proposal of the Chairperson of the Board of Directors, formulated in agreement with the CEO, approved a policy for the management of dialogue with shareholders and other interested parties (the "Policy for the Management of Dialogue with Shareholders") in line with the recommendations of the Corporate Governance Code.

The Policy for the Management of Dialogue with Shareholders was subsequently confirmed and ratified by the Board of Directors at its meeting on 29 June 2022.

The issues that can be addressed in the context of the dialogue may concern, inter alia:

a. economic and financial results of the Company and corporate strategies;
b. extraordinary transactions of particular strategic importance for the Company;
c. corporate governance and, in particular, the appointment and composition of the corporate bodies (also in terms of size, professionalism, independence and diversity) and composition, size and functions of the internal board committees;
d. sustainability and ethical, social and environmental issues;
e. remuneration policies of the members of the Board of Directors and of the Board of Statutory Auditors as well as of key management personnel of the Company;
f. internal control and risk management system; and
g. transactions with related parties.

The parties involved in the process of managing dialogue with the shareholder base and other relevant stakeholders are:

a. the Board of Directors, which approves the Policy for the Management of Dialogue with the Shareholders and is responsible for the dialogue with the Interested Parties, delegating the operational management to the CEO. The Board of Directors, however, maintains a role of guidance, supervision and monitoring and may resolve on any matter pertaining to the dialogue with the Interested Parties;

b. the CEO, who handles and manages the dialogue with the Interested Parties;
c. the Chairperson of the Board of Directors, who maintains an institutional role of liaison and ensures the Board of Directors with an adequate flow of information on the dialogue with the Interested Parties;
d. the CFO, who provides operational support to the CEO in managing the dialogue with the Interested Parties;
e. the Investor Relator, who assists the CEO in managing the dialogue with the Interested Parties and represents the first point of contact with the Interested Parties for the establishment of dialogue with the Board of Directors.

The Policy for the Management of Dialogue with Shareholders is available on the Company's website (www.generalfinance.it, "Governance/Documents and Procedures" Section), to which reference should be made for further details.

12.4 Information Contact Person

At the meeting of 9 May 2022, pursuant to Article 2.6.1 of the Regulations of the Markets organised and managed by Borsa Italiana, the Board of Directors appointed Stefano Saviolo, Head of the Legal and Corporate Affairs Department, as Information Contact Person, i.e. the person whom Borsa Italiana may contact to obtain information on the Company that it deems useful for the proper functioning of the market or to request the dissemination of data or news necessary for disclosure to the market. At the same time, to ensure constant and effective monitoring, Margherita De Pieri, a member of the Legal and Corporate Affairs Department, was appointed as a substitute, and she will act as Information Contact Person in the event of his absence or impediment.

13. SHAREHOLDERS' MEETINGS

The Shareholders' Meeting of the Company meets in ordinary and extraordinary sessions in accordance with the law and the Articles of Association. The Shareholders' Meeting, duly constituted, represents the universality of the shareholders and its resolutions, taken in compliance with the law and the Articles of Association, bind and oblige all shareholders, even if not attending, abstaining or dissenting.

Pursuant to Articles 11 et seq. of the Articles of Association, the Shareholders' Meeting is called whenever the Board of Directors deems it appropriate or when its calling is required by law.

The Shareholders' Meeting is held at the registered office or in any location, including outside of the registered office, chosen by the administrative body, provided in Italy or in another European Union Country, in the latter case by ensuring entitled parties have the possibility to attend with the means set out in Article 13, paragraph 5) of the Articles of Association. In the notice of call, it may be established that the Shareholders' Meeting is held exclusively by telecommunication means, omitting the indication of the physical location of the meeting, in line with the methods and limits set by the applicable legislation and regulations in force.

Ordinary and extraordinary Shareholders' Meetings are held on single call. The Board of Directors can make provision for the Shareholders' Meeting to be held on multiple calls and, in said scenario, the call notice will indicate the date of the second and, if necessary, third calls according to the methods set forth in Article 11, paragraph 4), of the Articles of Association. The Shareholders' Meeting is constituted and passes resolutions, in the ordinary and extraordinary sessions, based on the majorities required by law in said scenarios.

The Shareholders' Meeting is called by the Board of Directors via a notice published on the Company's website as well as according to the other methods established by the currently applicable legislation and regulations and where necessary - by the Italian Civil Code.

The Ordinary Shareholders' Meeting for approval of the financial statements must be called at least once a year within 120 days of the close of the financial year, or in the cases set forth in Article 2364, paragraph 2, of the Italian Civil Code, and nonetheless in observance of the terms set forth in Article 154-ter of the Consolidated Law on Finance, within the extended term of 180 days from the close of the financial year, without prejudice to any additional term set forth in the regulatory provisions in force. In said case, this must be communicated to the Bank of Italy.

The Company's Articles of Association make provision, in Article 6, for the increased voting right mechanism pursuant to Article 127-quinquies of the Consolidated Law on Finance. In this regard, it should be noted that, on 6 September 2024, the Extraordinary Shareholders' Meeting of the Company approved an amendment to the Articles of Association through which the enhanced voting right was introduced, as permitted by the renewed Article 127 quinquies of the Consolidated Law on Finance - amended by Italian Law no. 21 of 5 March 2024 (Capital Law) which establishes that companies that adopt the increased voting right mechanism may also provide in the Articles of Association that, in addition to the ordinary increase, up to a maximum of two votes per share that can be achieved after a period of ownership of the uninterrupted shareholding of at least 24 months, voting rights may be further increased by one vote per share for each 12-month period of continued ownership of the shares, up to a maximum of 10 votes per share, according to a progressive step-up mechanism.

Consequently, where the statutory conditions envisaged for the accrual of increased voting rights are met, pursuant to Article 6, paragraph 6 of the Articles of Association, the entitled person will have the legitimate right to exercise the following in the forms provided for by the applicable legislation:

a) 2 (two) votes for each share if the Increased Voting Condition is fulfilled for an uninterrupted period of 24 (twenty-four) months;
b) 3 (three) votes for each share if the Increased Voting Condition is fulfilled for an uninterrupted period of 36 (thirty-six) months;

c) 4 (four) votes for each share if the Increased Voting Condition is fulfilled for an uninterrupted period of 48 (forty-eight) months;
d) 5 (five) votes for each share if the Increased Voting Condition is fulfilled for an uninterrupted period of 60 (sixty) months;
e) 6 (six) votes for each share if the Increased Voting Condition is fulfilled for an uninterrupted period of 72 (seventy-two) months;
f) 7 (seven) votes for each share if the Increased Voting Condition is fulfilled for an uninterrupted period of 84 (eighty-four) months;
g) 8 (eight) votes for each share if the Increased Voting Condition is fulfilled for an uninterrupted period of 96 (ninety-six) months;
h) 9 (nine) votes for each share if the Increased Voting Condition is fulfilled for an uninterrupted period of 108 (one hundred and eight) months;
i) 10 (ten) votes for each share if the Increased Voting Condition is fulfilled for an uninterrupted period of 120 (one hundred and twenty) months.

In this regard, it should be noted that, as specified in Section 2, letter "d" of the Report (to which reference should be made for further information), the Company has adopted a specific regulation containing the detailed rules on increased voting rights, which is available on the Company's website (www.generalfinance.it, "Governance/Increased Voting Rights" Section).

Holders of the voting right pursuant to the currently applicable legal and regulatory provisions are legitimately entitled to attend the Shareholders' Meeting. The legitimate entitlement to attend and exercise the voting right is certified according to the terms established in the applicable legislation and regulations in force from time to time, as well as by the provisions of the following paragraphs of Article 12 of the Articles of Association, as provided, from time to time, in the notice of call.

Both Ordinary and Extraordinary Shareholders' Meetings may be held with the exclusive participation of the designated representative, pursuant to Article 135-undecies of the Consolidated Law on Finance, in compliance with the applicable legislation and regulations in force at the time, in accordance with the provisions of the notice of call. The designated representative may also be granted proxies and sub-proxies pursuant to Article 135-novies of the Consolidated Law on Finance.

If it is envisaged in the notice of call that the attendance and exercise of the voting right at the Shareholders' Meeting does not take place exclusively through the designated representative, whoever has the right to vote may be represented at the Shareholders' Meeting, issuing a specific proxy within the terms and in the manner indicated by law. The proxy is sent to the Company via certified e-mail to the address indicated in the call notice or other transmission methods indicated therein.

The Company can designate, for each Shareholders' Meeting, one or more persons to whom the holders of the right to vote at the Shareholders' Meeting can confer a proxy with voting instructions on all or some of the proposals on the agenda. The proxy has no effect with regard to the proposals for which no voting instructions have been conferred. The designated persons, the methods and terms for conferral of proxies are shown in the call notice of the Shareholders' Meeting.

In compliance with the provisions of Articles 24 and 110 of the Consolidated Law on Banking, voting rights and other rights that make it possible to influence the Company in relation to equity investments for which (i) the prior authorisations to be issued by the Bank of Italy have not been obtained or have been suspended or revoked or (ii) the required communications have been omitted, cannot be exercised.

The Shareholders' Meeting is chaired by the Chairperson of the Board of Directors. In the event of the absence or

impediment of the latter, the Shareholders' Meeting shall be chaired by the person elected by means of a majority vote of those present, according to the shareholding held.

It resolves on all matters that fall within its competence as per the law and the Articles of Association.

The Chairperson of the Shareholders' Meeting verifies, also via the appropriate representatives, the right to attend, that the meeting is validly constituted, the identity and legitimate entitlement to attend of the participants, as well as governs the conduct of the meeting and ascertains the results of the votes; the outcomes of these assessments must be documented in the minutes.

The operations of the Shareholders' Meeting is regulated by law, by the Articles of Association and, if present, the appropriate Shareholders' Meeting regulation approved by means of a resolution of the Company's Ordinary Shareholders' Meeting.

The Shareholders' Meeting may be held with the attendees in multiple locations connected via means of telecommunication. In said scenario: (a) except in the case referred to in Article 11, paragraph 2, last sentence, of the Articles of Association, the call notice indicates the locations connected via audio/video link, in which the attendees may be located; (b) the Chairperson of the Shareholders' Meeting must be able to guarantee that the meeting is validly constituted, verify the identity and the legitimate entitlement to attend of the participants, verify the regular conduct of the meeting, and ascertain the results of voting; (c) the person taking the minutes must be able to adequately hear the events of the Shareholders' Meeting for which minutes must be taken; and (d) the attendees must be able to participate in the discussion and simultaneous voting on the items on the agenda.

