ANNUAL REPORT ON CORPORATE GOVERNANCE AND THE OWNERSHIP STRUCTURE

Prepared pursuant to art. 123 bis of the Consolidated Finance Act ("CFA")

2018

Approved by Atlantia's Board of Directors on 7 March 2019 Traditional management and control model

www.atlantia.it/it/corporate-governance/

INTRODUCTION 5
1. PROFILE OF ATLANTIA 6
2. INFORMATION ON THE OWNERSHIP STRUCTURE 7
a) Structure of Issued Capital	7
b) Significant shareholdings in the Company	9
c) Shareholder agreements10
d) Change of control and similar clauses 11
e) Authority to purchase treasury shares 21
f) Management and coordination activities 24
3. COMPLIANCE 26
4. BOARD OF DIRECTORS 27
4.1 Election and replacement27
- Succession planning 30
4.2 Composition 31
- Assessment of the size, composition and functioning of the Board of Directors 39
- Activities performed in 2018 42
4.3 Role of the Board of Directors 44
4.4 Executive Directors and Officers 47
- Executive Committee 47
- Chairman of the Board of Directors 47
- Chief Executive Officer 48
4.5 Independent Directors 50
4.6 Lead Independent Director52
5. PROCESSING OF CORPORATE INFORMATION 53
6. BOARD COMMITTEES 56
7. APPOINTMENTS COMMITTEE 57
8. HUMAN RESOURCES AND REMUNERATION COMMITTEE 59
9. REMUNERATION OF DIRECTORS 64
10. CONTROL, RISK AND CORPORATE GOVERNANCE COMMITTEE65
A) Composition and functioning 65
B) Functions assigned to the Control, Risk and Corporate Governance
Committee68

C) Activities performed in 2018 71
11. INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM 75
- Main characteristics of existing risk management and internal control systems in respect of the financial reporting process 84
- Description of the main characteristics of existing risk management and internal control systems in respect of the financial reporting process 86
- Guidelines and assessment of the adequacy, efficacy and effective functioning of the Internal Control and Risk Management System 90
11.1 Director responsible for the Internal Control and Risk Management
System93 - Activities performed in 2018 94
11.2 Head of Group Internal Audit96
11.3 Organisational, Management and Control Model, Legislative Decree 231/2001 101
- Ethics Officer106
11.4 Independent Auditors 109
11.5 Manager responsible for financial reporting 110
11.6 Coordination of individuals involved in the Internal Control and Risk Management System 112
12. DIRECTORS' INTERESTS AND RELATED PARTY TRANSACTIONS 116
12.1 Committee of Independent Directors with responsibility for Related-Party Transactions 117
- Directors' interests119
13. ELECTION OF STATUTORY AUDITORS 120
14. COMPOSITION AND FUNCTIONING OF THE BOARD OF STATUTORY AUDITORS 125
14.1 Procedure for reporting to the Board of Statutory Auditors 130
15. INVESTOR RELATIONS 131
16. GENERAL MEETINGS132
17. CONSIDERATIONS OF THE CHAIRMAN OF THE CORPORATE GOVERNANCE COMMITTEE ON THE LETTER OF 21 DECEMBER 2018
136
TABLE 1

Information	on the	ownership	structure	of Atlantia		137
Significant	shareholdings	as at	31 december	2018		138

TABLE 2 Structure of Atlantia SpA's Board of Directors and Baord Committees139
Annexe A
Summary of the personal and professional details of Atlantia's Directors as at 31 December 2018 141
TABLE B
Number of years in position since initial appointment at Atlantia 146
ANNEXE 1
List of other positions held by the directors in other companies listed on italian and international regulated markets, and in large financial, banking and insurance companies 147
TABLE 3
Structure of the Board of Statutory Auditors150

INTRODUCTION

This report is intended to provide a general and complete overview of the corporate governance system adopted by Atlantia SpA (hereinafter also referred to as "Atlantia" or "the Company").

In compliance with the legal and regulatory obligations in this regard, the Report contains information on the ownership structure, adhesion to the Codes of Conduct and the observance of the consequent commitments, highlighting the choices that the Company has made in application of corporate governance principles.

The Report was drawn up in accordance with the Italian Stock Exchange's format for corporate governance reports (7th edition of January 2019).

The text of this Report is published on the Company's website, at www.atlantia.it/it/corporate governance/ and was submitted to the Italian Stock Exchange in accordance with the terms and procedures set forth under applicable regulations.

1. PROFILE OF ATLANTIA

Atlantia's Articles of Association provide that the Company has the following corporate purpose:

a) the acquisition of investments and interests in other Companies and Entities;
b) the financing, including the issuance of guarantees, indemnities and collateral and the technical, industrial and financial coordination of Companies or Entities in which it has shares;
c) any equity, real estate, financial and industrial investment, whether in Italy or abroad.

Ancillary to its principal business, the Company may also purchase, own, manage, use, update and develop, directly or indirectly, trademarks, patents and know-how concerning electronic tolling systems and related or connected activities.

In accordance with the current Articles of Association, Atlantia has adopted a traditional type system of management and control. Corporate management is assigned to the Board of Directors, while all aspects concerning supervisory functions are assigned to the Board of Statutory Auditors and responsibility for auditing the Company's accounts to the Independent Auditors appointed by General Meeting of the Shareholders.

2. INFORMATION ON THE OWNERSHIP STRUCTURE

a) Structure of Issued Capital

Atlantia's issued capital amounts to €825,783,990.00 consisting of 825,783,990, par value €1.00, ordinary voting shares.

The Company issued 163,956,286 Atlantia SpA 2013 Ordinary Share Contingent Value Rights ("CVRs") on the effective date of the Atlantia - Gemina Merger (1 December 2013) for allotment free of charge to Gemina's ordinary and/or savings shareholders, who received Contingent Value Rights in exchange for Atlantia shares in application of the share exchange ratio of one Contingent Value Right for each Atlanta share allotted in accordance with the share exchange ratio.

The following were approved at the Extraordinary General Meeting of 8 August 2013: i) issuance together with shares to satisfy the merger share exchange ratio of up to 164,025,376 CVRs and, at the same time, ii) an increase in issued capital to irrevocably satisfy the CVRs up to a par value of €18,455,815.00 through the issuance of 18,455,815 Atlantia ordinary shares with a par value of €1.00.

CVRs provide their holders with the right to receive a number of Atlantia ordinary shares determined with reference to the Final Allotment Ratio and a Dividend Adjustment upon verification of the conditions of allotment as defined in the Terms and Conditions of the Atlantia SpA 2013 Ordinary Share Contingent Value Rights (Terms and Conditions) available at the Company's website: www.atlantia.it/pdf/integrazione-del-regolamento-dei diritti-di-assegnazione-condizionati.pdf.

Starting on 3 December 2013 - and until 3 October 2014, each CVR holder had the right to sell to Atlantia all the CVRs held when sending the corresponding exercise request (at an allinclusive price of €0.0732 for each CVR).

In the Exercise Period, between 3 December 2013 and 3 October 2014, 160,698,634 CVRs were exercised out of the 163,956,286 CVRs issued, accounting for approximately 98% of the total.

Put Options unexercised during the Exercise Period can no longer be exercised or used with Atlantia, while all the Contingent Value Rights transferred to Atlantia were cancelled.