The Chairperson of the Shareholders' Meeting is assisted by a secretary, who need not be a shareholder, designated by the attendees, except where provided for by the second paragraph of Article 2371 of the Italian Civil Code.

For more details on the operating mechanisms, the rights of the shareholders and the methods for their exercise, please refer to the current Articles of Association of the Issuer available on the Company's website (www.generalfinance.it, "Governance/Articles of Association" Section).

13.1 Shareholders' Meetings for the Financial Year

During the Financial Year, two shareholders' meetings were held:

a) the Ordinary Shareholders' Meeting was held on 5 April 2024, with the following agenda:
- 1. Financial statements as at 31 December 2023.
  2. 1.1. Approval of the Financial Statements as at 31 December 2023. Reports of the Board of Directors, the Board of Statutory Auditors and the Independent Auditors.
  3. 1.2 Allocation of profit for the year.
- 1. Report on the remuneration policy and the remuneration paid pursuant to Article 123-ter, paragraphs 3-bis and 6 of Italian Legislative Decree no. 58/98:
  2. 2.1. First Section: report on the remuneration policy. Binding resolution;
  3. 2.2. Second Section: report on remuneration paid. Non-binding resolution.
- 1. Appointment of two directors co-opted pursuant to Article 2386 of the Italian Civil Code.
- 1. Appointment of the Independent Auditors for the financial years 2026-2034.

The meeting was attended by 6 Company Directors out of the 9 in office at the date of the Shareholders' Meeting. During the Shareholders' Meeting and in the preparatory documentation, the Board reported on the activities carried out and planned and took steps to ensure that the shareholders were adequately informed of the elements needed for them to be able to take, with full knowledge of the facts, the decisions within the competence of the Shareholders' Meeting.

b) The Extraordinary Shareholders' Meeting was held on 6 September 2024, with the following agenda:

Proposal to amend the Articles of Association for the purposes, inter alia, of including: a) the enhanced voting rights; and b) the right to hold the meeting even only with the exclusive participation of the designated representative.

The meeting was attended by 7 Company Directors out of the 9 in office at the date of the Shareholders' Meeting. During the Shareholders' Meeting and in the preparatory documentation, the Board reported on the activities carried out and planned and took steps to ensure that the shareholders were adequately informed of the elements needed for them to be able to take, with full knowledge of the facts, the decisions within the competence of the Shareholders' Meeting.

14. ADDITIONAL CORPORATE GOVERNANCE PRACTICES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER A), SECOND PART, OF THE TUF)

At the date of this Report, no additional corporate governance practices were adopted other than those already indicated in this Report.

15. CHANGES AFTER THE END OF THE REFERENCE FINANCIAL YEAR

Except for the above and for what is reported in the specific sections of the Report, there have been no changes in the corporate governance structure since the end of the Financial Year.

16. CONSIDERATIONS ON THE LETTER FROM THE CHAIRPERSON OF THE CORPORATE GOVERNANCE COMMITTEE

On 18 February 2025, the Board of Directors examined the recommendations contained in the Letter of the Chairperson of the Italian Committee for Corporate Governance of 17 December 2024 (the "Letter"), already examined by the Control, Risk and Sustainability Committee and the Board of Statutory Auditors, during the joint meeting held on 21 February 2024.

With reference to the recommendations contained in the Letter, the Company believes that its corporate governance structure, organisational structure, regulations, corporate procedures and practices generally followed – as described in detail in this Report – are able to ensure substantial compliance with the recommendations in question, also in view of the requirements set forth in the Corporate Governance Code.

The Board of Directors, in any case, during the 2025 financial year, will further analyse the recommendations contained in the Letter in order to make the Company's governance increasingly consistent with compliance with the CG Code.

information on the ownership structure as at 31/12/2024

SHARE CAPITAL STRUCTURE
	No. of shares	No. of voting rights	Listed/unlisted	Rights and obligations
Ordinary shares	12,635,066	19,530,005	Listed	Ordinary by law(12)
Preference shares	0	0	-	-
Multiple voting shares	0	0	-	-
Other categories of shares with voting rights	0	0	-	-
Savings shares	0	0	-	-
Convertible savings shares	0	0	-	-
Other categories of shares without voting rights	0	0	-	-
Other	-	-	-	-

OTHER FINANCIAL INSTRUMENTS (attributing the right to subscribe newly issued shares)
	Listed (indicate the markets)/unlisted	No. of instruments in circulation	Category of shares for conversion/exercise	No. of shares for conversion/exercise
Convertible bonds	-	-	-	-
Warrants	-	-	-	-

¹² On the possibility of obtaining the increased voting rights due on the shares, see Section 2, letter "d" of this Report.

SIGNIFICANT EQUITY INVESTMENTS(13)
Declarant	Direct shareholder	% share of ordinary capital	% share of voting capital
-	GGH – Gruppo General Holding S.r.l.	41.375	53.533
-	Investment Club S.r.l.	9.555	9.413
-	BFF Bank S.p.A.	8.021	5.189
-	First4Progress1 S.r.l.	5.391	6.662
-	Banca del Ceresio SA	4.667	5.153

¹³ At the year-end date.

structure of the Board of Directors at the year-end date

Office	Members	Year of birth	Date of first appointment (14)	In office since	In office until	List (sub mitte rs) (15)	List (M/m) (16)	Exec.	Non exec.	Indep Code	Indep . TUF	No. of other offices (17)	Attenda nce (18)
Chairperson	Maurizio Dallocchio	1958	21/06/2021	29/06/2022	Appr. financial statements as at 31/12/2024	N/A	N/A	-	X	X	X	2	19/19
Deputy Chairperson	Mauro Selvetti	1960	08/03/2022	29/06/2022	Appr. financial statements as at 31/12/2024	N/A	N/A	-	X	X	X	0	19/19
Chief Executive Officer (19)	Massimo Gianolli	1966	23/10/1990	29/06/2022	Appr. financial statements as at 31/12/2024	N/A	N/A	X	-	-	-	0	19/19
Director	Leonardo Luca Etro	1978	18/10/2018	29/06/2022	Appr. financial statements as at 31/12/2024	N/A	N/A	-	X	X	X	1	16/19
Director	Maria Luisa	1962	04/11/2015 (20)	29/06/2022	Appr. financial	N/A	N/A	-	X	X	X	2	17/19

¹⁴ The date of first appointment of each director means the date on which the director was appointed for the first time (ever) to the Company's Board of Directors.

¹⁵ This column indicates whether the list from which each director was drawn was submitted by shareholders (indicating "Shareholders") or by the BoD (indicating "BoD").

¹⁶ This column indicates whether the list from which each director was drawn is "majority" (indicating "M"), or "minority" (indicating "m").

¹⁷ This column indicates the number of offices as director or auditor held by the person concerned in other listed companies or companies of significant size. The offices are indicated in full in the Corporate Governance Report.

¹⁸ This column indicates the attendance of the directors in the meetings of the Board of Directors (the number of meetings attended with respect to the total number of meetings that could have been attended; e.g. 6/8; 8/8 etc.).

¹⁹ Director in charge of the internal control and risk management system.

²⁰ Maria Luisa Mosconi has held the position of Director of the Issuer from 4 November 2015 to 3 December 2015.

	Mosconi				statements as
					at 31/12/2024
	Annalisa				Appr. financial
Director	Raffaella	1966	08/03/2022	29/06/2022	statements as	N/A	N/A	-	X	X	X	2	15/19
	Donesana				at 31/12/2024
					Appr. financial
Director	Marta Bavasso	1969	29/06/2022	29/06/2022	statements as	N/A	N/A	-	X	X	X	1	14/19
					at 31/12/2024
					Appr. financial
Director	Federica	1971	10/11/2023	10/11/2023	statements as	N/A	N/A	-	X	X	X	0	15/19
	Casalvolone				at 31/12/2024
					Appr. financial
Director	Gabriele	1950	10/11/2023	10/11/2023	statements as	N/A	N/A	-	X	X	X	1	17/19
	Albertini				at 31/12/2024
DIRECTORS WHO LEFT OFFICE DURING THE YEAR
N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Number of meetings held during the reference year: 19
Indicate the quorum required for the submission of lists by minorities for the election of one or more members (pursuant to Article 147-ter of the TUF): 2.5% of the share
capital

structure of the board committees at the year-end date

Board of Directors		Appointments Committee	and Remuneration	Control, Risk and Sustainability Committee:
Position/Qualification	Members	(*)	(**)	(*)	(**)
Chairperson	Maurizio Dallocchio	N/A	-	N/A	-
Deputy Chairperson	Mauro Selvetti	4/4	M	12/13	M
Chief Executive Officer	Massimo Gianolli	N/A	-	N/A	-
Director	Leonardo Luca Etro	N/A	-	N/A	-
Director	Maria Luisa Mosconi	4/4	C	13/13	C
Director	Annalisa Raffaella Donesana	4/4	M	11/13	M
Director	Marta Bavasso	N/A	-	N/A	-
Director	Federica Casalvolone	N/A	-	N/A	-
Director	Gabriele Albertini	N/A	-	N/A	-
		ANY MEMBERS WHO ARE NOT DIRECTORS
Manager of the Issuer/other	0	0	0	0	0
Number of meetings held during the reference year	ARC: 4		CRSC: 13

(*) This column indicates the attendance of the directors in the meetings of the committees (indicate the number of meetings attended with respect to the total number of meetings that could have been attended; e.g. 6/8; 8/8 etc.).