The number of CVRs outstanding as at 31 December 2018 is shown in Table 1 annexed hereto.

Regarding article 7 of the CVRs' Terms and Conditions, attention is called to the acquittal ruling, pursuant to article 530 of the penal procedure code, handed down on 30 October 2017 because there is no case to answer in the penal proceedings pending before the Court of Florence, initiated against certain executives of Autostrade per l'Italia due to alleged violations of environmental rules in connection with the "Variante di Valico" works, with the resulting request for damages by the Ministry of the Environment as civil party.

On the date when the present Report was drawn up, a ruling thereon had yet to be handed down.

In this regard, it is noted that for the Claim's Extinguishing Event or the Significant Event, as defined in the cited Terms and Conditions, it is necessary for a final acquittal or guilt sentence in accordance with articles 1 and 4 therein.

Information on share-based incentive plans, in the form of share options and/or share grants, is provided in the Remuneration Report prepared pursuant to art. 84quater of the Regulations for Issuers, which is available on the Company's website (http://www.atlantia.it/it/investor-relations/assemblee.html).

b) Significant shareholdings in the Company

As at 31 December 2018, and according to the notifications sent to the Company and CONSOB in accordance with article there were the following significant interests in the issued capital of Atlantia:

Edizione Srl¹ with 30.254% held through Sintonia SpA (erstwhile Sintonia SA)² ;
Government of Singapore Investment Corporation ("GIC") Pte Ltd., directly and indirectly, through InvestCo Italian Holdings Srl, with 8.136%;
Fondazione Cassa di Risparmio di Torino with 5.062%;
Lazard Asset Management LLC with 5.017%
HSBC BANK PLC, directly and indirectly through INKA INTERNATIONALE KAPITALANLAGEGESELLSCHFT MBH, with 4.958%;
Furthermore, on 28 June 2018, pursuant to article 119 of the Regulations for Issuers, Sir Christopher Anthony Hohn, through TCI Fund Investment Limited, announced an aggregate interest of approximately 6.368% of the share capital, of which 1.357% is in shareholding and 5.011% in a long position, comprising a cash-settled equity swap derivative contract on the maturity date of 22 July 2019.

¹After the merger of Edizione Holding SpA and Sintonia SpA with Ragione became effective, on 1 January 2009, Ragione took the name of Edizione Srl and assumed direct control of the sub-holding, Sintonia SpA, which in turn controls investments in the utilities and infrastructure sectors, including Atlantia and others.

²After transferring its registered office to Italy, Sintonia SA transformed its legal form into an Italian "società per azioni" and was entered into the Milan Companies Register on 27 June 2012 under the name Sintonia SpA.

c) Shareholder agreements

As of the date of this Report, no shareholder agreement was announced.

* * *

d) Change of control and similar clauses

A brief description of the change-of-control clauses in loan agreements entered into by the Atlantia Group companies is provided below:

a) the Company entered into two loan agreements on 4 July 2018, thus promoting to dispose, together with a Term Loan line of credit of €1,500 million on 15 May 2018, of three committed credit lines of a maximum of €4,500 (fully available), worded as follows:
Term Loan 1: up to €1,500 million, repayment in instalments with maturities between the first quarter 2022 and the first quarter 2023;
Term Loan 2 (entered into on 4 July 2018): up to €1,750 million, bullet repayment in the third quarter 2023;
Revolting Line (entered into on 4 July 2018): up to €1,250 million, bullet repayment in the third quarter 2023.

The two Term Loan lines, allocated to covering the financial requirements of the investment in Abertis Infrastructures and acquiring 23.9% of the share capital of Hochtief, were entirely disbursed on 19 September 2018 upon partial drawing of the Revolving Line (for €675 million).

Finally, on 12 October 2018, Atlantia subscribed to a further revolving line for general corporate purposes. This line of €2,000 million has a duration of 18 months (extendible to 36 months).

The aforementioned agreements contemplate the option, executable by one or several financing parties, or individually, to request cancellation or early repayment of the corresponding part of the loan upon verification of a change of control.

Under the terms of the agreement, a change of control occurs in case one or more parties other than Sintonia, or that do not act in concert with Sintonia, acquire control of Atlantia. To that end, control is defined as the ability to express, directly or indirectly, at least 30% of voting rights at an ordinary general meeting of Atlantia's shareholders, or obtaining control within the meaning of article 2359 of the Italian Civil Code.

These agreements entail an obligation to accelerate repayment in case Atlantia i) ceases to exercise control over a Principal Subsidiary and (ii) a rating downgrade (as defined in the agreement) occurs after such event.

The agreements also contemplate limitations on the sale of equity interests in Material Subsidiaries by Atlantia.

b) On 23 October 2018, ABERTIS HOLDCO, SA entered into a loan agreement for €9,950,000 million in three committed credit lines:
Term Loan: up to €3,000 million, repayment in instalments with maturities between the fourth quarter 2022 and the fourth quarter 2023, fully dispersed as of 26 October 2018;
Bridge to Bond: up to €4,750 million, bullet repayment in the second quarter 2020, fully dispersed as of 26 October 2018;
Bridge to Disposal: up to €2,200 million, bullet repayment in the second quarter 2020, dispersed on 26 October 2018.

The aforementioned lines were allocated to covering financing requirements for the investment in Abertis.

Under the terms of the agreement, a change of control occurs in case one or more parties other than Atlantia SpA, ACS and Hochtief AG, or that do not act in concert with Atlantia SpA, ACS and Hochtief AG, acquire control of ABERTIS HOLDCO, SA. To that end, control is defined as the ability to express, directly or indirectly, at least 50% of voting rights at an ordinary general meeting of ABERTIS HOLDCO, SA's shareholders.

Moreover, on 27 December 2018, ABERTIS HOLDCO, SA subscribed to a loan agreement of €970 million, fully disbursed on 3 January 2019, in partial substitution of the Bridge to Bond line entirely disbursed for €4,750 million on 26 October 2018.

c) Between October 2018 and January 2019, Abertis Infraestructuras subscribed to a series of loan agreements, whose disbursement is expected within 2019, for an amount of €1,065 million, with repayment maturing between 2024 and 2025. The gains coming from the disbursements of the financing will be used in partial substitution of the cited Bridge to Bond Line of €4,750 million disbursed to ABERTIS HOLDCO SA on 26 October 2018.

Under the terms of the agreement, the application of the change-of-control clauses occurs when one or more parties other than Atlantia SpA, ACS and Hochtief AG, or that do not act in concert with Atlantia SpA, ACS and Hochtief AG, acquire control of Abertis Infraestructuras, SA. To that end, control is defined as the ability to express, directly or indirectly, at least 50% of voting rights at an ordinary general meeting of Abertis Infraestructuras' shareholders.

d) Two loans between Autostrade per l'Italia (hereinafter also referred to as ASPI) and Cassa Depositi e Prestiti (hereinafter also referred to as CDP), namely one amounting to €500 million (disbursed with BEI funding) on 19 December 2008, and the other amounting to €1,700 million on 13 December 2017 for €600 million in revolving and €1,100 million as a term loan facility, in which regard €400 million were used as of 20 December 2017. This financing modified two loans taken out with the CDP respectively on 19 December 2008 (€1,000 million) and 20 December 2012 (€700 million) which were extinguished by cancelling unused available amounts.

All the cited agreements contemplate change-of-control clauses regarding ASPI, in favour of BEI and CDP (even if, for the financing disbursed by CDP with BEI funds, the latter withdraws from the related loan agreement) with mandatory early repayment, unless otherwise agreed by the lenders.

e) Seven loans to Autostrade per l'Italia provided by the EIB of up to, respectively, €200 million €250 million, €1,000 million, €300 million, €250 million, €250 million and €200 million dated 20-23 December 2004, 30 September 2005, 24 November 2008, 16 December 2010, as subsequently amended and supplemented, 26 July 2012 and 20 September 2013. Each loan is secured by an Atlantia guarantee with the exception of a €200 million loan dated 20 September 2013 for the environmental and safety investments required by the Single Concession Arrangement to be made between 2011-2016. The period of availability of funds linked to this agreement expired on December 2018. All the above loan agreements provide for accelerated repayment in the event of a change of control with respect to ASPI and/or Atlantia. On 30 November 2017, the unused amount under the agreements signed in 2010 and 2013 (secured by Atlantia) were cancelled. All sums drawn down under those

agreement will be repaid on their original maturity date.

f) A €10,000,000,000 Euro Medium Term Note Programme for the issuance by Atlantia, in the past, of bonds to institutional investors, irrevocably and unconditionally guaranteed by ASPI, which in turn benefited from the relevant proceeds through intercompany loans. The Programme agreement contains change of control and change of business and ownership clauses consistent with international practice with respect to ASPI.

Following implementation of the "Issuer substitution" clause on 22 December 2016, these loans were transferred to ASPI (as issuer) and will be guaranteed by Atlantia until the earlier of their respective maturities or September 2025.

g) A €7,000,000,000 Euro Medium Term Note Programme for the issuance by Autostrade per l'Italia, in the past, of bonds to institutional investors, irrevocably and unconditionally guaranteed by Autostrade per l'Italia. The Programme agreement contains change of control and change of business clauses consistent with international practice with respect to ASPI.
h) A €10,000,000,000 Euro Medium Term Note Programme whereby Atlantia issues notes for institutional investors. Under the terms of the programme, the clause "Redemption at the Option of Noteholders on the Occurrence of a Material Asset Sale Put Event" contains a put option which can be exercised if (i) Atlantia ceases to exercise control over a Principal Subsidiary and (ii) there is a rating downgrade after this occurrence.
i) A six-year revolving loan agreement between Aeroporti di Roma (ADR) and a syndicate of 8 banks in July 2016 for €250 million (maturing in 2023), following the exercise by ADR in 2018 of the second annual extension option contemplated by the agreement, and the loan of €100 million obtained from BNL (Term Loan) in November 2016 (maturing in 2020) both contain acceleration clauses (to be activated by creditors) in case of change of control. Such event occurs in case a party (other than Atlantia, directly or indirectly) or a group of parties acting in concert (other than a group that includes, directly or indirectly, Atlantia, provided that the equity interest held by Atlantia is greater than the equity interest held collectively by the other group members) acquires a controlling interest in Aeroporti di Roma pursuant to and for the effects of article 2359, paragraph 1, sub-paragraphs 1 and 2, of the Italian civil code and/or article 93 of Legislative Decree 58/1998.
j) Three loan agreements, two of which were entered into in December 2016 between Aeroporti di Roma and EIB and CDP for €150,000,000.00 each, and the third was entered into in March 2018 between Aeroporti di Roma and EIB for €200 million. These agreements contain a change-of-control clause in line with the preceding paragraph h).
k) On 14 December 2015, Autostrade Meridionali (SAM) entered into a revolving credit facility agreement with Intesa Sanpaolo – Banco di Napoli for €470,000,000, consisting of:
- (i) A line of credit, immediately available, for €300 million (Line 1), of which €245 million are already disbursed; and
- (ii) A line of credit of €170 million (Line 2), which would be made available upon fulfilment of certain conditions precedent.

As the conditions precedent under ii) above are met, or in case ASPI signs the relevant effectiveness guarantee certificate, ASPI will activate an autonomous first demand guarantee vis-à-vis Autostrade per l'Italia for the benefit of the bank on both the lines of the facility.

Considering that such conditions precedent had not yet been fulfilled as of 5 December 2016, ASPI signed the effectiveness certificate, thereby effective as of 1 January 2017 through 31 December 2017 on Line 1 alone. Following the activation of the Guarantee and the annual extension signed by ASPI on 15 December 2017, the expiration of the relevant loan agreement was extended until 31 December 2018.

In light of the foregoing and as the aforementioned conditions precedent had not been fulfilled, the declaration for extending the effectiveness of the ASPI Guarantee for another year was made on 14 December 2018 for the maximum amount of €300 million with a view to extending the duration of the funding until 31 December 2019.

The availability period expired for the €170 million line (Line 2), whose commitment was set aside for a possible SPV that SAM would create should it be awarded the tender relating to the concession renewal. This line was therefore cancelled.

The agreement contains a change-of-control clause in relation to the continuing ASPI role as shareholder of SAM (with a threshold of 51% of SAM's outstanding voting shares). Failure to comply with such clause will accelerate the repayment of all amounts outstanding and cause the cancellation of both lines of credit.

l) On 2 October 2015, Pavimental SpA entered into a loan agreement with Credit Agricole Corporate Investment Bank Deutschland for an amount of up to €50 million, subsequently reduced to €39.1 million, of which €33.1 million was already disbursed, to fund the purchase of the TBM, the relevant accessories and any other equipment necessary to complete the works related to Lot 2 Galleria Santa Lucia (Variante di Valico), a contract awarded by Autostrade per l'Italia, and the cost of the insurance policy issued by Euler Hermes for the benefit of the exporter of the TBM and related accessories. The loan agreement calls for Pavimental to have a backlog of works and service contracts from Group Companies worth at least three times the amount of the loan outstanding and allows the lender to terminate the agreement in case the Atlantia Group no longer controls the company (change-of-control clause).

* * *

Day-to-day operations of Atlantia Group companies entail the assumption of debt obligations (via banks and capital markets), normally to finance investments in infrastructure and their maintenance.

Concessions are often operated by special purpose vehicles (SPV), which are generally the parties to the loan agreements in their capacity as borrowers.

In almost all cases, change of control provisions are included in the loan agreements to assure that Group expertise will be made available to the SPV or other borrower on a continuing basis.

These are specific undertakings which can have an effect on the loan generally including an acceleration in the event of a change in the structure of the borrower's shareholders.

Such change-of-control clauses have been included in the loan agreements of the following consolidated subsidiaries of Atlantia.

a. Triangulo do Sol Auto-Estrada SA.

The terms and conditions of the bonds issued on 15 February 2013, for a total of 691 million Reais, call for acceleration in case of change of Atlantia's indirect control of the issuer, unless approved by 75% of bondholders.

The terms and conditions of the bond issued on 13 June 2018 for 390 million Reais call for acceleration in case of change of Atlantia's indirect control of the issuer, unless approved by two-thirds of bondholders, in addition to certain limitations to the reduction of Atlantia's indirect equity interest in the issuer.

b. Rodovias das Colinas SA.