(**) This column indicates the position of the director within the committee: "C": Chairperson; "M": member.

structure of the Board of Statutory Auditors at the year-end date

Office	Members	Year of birth	Date of first appointment (*)	In office since	In office until	List (M/m) (**)	Indep. Code	No. of other offices (***)	Attendance of Board meetings (****)
Chairperson	Paolo Francesco Maria Lazzati	1958	29/06/2017	29/06/2022	Appr. financial statements as at 31/12/2024	N/A	X	29	11/11
Standing Auditor	Marco Carrelli	1985	08/03/2022	29/06/2022	Appr. financial statements as at 31/12/2024	N/A	X	5	11/11
Standing Auditor	Maria Enrica Spinardi	1960	08/03/2022	29/06/2022	Appr. financial statements as at 31/12/2024	N/A	X	13	11/11
Alternate Auditor	Andrea di Giuseppe Cafà	1970	24/03/2020	29/06/2022	Appr. financial statements as at 31/12/2024	N/A	X	6	N/A
Alternate Auditor	Luca Zambanini	1974	24/03/2020	29/06/2022	Appr. financial statements as at 31/12/2024	N/A	X	14	N/A
STATUTORY AUDITORS WHO LEFT OFFICE DURING THE YEAR
N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Number of meetings held during the reference year: 11
Indicate the quorum required for the submission of lists by minorities for the election of one or more members (pursuant to Article 148 of the TUF): 2.5% of the share capital

(*) The date of first appointment of each statutory auditor means the date on which the statutory auditor was appointed for the first time (ever) to the Board of Statutory Auditors of the Company.
(**) This column indicates whether the list from which each auditor was drawn is "majority" (indicating "M"), or "minority" (indicating "m").
(***) This column indicates the number of offices as director or auditor held by the person concerned pursuant to Article 148-bis of the Consolidated Law on Finance and the related implementing provisions contained in the CONSOB Issuers' Regulation. The complete list of offices is published by CONSOB on its website pursuant to Article 144-quinquiesdecies of the CONSOB Issuers' Regulation.
(****) This column indicates the attendance of the auditors in the meetings of the Board of Statutory Auditors (indicate the number of meetings attended with respect to the total number of meetings that could have been attended; e.g. 6/8; 8/8 etc.).

Main characteristics of the existing risk management and internal control systems in relation to the financial reporting process

1.THE METHODOLOGICAL MODEL OF GENERALFINANCE S.P.A.

The Methodological Model identified by Generalfinance S.p.A. to monitor the risk of incorrect financial reporting, in line with the aforementioned reference frameworks, includes different areas of analysis according to the following dimensions:

Internal company level controls (CLC)
Controls of administrative and financial processes
Controls on IT governance.

In detail, the model provides for the presence of:

an adequate system of internal controls at functional company level, aimed at reducing the risks of errors and incorrect behaviour for accounting and financial reporting purposes, such as adequate risk management processes, adequate codes of conduct, effective organisational structures, clear models for the assignment of powers and responsibilities, adequate information and communication system;
adequate control processes for the production of accounting and financial reports;
controls on the governance of the technological infrastructure and of the applications relating to the administrative and financial processes.

The model also makes provision for the half-yearly verification of the adequacy and effective application of the internal control system which monitors the Company's financial reporting.

1.1 The macro phases relating to the audit of the internal control system

The macro phases relating to the audit of the internal control system are divided, based on the structure of the financial reporting internal control system, into:

pervasive controls at company level. In particular, the establishment and maintenance of pervasive controls at company level are in preparation for and complementary to the establishment and maintenance of controls on the processes that directly or indirectly contribute to the drafting of financial reports, and which are the specific object of administrative and accounting procedures. These controls in the model adopted by Generalfinance S.p.A. refer to:
- o Company Level Control (CLC): controls relating to compliance with general rules in the conduct of the company, such as rules, regulations and control mechanisms;
- o IT General Control (ITGC): general rules for the governance of technologies and application developments key to the production of financial reporting;
specific controls at process and/or individual financial statement item level (Process Level Control).

1.2 The internal structures involved in the methodological model of Generalfinance S.p.A.

Below are the main roles and responsibilities of the functions involved in the methodological model adopted by the Company as described in this Manual, with reference to the management of Generalfinance S.p.A.:

Board of Directors (hereinafter also BoD):
- is the administrative body responsible for the establishment and effective operation of the internal control system;
- approves the Manual and its subsequent updates, subject to the opinion of the Board of Statutory Auditors and of the Control, Risk and Sustainability Committee;
- ascertains that the Financial Reporting Manager has adequate powers and means to exercise the tasks assigned to them, as well as the effective compliance with administrative and accounting procedures;

approves the 262 audit plan and, in particular, the materiality thresholds proposed by the Company's Financial Reporting Manager and the resulting relevant scope;
examines the reports prepared by the Offices/Control Owners to support the periodic certifications of the Chief Executive Officer and the Financial Reporting Manager.
Chief Executive Officer (hereinafter also "CEO") of Generalfinance S.p.A.:
- certifies, with a specific report on the financial statements, on the condensed consolidated half-yearly financial report, together with the Financial Reporting Manager of Generalfinance S.p.A. (see in particular what is described below in paragraph 9. "Issue of periodic certifications").
Financial Reporting Manager (hereinafter also "FRM") of Generalfinance S.p.A.: prepares adequate administrative procedures for the preparation of the financial statements of Generalfinance S.p.A. as well as all other financial communications of the company21. In this context:
- is responsible for the drafting and updating of this Manual, which it submits for approval to the Board of Directors;
- supports management in identifying and assessing financial reporting risks and identifies the related monitoring key controls;
- defines and updates on an annual basis the levels of materiality, the scope of investigation relating to the significant financial statement items ("scoping" phase);
- defines the independent monitoring plan and agrees on the test procedures/verification activities;
- receives extracts from the minutes of the Board of Directors that are relevant for the purposes of the certifications (on a need to know basis) and any other relevant documentation for the purposes of financial reporting;
- receives the summary reports on the control activities of the other independent functions;
- assesses any deficiencies identified in the financial reporting internal control system and establishes specific Remediation Plans;
- prepares an annual and a half-yearly report on the assessment of the financial reporting control system of Generalfinance S.p.A. to support the issue of the certifications and submits it, after examination by the Control, Risk and Sustainability Committee/Board of Statutory Auditors/Internal Control, to the Board of Directors;

²¹ See Article 154 bis of Italian Legislative Decree 58/98.

certifies with a specific report on the financial statements, together with the CEO of Generalfinance S.p.A., as described below in paragraph 9. "Issue of periodic certifications";
certifies that the deeds and communications of Generalfinance S.p.A. disclosed to the market, and relating to the accounting information (including interim reports) of the company, correspond to its documentary results, books and accounting records.
Head of ICT and Organisation Department (Chief Information Officer):
- identifies and assesses the risks on financial reporting for the processes under its responsibility, and oversees the establishment and maintenance of the 262 key controls, with reference to IT General Controls;
- carries out its verification and monitoring activities by assessing the design and operations of the IT General Controls and issues a periodic certification letter to the Financial Reporting Manager (see in particular what is described below in paragraph 7 "Information flows to support periodic certifications: the system of cascading certifications");
- supports the Financial Reporting Manager in assessing the deficiencies of IT General Controls.

1.3 The formalisation of the processes related to the production of financial reporting

The formalisation of the processes identified as significant is a prerequisite for the subsequent verification of the adequacy of the internal control system. The formalisation of the processes related to the production of financial reporting must include:

the description of the activities into which the processes are structured;
the recognition of risks within the aforementioned processes, which threaten the adequacy of the accounting data (i.e., threaten compliance with financial assertions);
the identification of the controls put in place to monitor the risks identified.

The diagram in the figure below details the activities, risks and related controls to monitor the risks that the formalisation of the processes must include.

In particular, the monitoring of the risks of violation of financial reporting, inherent in the life cycle of the accounting data, is attributable to compliance with the financial assertions22, which the international reference standards define as the requirements that each account/financial statements

²² Process risks may refer to the following assertions:

a) assertions relating to classes of transactions and events in the administrative period:

i. manifestation: the transactions and events that have been registered have occurred and concern the company;

disclosure must ensure to fulfil the legal obligations. The identification of financial reporting risks and the controls put in place must be guided by the relationship with the financial assertions: in fact, the business processes must be designed with controls that guarantee their compliance.

As part of the processes, the "key controls" (primary key controls) must be identified on the basis of the administrative and accounting risks, i.e. those controls whose absence involves the risk of a material error or fraud in the financial statements, or in general in the financial reporting, which cannot be identified by other controls. The following are considered key controls:

they are used to mitigate activities that present a high level of risk;
contribute decisively to reducing the risk of incorrect financial reporting to an acceptable level.

The identification of the "key" controls responsible for mitigating financial reporting risks is an essential step in the assessment phase of the controls aimed at defining their suitability to mitigate the risks identified.

The control must be formalised by reporting the following information:

control owner: identification of the person responsible for carrying out the controls;
description of the control;
control attributes, namely:
- i. methods of execution: indication of the methods of carrying out the control (automatic/manual);
- ii. frequency: indication of the frequency of performance of the control (event-based/daily/weekly/monthly/quarterly/half-yearly/annually);

ii. completeness: all transactions and events that should have been recorded have actually been recorded;

iii. accuracy: the amounts and other data relating to transactions and events recorded have been appropriately recorded;

iv. accrual: the transactions and events were recorded in the correct administrative period;

v. classification: the transactions and events were recorded in the appropriate accounts;

b) assertions relating to the accounting balances at the end of the administrative period:

i. existence: the assets, liabilities and shareholders' equity exist;

ii. rights and obligations: the company owns, or controls, the rights on the assets, while the liabilities are effectively obligations of the company;

iii. completeness: all assets, liabilities and shareholders' equity that should have been recorded have actually been recorded;

iv. valuation and classification: the assets, liabilities and shareholders' equity are shown in the financial statements for an appropriate amount and any valuation or classification adjustment has been correctly recorded;

c) assertions relating to the presentation and disclosure of the financial statements:

i. manifestation, rights and obligations: the events, transactions and other aspects represented have occurred and concern the company;

ii. completeness: all information that should have been included in the financial statements has actually been included;

iii. classification and comprehensibility: the financial information is presented and described in an appropriate manner and the information is presented clearly;

iv. accuracy and valuation: the financial information and other information is presented correctly and for their exact amount.

iii. check evidence: indication of the documentation supporting the controls, also in order to allow third parties to retrace the activities carried out, where required.

The verification of the adequate formalisation of the processes, as described, concerns all the processes identified as relevant for the purposes of the reliability of financial reporting. An inadequate formalisation of the processes constitutes, in itself, a deficiency in the financial reporting internal control system, which requires the adoption of corrective action plans.

The Financial Reporting Manager verifies the formalisation of the relevant processes of the companies within the scope with the related identification of the risks of incorrect financial reporting and the related controls, as an initial condition for proceeding with the assessment of the internal control system overseeing financial reporting.