The terms and conditions of the bonds issued on 15 April 2013, 13 April 2016 and 10 October 2016, for a total of 1,200 million di Reais, call for acceleration in case of change of Atlantia's indirect control of the issuer, unless approved by 75% of bondholders.

The terms and conditions of the bond issued on 11 October 2017 for 230 million Reais call for acceleration in case of change of Atlantia's indirect control of the issuer, unless approved by two-thirds of bondholders, in addition to certain limitations to the reduction of Atlantia's indirect equity interest in the issuer.

The terms and conditions of the bond issued on 12 July 2018 for 400 million Reais call for acceleration in case of change of Atlantia's indirect control of the issuer, unless approved by two-thirds of bondholders on first call and 75% thereof on second call.

c. Concesionaria de Rodovia MG-050 SA.

The terms and conditions of the bond issued on 14 June 2017 for 460 million Reais (200 million of which subscribed, and held at 31 December 2017, by Autostrade Concessões e Participacões Brasil Ltda, another company of the Atlantia group), call for acceleration in case of change of Atlantia's indirect control of the issuer, unless approved by 75% of bondholders.

d. Autostrade Concessões e Participacões Brasil Ltda

The credit agreement for a 215 million Reais line of credit signed on 13 June 2017 by a prime credit institution and Autostrade Concessões e Participações Brasil Ltda, and guaranteed by Autostrade dell'Atlantico Srl, calls for acceleration in case of change of Atlantia's direct and indirect control of the guarantor and the borrower, respectively, in addition to certain limitations to the sale of certain equity interests by the guarantor and the borrower.

e. Electronic Transaction Consultants

In December 2017, ETCC obtained a three-year line of credit for USD 12 million from Bank of America Merrill Lynch.

The relevant credit agreement calls for an acceleration and the cancellation of the line in case Autostrade dell'Atlantico Srl's equity interest in the Company falls below 51%.

f. Grupo Costanera

The 112.8 million peso bank loan agreement signed with Banco do Chile on 29 February 2012 provides for acceleration in the event the interests of the current shareholders of the Company, comprising Atlantia SpA and Società di Iniziative Autostradali SpA, fall below 50% plus one share.

g. Radial Nororiente

The 104.2 million peso bank loan agreement signed with Banco do Chile on 10 December 2007 provides for acceleration in the event of a variation in the direct and indirect shareholdings of Grupo Costanera, Atlantia and CPPIB.

h. Los Lagos

The 107.4 billion peso bank loan agreement signed jointly with Banco de Chile and Banco Santander Chile on 25 April 2007 provides for acceleration and cancellation of the line should Atlantia Spa lose direct or indirect control in the capital of the Company.

i. Stalexport Autostrada Malopolska SA.

The loan agreement of 28 December 2005 for a 380.0 million zloty loan provides for an acceleration in the event of a variation in the direct and indirect interests of the Borrower's current shareholders or in case of a variation in the shareholder base of the other companies involved in the operation of the infrastructure (construction or management company or guarantors of the loan), in the presence of an adverse event.

j. Azzurra Aeroporti Srl.

On 28 October 2016, Azzurra Aeroporti signed a €653 million loan agreement with Banca IMI - Intesa Sanpaolo, Cassa Depositi e Prestiti, MPS Capital Services, The Bank of Tokyo-Mitsubishi and UniCredit to fund the purchase of a 64% equity interest in Aéroports de la Côte d'Azur. The loan agreement contains an accelerated repayment clause in case Atlantia ceases to own, directly or indirectly, more than 50% of Azzurra Aeroporti Srl's share capital and voting rights.

k. Aéroports de la Côte d'Azur

On 7 December 2016, Aéroports de la Côte d'Azur (ACA) signed with the EIB an addendum to the loan agreement dated 21 November 2014 for €100 million, of which €82 million was disbursed on 31 December 2018. The addendum amends the "Changement de Contrôle" clause, which calls for the cancellation of the line and the accelerated repayment of any outstanding amount in case one or more parties, other than the shareholders of ACA or Azzurra, acquire, individually or collectively, a controlling interest in ACA. Currently, Azzurra Aeroporti Srl has a 64% equity interest in ACA. Atlantia and the subsidiary Aeroporti di Roma hold an aggregate of 60.45% in the share capital of Azzurra Aeroporti Srl.

* * * *

The Single Concession Arrangement in force, executed on 12 October 2007 by the subsidiary, Autostrade per l'Italia SpA (ASPI), and ANAS SpA³ – and approved by Law 101 dated 6 June 2008 – expressly identifies the requirements that, in the event of a change of control of the operator, pursuant to art. 2359 of the Italian Civil Code, must be met by a new controlling entity.

Specifically, these requirements are:

Equity, as reported in the latest accounts, of at least €10 million for each percentage point held in the operator's issued capital;
Location of the corporate headquarters in any country other than a country listed as a tax haven;
Maintenance of the operator's offices in Italy, its technical and management expertise, and an undertaking to ensure that the operator has the means to fulfil its obligations under the agreement;
Board of directors comprising persons meeting the professional requisites and, if appropriate, the independence requirements pursuant to Legislative Decree 58/1998, and that satisfies the requirements for companies listed on a stock exchange, as established by the laws of the country in which the company has its headquarters.

A substantially similar clause is included in the single Concession Arrangements of the Italian motorway operators controlled by Autostrade per l'Italia (except for the company that manages the Mont Blanc Tunnel), which were signed with ANAS SpA in 2009 and approved pursuant to Law 191 of 23 December 2009. These agreements came into effect at the end of 2010, following the execution of documents implementing the requirements of the 2010 CIPE resolutions.

* * * *

³ In accordance with art. 11, paragraph 5 of Legislative Decree 216 of 29 December 2011, converted by Law 14 of 24 February 2012, and subsequent amendments and additions thereto, concession administration functions of ANAS SpA were transferred by operation of law to the Ministry of Infrastructure and Transport, effective on 1 October 2012.

On 24 December 2013, Autostrade per l'Italia and the Ministry of Infrastructure and Transport signed an addendum to the Single Concession Arrangement – which was approved with decree dated 31 December 2013, and registered by the Court of Auditors on 29 May 2014 – whereby the parties introduced a five-yearly update to the financial plan. However, this addendum did not result in any amendment to the change of control rules for the operator.

The existing Single Concession Arrangement signed on 25 October 2012 between Group company Aeroporti di Roma SpA (ADR) and ENAC (the Italian Civil Aviation Authority), approved by the Cabinet Office Decree of 21 December 2012, sets out the specific requirements and obligations for the new parent in case of change of control for the Operator pursuant to article 2359 of the Italian Civil Code, and on penalty of termination of the concession.

These requirements and obligations specifically entail:

a) equity, as reported in the latest approved and certified accounts, of at least €1 million for each percentage point held in the operator's issued capital;
b) notwithstanding paragraphs 1 and 2 of article 3 of the Single Concession Arrangement⁴ , maintenance in Italy of the Operator's registered office, including for tax purposes, as well as the Operator's technical and management expertise necessary to carry out the activities under article 2 (Operator's Obligations and Rights) of the Single Concession Arrangement, undertaking to ensure that the Operator has the means to fulfil its obligations under the Arrangement and annexes thereto, acting to the best of its ability to that effect;
c) the board of directors and the board of statutory auditors are composed, to the extent required, of persons meeting the professional requisites and, if appropriate, the independence requirements pursuant to Legislative Decree 58/1998, as well as the integrity requirements for companies listed on a stock exchange as established by the laws of the country in which the company has its headquarters.

Any transaction resulting in a change of control for the Operator - pursuant to article 2359 of the Italian Civil Code, which, as such, makes the above provisions inapplicable must be submitted to ENAC with all the necessary details for approval, which will be provided within 60 days of submission. In the absence of any response, the approval is automatically issued pursuant to article 20, paragraph 1, of Law 241 of 7 August 1990, and subsequent amendments and additions thereto.

e) Authority to purchase treasury shares

Pursuant to article 123 bis, first paragraph, letter m), CFA, shareholders at the General

⁴ Paragraphs 1 and 2 provided that "changes concerning the Operator (i.e. "any merger, spin-off, demerger, transfer or business or units thereof, change in registered office or corporate purpose, dissolution of the company") must be approved in advance by the Ministry of Infrastructure and Transport and the Ministry of the Economy, following a review by ENAC, on penalty of termination of the concession

Meeting on 20 April 2018 revoked the unused portion of the previous authority dated 21 April 2017, granting the Board of Directors, pursuant to arts. 2357, et seq., of the Italian Civil Code and art. 132 of Legislative Decree 58 of 24 February 1998, the powers to, within 18 months, purchase in one or more tranches a maximum of 82,578,399 treasury shares with a par value of €1.00 - including the 7,957,654 treasury shares acquired by the Company on 21 April 2017, pursuant to previous shareholder resolutions – and otherwise, where lower, the maximum number of treasury allowed by law from time to time, for up to €2,100,000,000 (including the value recognised in the financial statements closed for the year ended 31 December 2017).

The transaction was authorised for one or more of the following reasons in observance of the applicable laws and regulations, including European Community legislation in force at the time:

(a) operate in the market, including through intermediaries, to support Atlantia's share liquidity and/or to stabilise its listing price, thus fostering orderly trading activities and avoid price movements not in line with market trends;
(b) operate in the market with a medium/long-term approach to investing, including to create long-term equity interests, with a view to optimising the share capital structure, or to seize market opportunities by buying and selling shares, in the market (in relation to the purchases in the manner indicated in point 2 below) or (regarding the sale, disposal or use) in OTC markets or also outside the market or through an ABB or in blocks, at any time, in whole or in part, in one or more instances, without time limits, provided that such transactions take place at market prices;
(c) build a share inventory to sell, dispose of and/or utilise treasury shares whether held in portfolio or purchased pursuant to the present shareholder resolution – at any time, in whole or in part, in one or more instances, and without time limits, provided that the relevant transactions take place in keeping with the Company's strategic guidelines, in connection with capital actions including, yet not limited to, stock-for-stock transactions, contributions, share swaps or in relation to share-based transactions or other corporate and/or financial transactions including, without limitation, acquisitions, mergers and the like or loan transactions or incentives and similar transactions, in relation to which it is necessary or appropriate to award or perform any other act of disposition of treasury shares (for example in relation to convertible securities, bonds or warrants) as well as to fulfil obligations arising from

stock option plans, stock grants or otherwise incentive programmes, whether for payment or free of charge, to group directors and officers, employees or collaborators;

(d) commence a share buyback programmes as provided for in article 5 of Regulation (EU) 596/2014 (the "Market Abuse Regulation" or "MAR"), namely the reduction of share capital, fulfilment of obligations arising from debt instruments convertible into shares or share option programmes or other assignments of shares to employees or members of governance and control bodies of the Company and its related companies, or for any other purpose contemplated therein in the version currently in force, and/or for the purpose contemplated in the market practices permitted by art. 13 of the MAR, within the terms and according to the procedures to be decided on by the Board of Directors, though the shares in the portfolio or acquired in execution of the present authorisation may be allocated for any other purpose indicated above, sold and/or assigned;

The General Meeting also authorised that the acquisitions mentioned in the preceding point above shall be made:

(a) at prices consistent with the provisions of article 3, paragraph 2, of Commission Delegated Regulation (EU) 2016/1052, i.e. as of the date of the report to the shareholders, at a price not exceeding the higher of (i) the price of the latest independent transaction and (ii) the highest current independent purchase offer made on the MTA market, organised and managed by Borsa Italiana SpA, or otherwise according to the pertinent legislation currently in force. In any case, purchases must be made at a price per share that may not vary in any direction by over 20% from the closing reference price thereat the day prior to every single transaction;
(b) in any way permitted by the laws and regulations, including Community legislation, in force from time to time, particularly, as of this writing, article 132, paragraph 1, CFA and article 144-bis, paragraph 1, sub-paragraphs a), b), c), d), d-bis) and d-ter) of the Regulations for Issuers;

The General Meeting of Shareholders authorised the sale or other act of disposition and/or use, in one or more instances and at any time, without any time limit, of all or part of the treasury shares held in portfolio or purchased pursuant to the resolution, including before completion of the purchases of the maximum amount authorised by the resolution, for all the purposes outlined above, provided that if such transactions are carried out:

(a) for cash, they will have to be executed at a price per share to be determined on the basis of the applicable regulation and/or market practices prevailing from time to time, otherwise within 10% of the closing reference price for the day prior to that of every single transaction;
(b) in connection with capital actions of the preceding point 1, letter (c), including stockfor-stock transactions, contributions, share swaps or in relation to share-based transactions or other corporate actions and/or financial transactions, they must be executed with the price limits and on the terms and conditions set by the Board of Directors;
(c) in relation to share-based incentive plans, treasury shares must be awarded to the beneficiaries of these plans in place from time to time, in accordance with the terms and conditions of the plans.

For the additional terms and conditions of the shareholder resolution on the authority to purchase and sell treasury shares, reference is made to the Report to the Shareholders available on the Company's website: (http://www.atlantia.it/it/investorrelations/assemblee/assemblea-ordinaria-20-aprile-2018).

Lastly, the number of treasury shares in portfolio at the end of 2018 was 7,819,488 or 0.94692% of the issued capital.

f) Management and coordination activities

Edizione Srl, through Sintonia SpA, is Atlantia's relative majority shareholder with a 30.25% equity interest.

The Atlantia Board of Directors, appointed by the General Meeting on 21 April 2016, is an expression of the majority slate presented by Sintonia Spa from which 12 members out of 15 are taken. The slate of these shareholders was established by number of votes thanks to the vote of other shareholders at the General Meeting.

In this regard, it should be noted that the average attendance of shareholders at the Atlantia General Meeting in 2016, 2017 and 2018 was approximately 77.77% of the share capital.

It should also be noted that a joint declaration on 12 March 2009 by Sintonia SA. (company organised under the laws of Luxembourg) and Schemaventotto SpA (subsequently merged by incorporation in Sintonia) states that these companies are not subject to management and coordination activities on the Company and Group of which it is parent.

Atlantia is not subject to the management and coordination of third parties.

On 19 January 2018, Atlantia SpA adopted a regulation on the exercise of management and coordination activities defining define the scope and Atlantia SpA's approach for exercising management and coordination activities in relation to other Group companies.