2.COMPANY LEVEL CONTROLS

The reference model identified by Generalfinance S.p.A. provides for the presence, as a pervasive control, of a system of internal controls at company level (Company Level Controls, "CLC") aimed at reducing the risks of errors and incorrect behaviour for the purposes of accounting and financial information.

The maintenance and management of the documentary system, in terms of formalisation and updating of the policies, regulations and other documents forming part of the CLCs, is carried out by the managers of the corporate functions responsible for the area, according to the organisational structure of Generalfinance S.p.A. and in line with the guidelines defined by the Financial Reporting Manager.

The model, in particular, provides for the continuous verification of the presence of governance systems at corporate level. The analysis of the CLCs is carried out with the comparison technique ("benchmarking") with respect to reference normal practices defined or referred to by institutional bodies (e.g. the Corporate Governance Code) or with international best practices adopted by comparable entities.

2.1Assessment of company controls of the administrative accounting model

The assessment of the CLCs is carried out through the annual completion of a self-assessment questionnaire (checklist) by the Financial Reporting Manager, in agreement with the Risk Management Office, on the various aspects that are key to the existence of an effective financial reporting internal control system.

The questionnaire is aimed at supporting the verification of the CLCs through a self-diagnosis of the main components of the internal control system,

understood as the set of rules, functions, structures, resources, processes and procedures that aim to ensure, in compliance with sound and prudent management, the achievement of the following objectives:

verification of the implementation of company strategies and policies;
reduction of the risk within the limits indicated in the reference framework for the determination of the risk appetite of Generalfinance S.p.A.;
safeguarding the value of assets and protection against losses;
effectiveness and efficiency of business processes;
reliability and security of company information and IT procedures;
prevention of the risk that the Company may be involved, even involuntarily, in illegal activities;
compliance of transactions with the law and supervisory regulations, as well as internal policies, regulations and procedures.

If the results of these activities highlight the presence of anomalies, they must be investigated, in terms of nature and content, in order to assess the potential impacts on the administrative and financial processes and provide appropriate documentation in the self-assessment.

3.CONTROLS OF ADMINISTRATIVE AND FINANCIAL PROCESSES

With reference to the administrative/financial processes that directly contribute to the formation of economic and capital balances, the development and subsequent verification of the adequacy and effective application of controls on financial reporting risks involves the systematic application of the following activities:

i. Scope of investigation and identification of significant items.

A. identification of significant financial statement items. In determining the significant financial statement items, as well as for the relevant companies, the quantitative analysis is integrated with a "risk driven" methodology. The application of this methodology makes it possible to differentiate the analysis approaches according to the risk attributed to the processes relating to the financial statement items, and therefore to direct audit activities at the processes characterised by a higher degree of risk;
B. reconciliation of processes to significant financial statement items.

ii. Assessment of the design and operational effectiveness of key controls. This assessment starts from the documentation of the processes and the related risks and controls and ends with the verification of the effective and continuous application of controls by the operating structures.

The objective of this activity is to identify the processes, risks and controls underlying the relevant information in the financial statements, in order to allow the Financial Reporting Manager to express an opinion on the adequacy and effective application of the administrative and accounting procedures that govern the formation of the financial reporting, as well as on their suitability to provide a true and fair view of the equity, economic and financial situation of Generalfinance S.p.A.

A. Identification of significant financial statement items

The significance of the accounting information is assessed with reference to the possible effect that its omission or misrepresentation may determine the decisions of the stakeholders to whom it is communicated through the financial statements.

The identification of significant financial statement items, as well as the definition of the relevant companies, is based on both quantitative and qualitative criteria.

Ai) Identification of quantitatively significant financial statement items - definition of the Materiality threshold

The quantitative selection of the financial statement items is carried out on the basis of the data of the last approved financial statements and/or quarterly/half-yearly financial report, identifying a Materiality threshold.

For the purposes of determining the materiality threshold, the carrying amount of the Company's Shareholders' Equity was defined as the reference benchmark, net of the profit for the period, prudently reduced by the relevant amount also by virtue of the dividend income distribution policy applied by the Company.

The carrying amount of shareholders' equity is a fundamental parameter for a company, given the importance of the capital base in terms of the ability to operate and the obligation to maintain over time the prudential requirements for supervisory purposes that are linked to this component. This figure guarantees greater stability over time with respect to other metrics that may also be applicable in light of the listing. Lastly, in the context of listed companies operating in the financial sector, shareholders' equity is a reference figure, together with pre-tax profit, for all stakeholders. Therefore, the materiality threshold was determined as follows:

= 3% × ℎℎ′

For the purposes of defining the percentage to be applied to the chosen benchmark, as there are no specific regulatory guidelines, taking into adequate consideration the main market normal practices applied by listed companies operating in the financial sector and international Audit standards, owing to the amount of shareholders' equity, a percentage range between 1% and 3% was identified. Considering that i) the Company's financial statements have never been affected by significant errors, ii) there is no knowledge of fraud and/or attempted fraud perpetrated against the Company, iii) no deficiencies have been identified in the internal control system by the control functions and the Board of Statutory Auditors, it was deemed appropriate to apply a percentage of 3% to the shareholders' equity benchmark.

As part of this calculation methodology, the company also envisages the definition of a supporting benchmark, calculated on the basis of the pre-tax profit taken from the last approved financial statements and/or quarterly/half-yearly financial report, in order to validate the reasonableness of the materiality threshold defined previously, on the basis of its professional judgment.

A.ii) Identification of qualitatively significant financial statement items

Having identified the significant items with respect to the materiality threshold identified, qualitative analyses must be carried out, which supplement the quantitative analyses, in order to select those financial statement items that, although presenting values below the materiality limits, are significant on the basis of the qualitative considerations23. The selection is carried out on the basis of a risk-driven approach that takes into account factors linked both to the nature of the financial statement item and to the risk factors related to the data input processes of said same financial statement items, through the assignment of a different degree of risk to processes. The drivers identified are the following(24):

likelihood & magnitude, i.e. the probability of occurrence of an error25 and the quantification of its impact;
nature, volume of activity, complexity and heterogeneity of transactions processed in the item;

²³ This activity is particularly relevant with reference to financial statement items where the error is linked to an underestimation of the item (e.g. provisions for risks).

²⁴ In defining these factors, the guidelines of the ISA (International Standards on Auditing) were also considered.

²⁵ The likelihood, or the probability of occurrence, is quantifiable on the basis of the combination of:

^- complexity, i.e. the difficulty of executing a flow of activities from a technical, conceptual and/or operational point of view;

^- experience, competence and level of automation, i.e. the professional skills of the performer and quality of the instruments.

probability or possibility of significant contingent liabilities due to the company's operations;
fraud, i.e. the presence of the risk of fraud within a process;
estimates and valuations, i.e. the presence of items subject to valuation where it is possible to include the formulation of accounting estimates in which there is a significant degree of uncertainty in the quantification;
unusual transactions, or the presence of any non-routine transactions, not in line with the normal operations of the company;
complexity/change in the accounting standards associated with the item;
anomalies found/critical issues in financial reporting during the previous year. In particular, in the qualitative assessment of each process, a risk level is assigned according to the results of the tests carried out on the controls in the previous period;
level of stability of the processes, depending on the organisational, IT and strategic changes that took place during the reference period and with any impacts on the administrative and accounting procedures for the preparation of the financial statements and any other financial information (for example, migration of information systems, corporate reorganisation, changes in accounting rules, corporate transactions, etc.);
anomalies/risks identified by the other control functions and which are deemed relevant for the purposes of identifying events that may jeopardise the correctness of the financial reporting.

The above is summarised and represented as follows:

The Financial Reporting Manager identifies the qualitatively relevant items.

B.iii) Identification of relevant financial statement items - determination of coverage thresholds

In order to ensure the relevance of the scope of investigation identified through the scoping process of the financial statement items referred to in point B.ii) above, a check is carried out to ensure that the sum of the items excluded from the scoping process is lower than the materiality threshold defined in paragraph Ai) above. If this threshold is exceeded, the excluded financial statement items are supplemented so as not to exceed the preestablished maximum threshold.

B.iv) Identification of the relevant financial statement items - conclusion of the process

Once the scope of the items that are qualitatively/quantitatively relevant for the current financial year has been defined, at the beginning of each year the Financial Reporting Manager prepares the appropriate report for the Board of Directors and the control bodies.

C. The association of processes with significant financial statement items

The last step in the definition of the material perimeter is represented by attributing the processes to the significant items of the Balance Sheet, and the related significant items of the Income Statement. For all companies found to be significant in the scoping process, the processes and the related 262 key controls that have an impact on the significant financial statement items are identified.

The association of the significant accounts - identified in the determination of the scope of investigation - to the underlying business processes through the construction of an account/process matrix requires an in-depth analysis of the organisation of the Company's accounts plan and the procedures that provide data to the latter.

The first functional activity in order to input data to the matrix is the updating of the process tree. Once the process tree has been defined, we proceed with the intersection of the relevant accounts, previously identified, with the identified processes.

The association is made between the accounts in scope and the business processes whose operations determine the data input of the accounts themselves.

In identifying the material business processes, those processes are also considered which, although not providing data to a specific account, are key

for the purposes of preparing financial reporting (for example, the process of preparing the Report on Operations, which is subject to specific certification by the Financial Reporting Manager).

The methodological approach of Generalfinance S.p.A. envisages the inclusion in the scope of investigation of the processes according to their riskiness. As a rule, all processes assigned a high/medium degree of risk26 are included in the scope of investigation.

As part of this phase, the adequacy of the documentary system is also analysed (formalisation of the processes) through the verification of the adequacy of the relevant administrative and accounting procedures. This check is carried out through verification of the controls of the financial reporting risks inherent in the life cycle of the accounting data:

association between accounts and activity flows;
assessment of the risks identified during the process formalisation phase;
identification of the key controls in place to monitor the risks identified.

The Financial Reporting Manager defines the accounts/processes matrix and the association with the significant processes of their degree of risk. Due to their specific relevance for the purposes of the correct representation of financial reporting, the inclusion of Financial Reporting processes is always envisaged.