* * *

It should be noted that:

the information required by article 123-bis, first paragraph, letter i) (agreements between the company and directors, ... which provide for indemnities in the case of resignation or dismissal without cause or if their employment ceases following a public tender offer) are illustrated in the Remuneration Report published pursuant to art. 123 ter, CFA;
the information required by article 123-bis, paragraph one, letter l) (the regulations applicable to the election and replacement of directors ... and the amendment of the articles of association, if different from the applicable legal and regulatory requirements) are illustrated in the section of the Report concerning the Board of Directors (section 4.1).

3. COMPLIANCE

Atlantia's corporate governance system is based on a compendium of rules aligned with the most recent market and regulatory standards. This system was created and revised over time by the introduction of rules that substantially correspond to the evolution of the activity and requirements of the Corporate Governance Code drawn up by the Corporate Governance Committee for Listed Companies except in the circumstances described further below.

As explained in the reports on corporate governance and the ownership structure published in previous years, the Company substantially implemented the recommendations in 2007 contained in Borsa Italiana's Corporate Governance Code of 2006 by approving its own Corporate Governance Code on 14 December 2007, to provide shareholders and stakeholders a tool to understand Atlantia's governance structure more easily and rapidly.

The Board of Directors revised its Corporate Governance Code on 18 January 2019 – upon proposal of the Control, Risk and Corporate Governance Committee - incorporating amendments to the Corporate Governance Code for Listed Companies by the Corporate Governance Committee for Listed Companies.

The full text of the latest version of Atlantia's Corporate Governance Code, as revised by the Board of Directors on 18 January 2019, is available on the Company's website at www.atlantia.it/en/corporate-governance/.

The rules contained in the Articles of Association and the General Meeting Regulations complete the Company's corporate governance system.

4. BOARD OF DIRECTORS

4.1 Election and replacement

Board of Directors appointments are governed by article 20 of the Company's Articles of Association, which contemplate that Board members are appointed based on the slate presented by the outgoing Board of Directors and by Parties, who, singly or jointly with other shareholders at the date on which the slates were filed with the Company, represent at least 1% of the share capital, or the minimum shareholding to be determined by Consob as per article 144-quater of the Regulations for Issuers. In this regard, Consob required 0.5% (as indicated in resolution no. 19499 of 28 January 2016) for the submission of slates of candidates to the Atlantia's Board of Directors as renewed in 2016.

In regard to the mechanism contemplated to ensure the election of at least two independent directors, the Articles of Association stipulate that every slate must contain at least two candidates who not only meet the statutory independence requirements but must also be at the top of that slate.

Article 3 of the Corporate Governance Code adopted by the Company contains a transposition of the principle regarding independent directors of the Italian Stock Exchange's Corporate Governance Code for Listed Companies, which contemplates independence requirements for directors (as described in article 3) regarding those established for the statutory auditors pursuant to article 148 of the CFA.

Moreover, article 2.2, sub-paragraph (c) of the Company's Corporate Governance Code provides that if Atlantia is listed on the FTSE-MIB index, at least one third of directors should be independent. Such number shall be rounded down to the lower integer, in the event that it is not a whole number. The number of independent Directors may, however, never be less than two.

In relation to the provisions on balanced gender quotas in governance bodies, the Company's Articles of Association has adopted provisions contemplated in Law 120 of 12 July 2011, whereby modifying the articles related to the election of the Board of Directors and the Board of Statutory Auditors to address a method of compiling slates and set out the criteria for gradual transitional arrangements to assure an outcome of voting sessions compliant with gender quotas.

In light thereof, the slate containing at least three candidates at the next Board of Directors election (General Meeting of Shareholders to approve the 2018 financial statements) must indicate at least one-third of the less-represented gender.

The following dispositions describe how slate voting functions for electing members of the Board of Directors:

a) for the purposes of allocation of the Directors to be elected, account is not taken of slates that fail to obtain a percentage of votes at least equal to half of the percentage required for submission of the slates;
b) four fifths of the Directors to be elected are taken in sequential order from the slate receiving the majority of votes cast by the holders of shares carrying voting rights, and in compliance with the legislation in force concerning gender quotas. Any fractions shall be rounded down to the nearest whole number;
c) the other Directors are taken from the other slates that are not in any manner connected, even indirectly, with the shareholders who submitted or voted for the slate that obtained the most votes. For this purpose, the votes cast for those other slates shall be successively divided by one, two, three up to the number of Directors to be elected; The quotients attributed in this manner to the candidates of the various slates shall then be ranked in decreasing order: the two candidates elected are those with the highest quotients subject to the compliance with gender quotas;
d) if, on completion of the election and the above procedures, legislation concerning the balance between the gender quotas elected has not been complied with, the candidates elected from the various lists are ranked in decreasing order, based on the quotients calculated in accordance with the procedure described in letter c). The candidate from the most represented gender with the lowest quotient in the ranking shall thus be replaced by the first of the candidates from the least represented gender to not be elected and belonging to the same slate. If there are no other candidates in this slate, the above replacement shall be approved by the General Meeting with the majority required by law. If replacement of the candidate from the most represented gender with the lowest quotient in the ranking does not, however, enable the minimum quota required by the legislation in force to be reached, the above replacement process shall also be applied to the candidate from the most represented gender with the penultimate quotient, and so on rising from the lowest ranked candidate. In the event that there are candidates with equal quotients, that candidate on the slate from which no Director has already been selected or with the

lowest number of Directors selected, is selected, provided that legislation in force concerning the balance between gender quotas has been observed. In the event of a tie of slate votes, and, therefore, equal quotients, the General Meeting shall hold a new election and the candidate receiving the majority of votes shall be elected.

Regarding the replacement of directors, article 21 of the Articles of Association states that if any directors are missing during the year, they will be replaced as provided for in article 2386, first paragraph of the Italian Civil Code, in compliance with the legislation in force concerning the gender quota balance. However, if the majority of the directors appointed by the General Meeting is absent before the end of the mandate, the entire Board of Directors and General Assembly must be convened urgently to reconstitute the board.

* * *

- Succession planning

The Corporate Governance Code of Listed Companies provides that any procedure adopted for the succession of executive Directors should contain a clear definition of objectives, tools and timing of the process, the involvement of the Board of Directors and a clear allocation of duties, starting from that for research activities.

Atlantia's Corporate Governance Code incorporated the recommendation requiring the Board of Directors – in case of adoption of a succession plan for executive Directors – to make a disclosure in this Report, with a clear indication of the objectives, the timing and the process.

With regard to planning for the succession of Atlantia's CEO, the Board of Directors is responsible for coordinating and managing any unexpected replacement. The procedures and timing are linked to the occurrence of such circumstances and in any case, as indicated by the Board of Directors, after tapping the external market.

Atlantia's Succession Plan and Talent Management processes are used in the Group for the development of human resources and organisational development decisions. They ensure the Group's management continuity by identifying key positions, potential successors for the key positions and setting out growth plans.

Atlantia's Succession Plan and Talent Management model, which is certified by a qualified consulting company as methodology aligned with best market practices, has been further refined through:

the review and expansion of the number of key positions;
the introduction of certain improvements that might enhance the effectiveness of the process;
the balancing of the successor pool also through the identification of talent management tracks for the younger population.