D. Conclusions of the process of defining the scope of investigation

For a better understanding of the scoping process, a summary of the main steps is provided below:

1. Definition of materiality: definition of the reference benchmark and the applicable percentage;
1. Scoping of financial statement items: identification of quantitatively and qualitatively significant financial statement items;
1. Risk Assessment: identification of the risks associated with significant financial statement items
1. Control Assessment: mapping of the controls associated with the processes identified as significant

²⁶ With regard to the factors for assessing the degree of risk, please refer to paragraph A.ii).

3.1 Evaluation of the design of the controls (Test of Design)

The methodological system applied by the company requires the assessment of the design of the controls to be based on the professional judgment of the Financial Reporting Manager, supported by the individual process owners27, also following reports

directly received from the control owners, according to the guidelines defined by the Manual, in relation to the individual cases and the specific characteristics of the process.

The factors to be considered to verify the level of adequacy of the control as part of the Test of Design are summarised in the following table.

Analysis dimensions	Description
Control activities	Ability to cover financial assertions by the
	key control
Control instruments	Adequacy of the instruments used to carry
	out the control
Nature of the control	The level of automation of the control
	activity can be a factor with a high impact
	on its effectiveness
Control frequency	The effectiveness of the control is also
	influenced by the frequency with which it
	takes place
Check evidence	A further element of judgment on the
	effectiveness of the control is its evidence,
	i.e. the ability of the person carrying out
	the control to document it.
Assignment and traceability	of The controls must be clearly attributed to

²⁷ As a rule, these are the Heads of the Corporate Functions involved in the model and its application

roles/responsibilities	the personnel who carry them out

Taking into account the critical issue of the role played, in order for the design of the key controls to be considered effective, where possible, the party carrying out the activity subject to control (activity owner) must be different from the party who carries out the control itself (control owner).

Based on the assessment of the above indicated factors, the design of a control can be assessed as "effective", "partially effective" or "ineffective" in achieving the individual control objectives:

effective: control that makes it possible to independently cover the associated risk of incorrect financial reporting (all factors considered are assessed as adequate);
partially effective: covering the assertion/associated risk in combination with other controls, e.g. offsetting controls (at least 1 factor was assessed as partially adequate);
ineffective: it does not allow, either independently or in combination with other controls, the coverage of the associated risk (at least 1 factor was assessed as inadequate, with the exception of check evidence whose assessment of inadequacy in the presence of adequacy for all other factors determines partial adequacy).

The Financial Reporting Manager and the related Process Owners/Function Heads assess the effectiveness of the design of the key controls identified in the coverage of risks and associated assertions for the relevant processes of the companies in scope. This assessment is formalised in a specific form.

Assessment of the operational effectiveness of key controls (Test of Operating Effectiveness)

The Tests of Operating Effectiveness (TOE) are aimed at assessing the effective application, during the reference period, of the administrative and accounting procedures for the preparation of the financial statements and any other financial information with particular reference to the verification of the effective application of the key controls, identified and assessed in the Test of Design (TOD) phase. The activity consists of verifying the operational effectiveness of the control activities in accordance with the provisions of the documentary system (formalisation of processes).

The execution of ToE activities is in any case subject to the positive outcome of the previous audits.28 The execution of the Test of Operating Effectiveness consists of the following three phases:

A. Sampling.

The execution of the TOE requires prior sampling, for the implementation of which the adoption of techniques consistent with international Audit standards is envisaged. In particular, the size of the sample to verify the TOE of a control is defined on the basis of the frequency with which the control is implemented, based on what is reported in the table below:

Sample size per TOE
---------------------	--	--	--	--	--

Type	Frequency	Number of Items	Number of items
			that cause the test
			to fail
Manual	Event-based	25	1
Manual	Daily	15	1
Manual	Weekly	5	1
Manual	Monthly	2	1
Manual	Quarterly	1	1
Manual	Half-yearly	1	1
Manual	Annually	1	1
Automatic	All	1	1

The size of the sample can be periodically partially revised following qualitative considerations (complexity of the control, necessary skills, impact of any changes, level of assessment subjectivity, importance of control).

In the case of several items, the execution of the TOEs must guarantee that the controls are carried out during the time interval to which the

²⁸ By way of example, in the presence of TODs that show a negative judgment, the activities on the process are completed in full as the control designed, even if effective and correctly carried out, would not be able to limit the risks.

certification that must be produced pursuant to Italian Law 262/2005 refers. Therefore:

the items that make up the sample must be distributed over the entire reference period;
in the event of changes during the year of the documentary and application system, the adequacy and effective application of the administrative and accounting procedures of both the "old system" (up to the date of termination) and the "new system" (from the date of activation) must be ensured without interruption within the period subject to certification pursuant to Italian Law 262/2005;
B. Verification of the operational effectiveness of the control;

The TOE is carried out according to techniques that lead to a confirmation of the control activity carried out. The approaches used in the execution of the TOE are shown below, in order of increasing reliability, which can be used individually or in combination:

Interviews: the operational personnel involved in the process are interviewed by the party carrying out the TOE to understand whether the control is working effectively;
Observations: the party carrying out the TOE observes the operational personnel involved in carrying out the transactions and the related controls;
Documentation inspection: the party carrying out the TOE carries out an inspection of the documentation and reporting that highlights the actual operation of the control;
Re-execution: the party that carries out the TOE re-executes the control to determine whether it is carried out in accordance with what is described;
C. Identification of any anomalies.
In order to complete the TOE activities, the person carrying out the audit must report any anomalies or findings that have come to light during the activities.

3.1.1 The execution of the independent monitoring plan and test procedures defined by the Generalfinance S.p.A. model

The control owner is asked to attach one or more items of check evidence depending on the frequency of the control (within the month following the reference period of the control), based on the table "Sample size per TOE". If it is not possible to attach the digital check evidence, the necessary guidelines are provided for the identification of the paper documentation taken into consideration.

The audit activities are carried out according to the "self-assessment" methodology, i.e. through the verification of the items of check evidence by

the same control owner/process owner, with any support staff responsible for the reference organisational area.

The Financial Reporting Manager verifies, by obtaining the Audit Activity Reports completed by the individual control owners/process owners, the archiving of the items of check evidence of the key controls to monitor the risks of incorrect financial reporting selected according to the defined annual plan.

The audit activities and the related assessment of the results of the monitoring activities are formalised through the compilation of a key control form and then summarised in a specific section of the Report on the internal control system key to the financial reporting of Generalfinance S.p.A.

At the end of each monitoring initiative, the Financial Reporting Manager assesses the results and, in the presence of anomalies and findings, prepares corrective action plans, and communicates them to the Process Owners, Control Owners, Function Heads involved in the monitoring on the basis of their processes/controls of competence.

Lastly, it should be noted that, as part of its third-level audit activities, the Group Audit Function reports to the Financial Reporting Manager the outcome of the sample audits carried out on the tests carried as part of the self-assessment, through a specific report.

4.IT GENERAL CONTROLS (ITGC)

The reference model identified by Generalfinance S.p.A. makes provision for the presence of governance of the IT component for reducing the risks of errors and incorrect behaviour for accounting and financial information purposes.

The IT General Controls ("ITGC") are pervasive controls that make it possible to assess the minimum level of security that must be ensured in the design and management of an IT system (security baseline), in order to ensure the confidentiality, integrity and availability of administrative and accounting information, or to guarantee the correctness and completeness of electronic processing. In particular, the ITGCs aim to monitor the risks associated with the operations of data processing centres, the development and maintenance processes of application programs, data and program security and application and data access policies.

Each relevant company defines and implements, for all relevant IT systems (i.e. associated with the relevant accounts as identified in paragraph 5.1 letter C) above), its ITGCs on the basis of the requirements expressed by the main frameworks currently recognised in terms of assessment of

internal control systems on IT (COBIT), which envisages four fundamental areas of analysis (or domains):

development of application systems (program development): the systems are developed, configured and implemented in order to achieve the company objectives;
maintenance of application systems (program changes): changes to applications and technologies are appropriately requested, with adequate priority and are carried out, tested and implemented in accordance with management objectives;
data and program security (access to programs and data): access to programs and data is limited exclusively to authorised user accounts after user authentication;
IT systems operations (computer operations): the processing operations on the systems in production are carried out completely and accurately in line with management objectives and the processing problems are identified and resolved to ensure data integrity.

The activity of establishing, maintaining and evaluating the ITGCs is carried out by the managers of the IT functions in line with the organisational structure of Generalfinance S.p.A.

The IT Function issues a specific certification to the Financial Reporting Manager in relation to the correct functioning of the IT processes and controls.

5.INFORMATION FLOWS SUPPORTING THE EVALUATION: THE CASCADING CERTIFICATION SYSTEM

For the purposes of issuing the certification by the Financial Reporting Manager and the Chief Executive Officer pursuant to Article 154-bis of Italian Legislative Decree 58/98, Generalfinance S.p.A.'s administrative and financial governance model provides a "Cascading certification system", which attributes the obligation of issuing a specific certification by:

1. the management of Generalfinance S.p.A., to different levels of the organisation, which is responsible for collecting and providing to the Company's Financial Reporting Manager and the Chief Executive Officer relevant information for the preparation of financial reporting;
1. the IT Function in relation to the proper operation of ITGCs.

6.ASSESSMENT OF ANOMALIES AND FINDINGS

In order to express the overall judgement of the financial reporting internal control system, the Financial Reporting Manager, with the support of

Internal Audit, analyses the anomalies and findings identified (and not remedied by compensatory controls, activation of specific action plans, etc.) to assess the potential impact on financial reporting and the related probability of occurrence.

The assessment of anomalies and findings is carried out on the basis of the risks associated with financial reporting and takes into account:

quantitative elements, such as the potential impact of the deficiency on financial reporting in terms of the amount of the financial statement item, and
qualitative elements (nature of the account, cause and frequency of the deficiencies identified, subjectivity or complexity required in determining the amount, etc.) potentially capable of impacting the probability of occurrence of the misleading statement on financial reporting.

The anomalies and findings must be assessed individually and, subsequently, in the aggregate by financial statement item and/or component of the financial reporting internal control system in order to determine whether, in aggregate, there are profiles of greater significance.

On the basis of these elements, the assessment process determines the classification of anomalies and findings into one of the following categories:

significant deficiency: control deficiencies or a combination of several deficiencies such as to determine a reasonable possibility that errors or fraud will not be prevented or promptly identified which, albeit not significant, are such as to deserve the attention of the persons in charge to supervise the preparation of the financial statements;
material weakness: control weaknesses or a combination of several weaknesses that give rise to a reasonable possibility that material errors or fraud in the financial statements will not be prevented or identified in a timely manner;
minor deficiency: control deficiencies or a combination of several deficiencies in design and operations which, in consideration of the remote probability of occurrence and/or of little relevance in terms of impact on financial reporting, are not such as to determine errors or fraud that deserve the attention of the persons responsible for supervising the preparation of the financial statements.