In 2016, the Group's Human Resources Department coordinated the process to identify the Group's key positions and set up the model to evaluate skills and performance of the current holders of such positions through the direct involvement of the competent departments of the single Group companies.

There is an expected 2019 update for the Succession Plan for key positions downstream from the conclusion of the Abertis Group acquisition process.

4.2 Composition

The Board of Directors in office at 31 December 2018 was elected by shareholders at the General Meeting of 21 April 2016, with new additions made at the General Meeting of 21 April 2017. At the General Meeting held on 21 April 2016, shareholders resolved that the number of members of the Board of Directors should be fifteen and, in accordance with art. 19, paragraph 3 of the Articles of Association, voted to fix the term of office of the new Board of Directors, which will conclude with the approval of the related 2018 financial statements.

The 2016 General Meeting thus appointed fifteen Directors for the financial years 2016, 2017 and 2018, based on the slates submitted by the shareholders according to the terms and procedures under art. 20 of the Articles of Association and the pertinent laws and regulations in force.

A total of two slates – which were not found to be linked - were submitted.

Pursuant to art. 20, letter b) of the Articles of Association, 12 Directors were elected, with 61.61% of the voting shares, from the majority slate submitted by Sintonia SpA: Fabio Cerchiai (Chairman), Giovanni Castellucci (Chief Executive Officer), Carla Angela, Gilberto Benetton, Carlo Bertazzo, Elisabetta De Bernardi di Valserra, Massimo Lapucci, Giuliano Mari, Valentina Martinelli, Gianni Mion, Monica Mondardini, Lynda Tyler-Cagni.

Pursuant to art. 20, letter c) of the Articles of Association, 3 Directors were elected with 38.12% of the voting shares, from the minority slate submitted by a Group of asset management companies and other institutional investors on behalf of managed funds(5)5, namely: Bernardo Bertoldi, Gianni Coda and Lucy P. Marcus.

Following the resignation submitted by Gianni Mion, effective 31 December 2016, the General Meeting confirmed the appointment of Marco Patuano, already co-opted by the Board of Directors on 20 January 2017 the Board of Directors, with the relevant term of office expiring on the date of approval of the financial statements on 31 December 2018.

Eight (8) candidates declared that they met the independence requirements, pursuant to both article 148 paragraph 3 of the Consolidated Finance Act and article 3 of Atlantia's Corporate Governance Code, as subsequently verified by the Board of Directors (in this regard, reference is made to section 4.5 herein). Following the resignation of Director Linda Tyler-Cagni, there were 7 independent directors on 31 December 2018, namely Angela, Bertoldi, Coda, Lapucci, Marcus, Mari and Mondardini.

Following the passing away of Director Gilberto Benetton on 22 October 2018 and the resignation of Independent Director Lynda Tyler Cagni, which became effective on 16 November 2018, the Atlantia Board of Directors had 13 Directors at 31 December 2018. In the meeting of 14 December 2018, the Board of Directors decided not to proceed with the co-option of any member by integration of the Board of Directors in consideration of the imminent term end.

Non-executive and independent director Monica Mondardini submitted her resignation on 19 February 2019, effective immediately.

Following the aforementioned resignation by now former Director Mondardini, the number of Independent Directors on the date the present report was drawn up is 6.

⁵ Aberdeen Asset Management PLC, manager of: Abbey Life Assurance Company Limited, HBOS International Investment Funds-European Fund, Aberdeen Investment Funds UK ICVC II-Aberdeen European Equity Enhanced Index Fund, Scottish Widows Overseas Growth Investment Funds ICVC-European Growth Fund, Scottish Widows Investment Solutions Funds ICVC-Eurpean (EX UK) Equity Fund, Scottish Widows Investment Solutions Funds ICVC-Fundamental Index Global Equity Fund; Anima SGR SpA, asset manager for: Fondo Anima Geo Italia, Fondo Anima Geo Europa, Fondo Anima Italia and Fondo Anima Europa; APG Asset Management S.V. fund manager for Stichting Depositary APG Developed Markets Equity Pool; Arca S.G.R. SpA. manager of Arca Azioni Italia; Eurizon Capital S.G.R. SpA manager of: Eurizon Azioni Internazionali, Eurizon Azioni Area Euro, Eurizon Azioni Europa, Eurizon Azioni Italia and Malatesta Azionario Europa; Eurizon Capital SA manager of: Eurizon EasyFund - Equity Italy LTE, Eurizon EasyFund - Equity Industrials LTE Eurizon EasyFund - Equity Euro LTE, Eurizon EasyFund - Equity Europe LTE, Eurizon EasyFund – Azionario Euro, Eurizon EasyFund - Equity Italy and Eurizon Easy Fund – Equity Europe; FIL Investments International – FID FDS – Italy; Fideuram Investimenti S.G.R. SpA manager of Fideuram Italia; Fideuram Asset Management (Ireland) Limited manager of: Fideuram Fund Equity Italy and Fonditalia Equity Italy; Interfund Sicav manager of Interfund Equity Italy; Generali Investments Sicav manager of Euro Equity; Legal & General Investment Management Limited-Legal & General Assurance (Pensions Management) Limited; Mediolanum Gestione Fondi SgrpA manager of Mediolanum Flessibile Italia; Mediolanum International Funds Limited - Challenge Funds – Challenge Italian Equity; Pioneer Asset Management SA manager of: PF-Italian Equity e PF Global Equity Target Income; Pioneer Investment Management SGRpA manager of Pioneer Italia Azionario Crescita; Standard Life manager of: Standard Life Investment Company Eurpean Equity Income Fund, Standard Life Investment Global Absolute Return Strategies Fund, Standard Life DC Pension Managed Asset, SLI Global SICAV Global Absolute Return Strategies Fund, Standard Life European Equity Pension Fund and Continental European Equity Income SICAV and Ubi Pramerica SGR manager of: Ubi Pramerica Azioni Italia and UbiPramerica Multiasset Italia.

The Board of Directors thus comprises at least 1/3 of independent directors [in accordance with paragraph 2.2 sub-paragraph (c) of the Corporate Governance Code adopted by the Company] and at least 1/3 of the under-represented gender (pursuant to the Articles of Association and in pursuance of law no. 120 of 12 July 2011).

As of 31 December 2018, the Board of Directors comprises 11 non-executive Directors and two executive Directors (the Chief Executive Officer and Chairman). The number and authority of non-executive directors shall be such as to ensure that their opinions have a significant effect on board resolutions and that their specific skills and expertise are brought to bear on deliberations, thus helping to ensure that decisions are taken in the Company's best interests.

The Non-executive Directors at 31 December 2018 are: Angela, Bertazzo, Bertoldi, Coda, De Bernardi di Valserra, Lapucci, Marcus, Mari, Martinelli, Mondardini⁶ and Patuano.

The Board of Directors appointed Mari as the Director Responsible for the Internal Control and Risk Management System on 22 April 2016.

Regarding Giuliano Mari, the Board of Directors of Atlantia SpA, in the meeting on 15 February 2019 and in accordance with article 3.2 of the Company's Corporate Governance Code, verified the permanence of the independence requirement therein, in consideration of the appointment of the Chairman of the Board of Directors of the subsidiary Autostrade for l'Italia SpA on 30 January 2019.