In the presence of significant deficiencies and material weaknesses, corrective action plans must be defined that aim to manage them. Corrective action plans are generated in the presence of:

inadequate formalisation of processes (e.g. lack of one or more key controls based on the financial assertions to be covered);
inadequacy or partial adequacy of the key control design (TOD);
failure of the key control effectiveness test (TOE);

and must provide for the activation of a structured process that, through specific monitoring events, leads to effective strengthening of the control units through the involvement and accountability of the competent process owners and, therefore, the rectification of the deficiency identified.

The anomalies and findings that determine significant deficiencies and material weaknesses and the related corrective action plans, including the relative progress, must be reported in the "Report on the internal control system functional for financial reporting of Generalfinance S.p.A." (see next paragraph 9.).

7.ISSUE OF PERIODIC CERTIFICATES

The information base that feeds the assessment of the financial reporting internal control system of Generalfinance S.p.A. includes:

the results of the audits on the internal control system;
the results of the audits on the governance of the technological infrastructure and of the applications relating to the administrative and financial processes;
the results of the control activities carried out by the individual process/control owners;
the statements of the management of Generalfinance S.p.A. regarding the line activities carried out and the contribution to the preparation of the financial reporting;
the certification issued by the IT Function regarding the correct functioning of the ITGCs;

The Financial Reporting Manager, once the activities have been completed and the information base as above has been consolidated, presents the results of the assessment of the administrative and financial processes through the preparation of a report that documents the adequacy and effective application of the administrative and accounting procedures ("Report on the financial reporting internal control system of Generalfinance S.p.A.").

The report contains the following information:

Document	Contents
Report on the	Descriptive document reporting:
financial reporting	▪ the scope of processes analysed
internal control	▪ the activities carried out
system of	▪ the conclusions regarding the adequacy and effective operation of
Generalfinance	the controls
S.p.A.	In addition, where applicable:

▪	the anomalies found with evidence of the priority ones;
▪	the progress of the corrective activities;
▪	the areas of improvement.

After examination by the Board of Statutory Auditors, the Report on the financial reporting internal control system of Generalfinance S.p.A. is submitted to the Board of Directors of Generalfinance S.p.A. for its acknowledgement.

The assessment of the adequacy and effective operation of the controls outlined in the Report allows the Financial Reporting Manager and the Administrative Body of the Company to prepare the declarations and/or certifications required by paragraphs 2 and 5 of Article 154-bis of the Consolidated Law on Finance.

In particular, the Financial Reporting Manager certifies, together with the CEO of Generalfinance S.p.A., with a specific report on the financial statements:

the adequacy and effective application of the procedures during the period to which the documents refer;
that the documents are prepared in compliance with the applicable international accounting standards recognised in the European Community;
that the documents correspond to the results of the accounting books and records;
that the documents are suitable to provide a true and fair view of the equity, economic and financial situation of Generalfinance S.p.A.;
that the report on operations includes a reliable analysis of the operating performance and result, as well as of the situation of Generalfinance S.p.A., together with a description of the main risks and uncertainties to which they are exposed.

Recommendations contained in the Letters of the Chairperson of the Corporate Governance Committee sent to issuers starting from 2020.

Macro-theme	Corporate Governance Code		Date of the Letter	Text of the recommendation contained in the
				Letter
				An evaluation of the classification of the company
Principle of proportionality	Definitions		December 2021	with respect to the categories of the code and the
				feasible simplification options for "non-large"
				and/or "concentrated" companies, as well as an
				adequate indication of the choices made are
				recommended.
				Companies are recommended to provide adequate
			December 2021	and concise information in the corporate
				governance report […] on the approach adopted in
Dialogue with other stakeholders	Principle IV			promoting dialogue with relevant stakeholders.
				The Committee invites companies to provide, in
			January 2023	their Corporate Governance Report, adequate
				information on the criteria and methods with which
				the management body has promoted dialogue with
				other relevant stakeholders.
	Recommendation 1	December		The Committee invites the Boards of Directors to […] integrate the sustainability
		2020		of the business activities in the definition of the strategies of the internal control
				and risk management system and the remuneration policy, also on the basis of
				a relevance analysis of the factors that may affect the generation of value in the
Sustainable success			long-term.

	Principle I	December		It is recommended that companies provide adequate and concise information
		2021		in the corporate governance report on the methods adopted for the […] pursuit
			[of sustainable success].

				The Committee invites companies to provide adequate disclosure on the
	Recommendation 1	December		involvement of the management body in the examination and approval of the
		2023		business plan and in the analysis of the relevant issues for the generation of
			long-term value.
				The Committee invites the companies to provide
				adequate disclosure, in the proposals of the
Increased voting rights	Recommendation 2		December 2023	administrative body to the Shareholders' Meeting
				on the introduction of the increased voting rights,
				of the purposes of the choice and of the expected
				effects on the ownership and control structures and
				on future strategies and to provide adequate
				justification of any lack of disclosure of these
				elements.
				[…] It is recommended to provide brief information
			December 2021	on the content of the policy on dialogue with the
				shareholder base, without prejudice to the
				opportunity to publish it in full or at least in its
				essential elements on the company website.
				The Committee invites companies to adopt a policy
				of dialogue with shareholders that also provides
Policy on dialogue with shareholders	Recommendation 3			the possibility for this to be commenced on the
				initiative of investors, defining graded methods and
				procedures, based on the principle of
			January 2023	proportionality, according to the characteristics of
				the company in terms of size and ownership

			structure.

			The Committee invites companies to evaluate the
			opportunity to provide information, in their
			corporate governance report, on the most
			significant issues that have been the subject of
			dialogue with shareholders and on any initiatives
			adopted to take into account the indications that
			have emerged.
			The Committee invites companies in which the
		January 2023	Chairperson is assigned significant management
			powers to provide, in the Corporate Governance
	Recommendation 4		Report, adequate reasons for this choice, even if
			the Chairperson is not qualified as CEO.
Chairperson with relevant powers			[…] Companies are invited to provide all necessary
			information on the methods of application of
		December 2024	Recommendation 4, taking into account that the
			lack of an adequately reasoned explanation of the
			choice to grant the Chairperson significant
			management powers (whether the CEO or not)
			may constitute non-application of
			Recommendation 4 of the Code. In the event of
			actual non-application, therefore, companies are
			invited to clearly indicate this in the corporate
			governance report, illustrating: the reasons, how
			the decision of non-application was taken within
			the company and how it intends to ensure
			compliance with Principles V and X of the Code.

		December 2020	With regard to the application of the independence
			criteria, the Committee invites the Boards of
			Directors to:
			- always justify on an individual basis any non
			application of one or more independence criteria;

			- define ex-ante the quantitative and/or qualitative
			criteria to be used to assess the significance of the
			relationships under review.
Independence of directors	Recommendation 7	December 2021	It is recommended to provide in the corporate
			governance report the criteria used to assess the
			significance of professional, commercial or
			financial relationships and additional
			remuneration, also with reference to the
			Chairperson of the Board of Directors, if the latter
			has been assessed as independent pursuant to the
			Code.

			The Committee, while observing a growing focus
			on these issues [promoting equal treatment and
Equal treatment and opportunities	Recommendation 8	December 2021	opportunities between genders within the entire
			company organisation, monitoring their practical
			implementation] invites companies to provide
			adequate information in the corporate governance
			report on the actual identification and application of
			these measures.
			On the subject of pre-meeting information, the
			committee invites the Boards of Directors to:
			- explicitly determine the terms deemed
		December 2020	appropriate for sending the documentation;

		- provide in the corporate governance report a clear indication of the terms identified and their effective compliance;
		- ensure that these terms may be derogated purely for confidentiality reasons.
		The Committee invites the Boards of Directors to prepare the Board and Committee Regulations,
		paying by particular attention to the explicit determination of the terms deemed appropriate for
	December 2021	sending the documentation and the exclusion of generic confidentiality requirements as possible
Pre-meeting information		exemptions from compliance with these terms. In drafting the corporate governance report,
		companies should also provide adequate details on the actual compliance with the notice period
		previously defined and, where in exceptional cases
		it was not possible to comply with said deadline, explain the reasons and illustrate how adequate in
		depth information was provided at the board meeting.
		The Committee invites the administrative bodies to make provision for procedures for the
		management of pre-meeting information that do not provide for generic exemptions to the
	January 2023	timeliness of the report for data and information confidentiality reasons and to provide, in the
		corporate governance report, detailed information on any failure to comply with the notice period
		indicated in the procedures for sending the Board

	documentation, explaining the reasons and
	illustrating how adequate in-depth analysis was
	ensured in the Board.
	The Committee, while acknowledging the
	improvements made, invites the companies to give
	adequate reasons in the corporate governance
December 2023	report
	in the event of derogation from the timeliness of the
	pre-meeting information for confidentiality reasons,
	possibly envisaged
	in the board regulations and/or adopted in normal
	practices.
	Therefore, the companies are invited to provide all
	necessary information on the methods of
	application of Recommendation 11, taking into
	account that the failure to determine the terms for
	the prior submission of the information to the board
December 2024	and to the committees and/or the failure to provide
	information on the actual compliance with the
	terms and/or the forecast, in the board regulation
	or adopted in the normal practices, of the
	possibility of derogating from the timeliness of the
	report for confidentiality reasons may constitute the
	non-application of Recommendation 11 of the
	Code. In the event of actual non-application,
	companies are therefore invited to clearly indicate
	this in the corporate governance report, illustrating:
	the reasons for the non-application, how the

			company and how it intends to ensure compliance
			with Principle IX of the Code.
			The Committee invites the companies to define, in
			the regulations adopted for the functioning of the
			management body and its committees, the
Management participation	Recommendation 12	January 2023	methods with which these bodies can access the
			competent corporate functions according to the
			subject matter, under the coordination of the
			Chairperson of the Board of Directors or the
			committee, respectively in agreement with or by
			informing the CEO. The Committee also invites
			companies to provide information on actual
			participation in the corporate governance report.
			With regard to the appointment and succession of
			directors, the Committee invites the Boards of
Appointments Committee	Recommendation 16	December 2020	Directors to: […] provide an accurate account of
			the activities carried out by the Appointments
			Committee in the event it is unified with the
			Remuneration Committee or its functions are
			attributed to the board as a whole.
			With regard to the self-assessment of the
			management body, the Committee invites the
Self-assessment	Recommendation 21	December 2020	Boards of Directors to:
			- assess the contribution of the board to the
			definition of strategic plans;
			- oversee the board review process

Succession plan	Recommendation 24	December 2020	With regard to the appointment and succession of directors, the Committee invites the Boards of Directors to […] provide, at least in large companies, a succession plan for executive directors, which identifies at least the procedures to be followed in the event of early termination of office.
		December 2020	With regard to the appointment and succession of directors, the Committee invites the Boards of Directors to […] ensure the completeness and timeliness of the proposed resolutions for the process of appointment of the corporate bodies and issue, at least in companies subject to non concentrated ownership, guidance on its optimal composition.
		December 2021	Companies subject to non-concentrated ownership are invited to adequately examine the recommendations addressed to them with respect to the renewal of the Board of Directors. […] In particular, the Boards of Directors of companies subject to "non-concentrated" ownership are invited to ask those who submit a list that contains a number of candidates higher than half of the members to be elected to provide adequate information (in the documentation submitted for filing the list) regarding the compliance of the list with the guidance issued by
Guidelines on the composition of the	Recommendation 23		the outgoing board and to indicate its candidate for the office of Chairperson.

The Committee reiterates the importance that the

management body, at least in companies other
than those with concentrated ownership, express
an orientation on the optimal breakdown of the
body in view of its renewal and invites the
companies to publish this orientation well in
advance, such as to allow those submitting lists of
candidates to be able to take them into account for

the
improvements made, invites the companies to
clearly indicate and give adequate reasons in the
corporate governance report of the lack of
expression, on the occasion of the renewal of the
administrative body, of the guidance on its
quantitative or qualitative composition and/or
failure to request that those submitting a "long" list
provide adequate information on the compliance of
the list with the guidance expressed. The
Committee also invites companies to indicate how
the timing of publication of the guidance was
adequate
consideration by those submitting the lists of

remuneration policies, the


provide clear indications on the identification of
component,

			distinguishing between components linked to
			annual and multi-year time horizons;

			- strengthen the link between variable
		December 2020	remuneration and long-term performance
			objectives, including, where relevant, also non
			financial metrics;

			- limit to exceptional cases, subject to adequate
			explanation, the possibility of disbursing amounts
	Recommendation 27		not linked to predetermined metrics (i.e. ad hoc
			bonuses);

			- define criteria and procedures for the allocation of
			termination indemnities;

			- verify that the amount of remuneration paid to
			non-executive directors and members of the
Remuneration			control body is adequate for the competence,
			professionalism and commitment required by their
			office.
			With respect to the remuneration policies, the
			Committee, in addition to reiterating the
			opportunity of an improvement in the policies in the
			definition of clear and measurable rules for the
			disbursement of the variable component and any
		December 2021	termination indemnities, recommends adequately
			considering the consistency of the metrics
			identified for the variable remuneration with the

	strategic objectives of the business activity and the
	pursuit of sustainable success, evaluating, if
	necessary, the provision of non-financial metrics.
	With particular reference to the remuneration
	metrics linked to the achievement of environmental
	and social objectives, the Committee recommends
	that companies ensure that these metrics are
	predetermined and measurable.
January 2023	The Committee invites companies to include in the
	remuneration policy of the CEO and other
	executive directors an executive summary, in table
	form, showing the breakdown of the remuneration
	package, with an indication of the characteristics
	and weight of the fixed, short and long-term
	variable components with respect to total
	remuneration, at least with reference to the
	achievement of the target objective of the variable
	components.

	The Committee invites companies to include in
	their remuneration policies a variable component
	with a multi-year horizon, in line with the strategic
	objectives of the company and the pursuit of
	sustainable success.

	The Committee invites companies that provide
	incentive mechanisms for the CEO and other
	executive directors linked to sustainability
	objectives to provide a clear indication of the

	specific performance objectives to be achieved.


	Therefore, companies are invited to provide all
	useful information on the methods of application of
	Recommendation 27, taking into account that the
	provision in the remuneration policy of variable
	components linked to generic sustainability
	objectives for which the specific assessment
	metrics and/or one-off extraordinary
December 2024	disbursements are not provided, whose nature and
	objectives are not identified and in respect of which
	adequate decision-making procedures are not
	defined, may result in the non-application of
	Recommendation 27 of the Code. In the event of
	actual non-application, companies are therefore
	invited to expressly indicate this in the corporate
	governance report, illustrating: the reasons, how
	the decision of non-application was taken within
	the company and how it intends to ensure
	compliance with Principle XV of the Code.

List of offices held by representatives of the issuer in listed or large companies.

Name and surname	Company	Office
	Generalfinance S.p.A.	Chairperson of the Board of Directors
Maurizio Dallocchio	Esprinet S.p.A.	Standing Auditor
	A2A S.p.A.	Standing Auditor
Mauro Selvetti	Generalfinance S.p.A.	Vice Chairman of the Board of Directors
Massimo Gianolli	Generalfinance S.p.A.	Chief Executive Officer
Marta Bavasso	Philogen S.p.A.	Independent Director
	Generalfinance	Independent Director
Annalisa Raffaella Donesana	Acinque S.p.A.	Standing Auditor
	Inwit S.p.A.	Standing Auditor
	Generalfinance S.p.A.	Director
Leonardo Luca Etro	Sanlorenzo S.p.A.	Director
	Generalfinance S.p.A.	Director
Maria Luisa Mosconi	Generalfinance S.p.A.	Director
	Digital value S.p.A.	Director
	Juventus football club S.p.A.	Standing Auditor
Federica Casalvolone	Generalfinance S.p.A.	Director
Gabriele Albertini	Mittel S.p.A.	Director
	Generalfinance S.p.A.	Director

Please note that at the date of this Report, none of the members of the Board of Statutory Auditors hold offices in listed companies or companies of significant size.

Powers granted to the Chief Executive Officer

DUTIES AND RESPONSIBILITIES ENVISAGED BY BANK OF ITALY CIRCULAR NO. 288 OF 3 APRIL 2015 FOR THE "BODY WITH MANAGEMENT FUNCTION" to assign to the Chief Executive Officer the duties and responsibilities envisaged by Bank of Italy Circular no. 288 of 3 April 2015 for the "Body with management function", granting them all the powers necessary for the proper execution of the same, specifying that, within the scope of the mandate received, they are placed at the head of the executive and is responsible for the implementation of the programs and resolutions of the Board of Directors, are responsible for their execution with the rights, responsibilities and powers determined by the Board itself, ensuring effective management, proper functioning and coordination of all organisational Units. He/she is responsible for the functionality of the internal control system and oversees the functions related to internal, intragroup and external corporate information. As a body with management functions, the Chief Executive Officer is assigned the following responsibilities: - directing and coordinating the various company components, in order to achieve the objectives for the period defined by the Board of Directors, to which it reports directly, and planning corrective actions in the event of an unsatisfactory result; - executing the resolutions passed by the Board of Directors; - keeping the Board of Directors informed of internal and external events and issues relevant to the life of the company; - developing medium/long-term strategic planning, in line with the provisions of the Board of Directors; - maintaining relations with the main institutions outside the company, as well as entertain qualifying relationships with the reference market and with the environment in which the company operates; - proposing the draft annual financial statements to the Board of Directors; - promoting a corporate culture that enhances the control functions at all levels, informing the organisational structure - through the appropriate communication channels - of the objectives and policies that the Company intends to pursue on these issues, in line with the pre-chosen risk appetite, ensuring that these objectives and policies are applied at company level; - coordinating the performance of all company activities, ensuring the proper functioning of the organisational units and controlling, through the company control functions, the regularity of operation, also in light of changes in the internal and external conditions in which the company operates; - issuing - according to the methods and within the limits established by the Board of Directors - the appropriate instructions, in order to better manage the liquidity position and the proprietary securities portfolio; - ensuring the existence of effective internal controls and a constant and detailed reporting process (by the operating structures) that enables the Chief Executive Officer to assess the company's positioning in terms of risk;

- bringing to the attention of the Board of Directors possible improvements to risk management policies, measurement tools and procedures;

formulating to the Board of Directors proposals for changes to the organisational structure consistent with the pursuit of the strategies and objectives resolved, with the aim of creating a corporate structure capable of reacting flexibly to the demands of the market and the environment, capable of consistently supporting the various strategies adopted;
defining the policies regarding the planning, training and management of the human resources present;
identifying and assessing, with the collaboration of the corporate control functions, also on the basis of operating trends and deviations from forecasts, the factors that may give rise to risks;
defining the resources and the named organisational chart, including any functional changes in compliance with company needs (based on the objectives established or for the creation of new services, etc.);
defining the tasks and responsibilities of each Department into which the organisational structure is divided, ensuring that the various activities are directed by qualified personnel with experience and technical knowledge (training, recording of the professional path including assessment of services aimed at rewards and incentives or other actions in favour of personnel and analysis of expectations), taking into account that in this context areas of potential conflict of interest must be identified and reduced to a minimum;
activating effective communication channels in order to ensure that all personnel are aware of the policies and procedures relating to their duties and responsibilities;
defining information flows aimed at ensuring that the Board of Directors is fully aware of and can govern company events;
assessing the quality, efficiency and effectiveness of the performance of the outsourced functions, in relation to professional standards and on the basis of the service contract stipulated;
implementing the ICAAP process, ensuring that it complies with the strategic guidelines and meets the following requirements: consider all relevant risks; incorporate forward-looking assessments; use appropriate methodologies; is known and shared by the internal structures; is adequately formalised and documented; identifies the roles and responsibilities assigned to the company functions and structures; is entrusted to qualitatively-quantitatively adequate resources with the necessary authority to ensure the planning is respected; is an integral part of management activities;
preparing the measures necessary to ensure the establishment and maintenance of an efficient and effective internal control system. In particular:
- guaranteeing effective management of company operations and the risks to which the Company is exposed, defining adequate control procedures;
- verifying the functionality, effectiveness and efficiency of the internal control system, adjusting it in light of the evolution of operations;
- ensuring that the various internal control functions are managed by qualified personnel in relation to the activities to be carried out;
defining the channels for communicating to all personnel the procedures relating to their duties and responsibilities;
executing the company policy directives and the resolutions of the Board of Directors, supervising the performance of the Company in order to achieve the corporate purposes;
taking care of everything necessary to comply with legal and regulatory obligations, also deriving from sector regulations, to which the Company is subject in relation to its legal nature, qualification, size, structure, organisation and activity carried out;
submitting the annual budget and the long-term plans to the Board of Directors;
formulating proposals to the Board of Directors regarding: the allocation of funds to the financial statements, reporting on the use of the funds; the guidelines of the annual budget and multi-year plans; the development projects of the Company's activities, including the diversification of products, customers and/or services.

OTHER POWERS

unilaterally modifying, in the contracts entered into by the Company with its customers, and in execution of a specific contractual clause, the contractual conditions pursuant to Article 118 of the Consolidated Law on Banking;
investing and disinvesting in short-term financial instruments the liquidity available for transactions up to EUR 10 (ten) million, negotiating, stipulating, modifying, selling and terminating contracts as well as the relative documentation;
proceeding with the purchase, sale, exchange and carrying out any other instrument on securities for the investment of the Company's cash for nominal amounts up to EUR 10 (ten) million;
negotiating, stipulating, amending, assigning and terminating credit line agreements, loans of any type and duration that involve the assumption of bank debts and financial commitments for a maximum amount of EUR 50 (fifty) million for each transaction;
ordering bank transfers and issuing payment orders on mandates, drafts, bank receipts or other securities issued by the company from the current accounts of the company, issuing cheques on current accounts receivable and payable or bank drafts always bearing the non-transferability clause within the scope of available funds;
authorising expenses relating to the management and administration of the Company up to EUR 2 (two) million (including VAT) per single contract/order with an annual duration and, to this end, signing each agreement/order/commitment with suppliers;
making payments with prohibition to carry out passive transactions beyond the limits of the credit lines granted;
opening and closing deposits, current accounts and bank and postal securities dossiers of all kinds;
carry outing bank transfers and fund transfers on accounts and securities dossiers of the Company without amount limits;
authorising the collection of sums due from any company, natural or legal person, as well as from State Administrations or from Public and Private Entities;
within the maximum limit of EUR 500,000 (five hundred thousand) included per transaction, formulating and accepting settlement proposals;
signing agreements with banks and financial intermediaries;
hiring, promoting, dismissing employees, adopting disciplinary sanctions and any other measure against them, without prejudice to the limitations envisaged by the regulations in force from time to time;
dealing with and defining all issues, including contractual ones, concerning employees, fulfilling all related formalities, including with regard to transactions;
discussing and defining, with regard to personnel, changes in working hours;
as Employer, organising and coordinating the Prevention and Protection Service, appointing internal or external parties (RSPP, RSL, Supervisors, Employees, consultants, etc.) and fulfilling all the obligations envisaged by the legislation on protection of the health and safety of workers (Italian Legislative Decree no. 81/2008), with the right to spend within the limits set by the annual budget or, in the event of unforeseen and urgent expenses, even beyond these limits, providing prompt and justified communications to the Board of Directors;
as Data Controller, organising and fulfilling all the obligations envisaged by the legislation on the protection of personal data (Italian Legislative Decree no. 196 of 30 June 2003, as

supplemented and amended by Regulation (EU) 2016/679)) with the right to spend within the limits set by the annual budget or, in the event of unforeseen and urgent expenses, even beyond these limits, providing prompt and justified communications to the Board of Directors;

maintaining relations and signing ordinary correspondence with the Supervisory Authorities;
in execution of the resolutions of the Board of Directors, negotiating, stipulating, amending and terminating contracts relating to the outsourcing of corporate functions;
in execution of the resolutions of the Board of Directors, negotiating, stipulating, amending and terminating contracts pertaining to the extraordinary management of properties;
negotiating and signing contracts and agreements for the purchase and exploitation of advertising space, promotional and marketing campaigns;
authorising the granting of charitable donations to third parties (legal persons pursuing social utility purposes; public institutions or foundations that carry out non-profit activities with social utility purposes; NPOs and non-profit associations pursuing purposes of social utility; parishes and moral or religious entities);
granting and revoking powers of attorney or proxies to the managers of the company Departments or to other employees of the Company.

MATTERS RESERVED TO THE EXCLUSIVE COMPETENCE OF THE BOARD OF DIRECTORS

in addition to the matters that cannot be delegated by law and by the Articles of Association, the following decisions remain reserved to the exclusive competence of the Board of Directors:

(i) proposals, to be submitted to the Shareholders' Meeting, concerning: amendments to the Articles of Association (other than those of mere adaptation to legislative and regulatory provisions and/or implementation of specific requests formulated by the Supervisory Authority); mergers, demergers, voluntary liquidation of the Company; increases or decreases in share capital (with the exclusion of cases mandatorily required by law), also linked to the adoption of stock option plans in favour of directors or employees of the Company; issue of bonds or convertible warrants;
(ii) amendments to the Filed Business Plan, as well as approval and/or amendment of strategic plans of the Company;
(iii) purchase, subscription or sale of business units, shareholdings or other interests of any kind, in companies, entities or businesses for a consideration exceeding EUR 500,000.00 (five hundred thousand/00) per individual transaction, also meaning the net financial position to be included in this amount - calculated in relation to the equity investment subscribed, acquired or sold;
(iv) granting or review of any credit line for amounts exceeding the powers of the Credit Committee;
(v) appointment of the general manager and determination of his/her remuneration;
(vi) the approval and amendment of any stock option plan and/or stock grant to management or other beneficiaries;
(vii) decisions regarding the dividend policy to be submitted to the Shareholders' Meeting;
(viii) attribution of powers to managing directors;
(ix) resolutions regarding the decision to start listing processes, the determination of the placement price of the ordinary shares of the Company subject to IPO and the appointment of advisors.

ACTIVE AND PASSIVE JUDICIAL REPRESENTATION

Pursuant to Article 21 of the Company's Articles of Association, the Chief Executive Officer is also assigned, separately from the Chairperson of the Board of Directors, the ACTIVE AND PASSIVE JUDICIAL REPRESENTATION of the Company at every stage and degree of jurisdiction, within the limits of the powers granted to them.

AI Terminal

Generalfinance

4077_cgr_2025-03-19_c5815fe4-c80f-4b7e-b49a-37e471d8f75e.pdf

REPORT ON CORPORATE GOVERNANCE AND THE OWNERSHIP STRUCTURES

Glossary

1. Profile of the Issuer

Description of the Issuer's activities

Governance model adopted by the Issuer

Sustainability policies

Statement on the nature of SME of the Issuer

Main data of the Issuer

Main balance sheet data (in thousands of Euro)

Main performance indicators

2. Information on the ownership structures (pursuant to Article 123-bis, paragraph 1 of the TUF) as at 31 December 2022.

a) Share capital structure (pursuant to Article 123-bis, paragraph 1, letter a), of the TUF)

b) Restrictions on the transfer of securities (pursuant to Article 123-bis, paragraph 1, letter b), of the TUF)

e) Employee shareholding: mechanism for exercising voting rights (pursuant to Article 123-bis, paragraph 1, letter e), of the TUF)

f) Restrictions on voting rights (pursuant to Article 123-bis, paragraph 1, letter f), of the TUF)

g) Agreements between shareholders (pursuant to Article 123-bis, paragraph 1, letter g), of the TUF)

Provisions of the Articles of Association on takeover bids

Powers to increase the share capital

3. Compliance with the Corporate Governance Code (pursuant to Article 123-bis, paragraph 2, letter a), first part, of the TUF)

4. Board of Directors

4.1 Role of the Board of Directors

4.2. Appointment and replacement (pursuant to Article 123-bis, paragraph 1, letter l), of the TUF)

Article 15. Presentation of lists

Article 16. Election of the Board of Directors

4.3 Composition (pursuant to Article 123-bis, paragraph 2, letters d) and d-bis), of the TUF)

Maximum number of offices held in other companies

Induction Program

4.5 Role of the Chairperson of the Board of Directors

Secretary of the Board

the Secretary.

4.6 Executive Directors

Chief Executive Officer

Disclosure to the Board by the directors/delegated bodies

Other executive directors

4.7 Independent Directors and Lead Independent Director

Independent Directors

Lead Independent Director

5. MANAGEMENT OF CORPORATE INFORMATION

6. INTERNAL BOARD COMMITTEES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER D), OF THE TUF)

Additional committees

7. SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS –APPOINTMENTS AND REMUNERATION COMMITTEE, IN THE ROLE OF APPOINTMENTS COMMITTEE

7.1 Self-assessment and succession of directors

Self-assessment of the Board of Directors

Succession of Executive Directors

7.2 Appointments and Remuneration Committee

Composition and functioning of the Appointments and Remuneration Committee (pursuant to Article 123-bis, paragraph 2, letter d), of the TUF)

Department.

Functions of the Appointments and Remuneration Committee with regard to appointments

8. REMUNERATION OF DIRECTORS – APPOINTMENTS AND REMUNERATION COMMITTEE, IN THE FUNCTION OF REMUNERATION COMMITTEE

8.1 Remuneration of directors

Remuneration Policy

Directors' indemnity in the event of resignation, dismissal or termination of employment following a takeover bid (pursuant to Article 123-bis, paragraph 1, letter i), of the TUF)

9. INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - CONTROL RISK AND SUSTAINABILITY COMMITTEE

9.1 Foreword

9.2 Phases of the existing risk management and internal control system in relation to the financial reporting process

9.3 Roles and Functions involved

9.4.1 Anti-Money Laundering Function

Purpose of the Function

Tasks

Suspicious transactions:

9.4.2. Compliance Function

Purpose of the Function

Tasks

9.4.3 Risk Management Function

Purpose of the Function

Tasks

9.4.4 Internal Audit Function

Purpose of the Function

Tasks

9.5 Control, Risk and Sustainability Committee

9.6.1 Supervisory Body

9.8 Assessment of adequacy of the Management Control System

9.9 Chief Executive Officer

9.10. Control, Risk and Sustainability Committee:

9.10.1 Composition and functioning of the Control, Risk and Sustainability Committee

9.11 Head of the internal audit function

9.12 Independent Auditors