Based on the outcome of the assessment, the Board of Directors opted to continue the independence requirement for Director Mari in accordance with the CFA and the Company's Corporate Governance Code in consideration of (i) the absence of management authority and power to influence the strategic decisions of Autostrade per l'Italia SpA, (ii) the magnitude of the emolument expected for the position, which does not compromise independence in light of relationships with the Company, and (iii) the short duration of the actual position at Autostrade per l'Italia SpA and role as Director in the Company, which are both expected to conclude with the approval of the 2018 financial statements.

The independence of Mr Mari, also confirmed in light of the term of nearly ten years of his experience and know-how acquired, not applying the related criteria automatically, and more in consideration of the substance than the form, can no longer be considered compromised by the new post at Autostrade per l'Italia.

⁶ Former Director Mondardini resigned from the Board of Directors as of 19 February 2019.

Mr Mari, upon assuming the post at the subsidiary Autostrade per l'Italia, believed to be capable of continuing the discharge of duties until the end of his term on the Board of Directors, based on the continuity of the cited independence requirements and also in consideration of the imminent dissolution of the Board and of the one of Autostrade per l'Italia in light of a substantial assessment regarding the opportunity to be able to conclude the important activities under way.

The Company's Corporate Governance Code specifies that Directors accept their election when they believe that they can devote enough time to carry out their duties diligently, also in view of the number of positions as a Director or Statutory Auditor held in other Italian and foreign companies listed on regulated markets, and in financial, banking, insurance or other large companies. Table 2 summarises the number of positions in such companies held by each Director as at 31 December 2018, in addition to their position in Atlantia. Annexe 1 lists the positions.

Turning to the matter of diversity and as mentioned above and as elected by the 2016 General Meeting, a third of the board members belongs to the least represented gender. Following the resignation of Lynda Tyler-Cagni, the number of directors belonging to the least represented gender at 31 December 2018⁷ was 5 (Carla Angela, Elisabetta Bernardi di Valserra, Valentina Martinelli, Lucy Marcus and Monica Mondardini). The composition of the Board also guarantees a representation therein of managerial and professional competences of a diverse nature, and the presence of different age groups and seniority as indicated in Annexe A. The Board of Directors confirmed this circumstance during the selfassessment, concluding a positive opinion regarding the diversity represented in the Board of Directors in terms of age, experience/seniority and gender.

⁷ On the date when the present report was drawn up, there were 4 directors belonging to the least represented gender because of the resignation of Ms Mondardini on 19 February.

For the time being, the Company has decided to adopt no further policies on diversity in the composition of the Board of Director and the Board of Statutory Auditors provided for under article 123-bis, paragraph 2, sub-paragraph d-bis of the CFA, considering that Atlantia has already adopted, pursuant to the articles of association, a policy ensuring gender balance in the composition of the Board of Directors and the Board of Statutory Auditors, and in light of the positive results of the diversity self-assessment by the Board.

In its meeting on 18 January 2019, the Board of Directors updated the Atlantia Corporate Governance Code, including: i) the diversity-related amendments in the Corporate Governance Code of Listed Companies in July 2018 and ii) incorporating, albeit without adopting a specific policy thereon, the possibility for the Board of Directors to convey guidelines to Shareholders regarding managerial figures and professionals whose presence on the Board of Directors is considered to be appropriate, also considering the new diversity criteria incorporated in the Code.

In this regard, on 15 February 2019, the Board of Directors approved, after receiving the opinion of the Appointments Committee (refer to paragraph 7), the "Opinion on the Guidelines for renewing the Board of Directors for the three-year period 2019-2021", to submit to Shareholders in light of the presentation of the slate for the upcoming General Assembly convened to approve matters including yet not limited to the renewal of the Board of Directors.

Lastly, in light of the measures that the Company has taken to promote equal gender opportunities and treatment, during 2018, as party to the Global Compact, and in keeping with the constitutionally established principles of gender equality, Community legislation regarding the protection of the dignity of men and women at the workplace and the pertinent Italian laws and legislation, the Atlantia Group has adopted a Code of Conduct to safeguard against discrimination and protect the dignity of the men and women at the Group. Thus, with a view to maintaining the best possible internal well-being conditions at the workplace, ensuring a working environment inspired by the principles of equality and protection of liberty, dignity and the inviolability of the individual.

Article 1.5 of the Company's Corporate Governance Code confers the Board of Directors with powers to express its views on the maximum number of directorships or positions as statutory auditor that Directors can hold in listed companies, whether Italian or foreign, in financial, banking or insurance companies or in large companies, taking into account also the participation of Directors in Board Committees, in order not to undermine the effectiveness of their role as Company Directors or Statutory Auditors. Such guidance should be interpreted in conjunction with the requirements laid down therein, whereby, regarding the maximum number of positions, the Board of Directors considers as a necessary precondition for potential Directors or Statutory Auditors the availability of an adequate amount of time to serve effectively in office (see application criterion 1.C.3 of the corporate governance code for listed companies). Such assessment should be made by the shareholders, when they select the candidates for inclusion in the slate for election to the Board of Directors and Board of Statutory Auditors, and, most of all, by candidates to such offices.

In this regard, it should be noted that the aforementioned Opinion on the Guidelines for renewing the Board of Directors, the Board of Directors recommended that candidate Directors of Atlantia hold, at the time of their candidacy, including possible appointment to the Board of Directors of Atlantia and likewise considering other possible offices held in the same corporate structure, a number of positions that, by their very nature, complexity, duties and functions, could be compatible with an effective discharge of the duties inherent to Company Director, and also in consideration of the participation of Directors in Board committees.

In order to enable the Directors to carry out their duties in an informed manner, the Company's Chairman has launched a number of initiatives aimed at increasing their knowledge of the Company and how it operates, including updates on developments in the regulatory and self-regulatory environment. In particular, two "induction" sessions were held on 16 February and 8 June 2018 for Directors and Statutory Auditors in reviews regarding developments in the development plans for Fiumicino Airport and its Business City, and regarding the privacy protection system for computer data and commercial activities of Autostrade per l'Italia SpA and Aeroporti di Roma SpA.

The conduct of the Board of Directors to any general waiver by the General Meeting of the non-competition clause must be consistent with legislation regarding the powers authorised by the General Meeting as permitted by art. 2390, Italian Civil Code.

However, so far the Shareholders have never authorised any waiver of the non-competition clause under article 2390, Italian Civil Code.

- Assessment of the size, composition and functioning of the Board of Directors

Article 14 of Atlantia's Corporate Governance Code, in keeping with criterion 1.C.1 subparagraph g) of the Corporate Governance Code for Listed Companies, adopted Recommendation no. 2002/162/EC of the European Commission, which provides, inter alia, that the Board of Directors of a listed issuer assess its work annually, using its own composition, organization and functioning as standards of reference.

This self-assessment was already carried out in January 2019 for 2018.

The self-assessment process carried out by the Company's Governance structure was carried out in the following stages:

preparation by the Company of a comprehensive self-assessment questionnaire to gather opinions on functioning in relation to the size and composition of the Board and its Committees. The questionnaire was sent to the 13 standing Directors at the time and the Chairman of the Board of Statutory Auditors;
collection of data and examination of indications and comments from the questionnaires, and processing of the results in an anonymous and aggregate manner;
drawing up of a summary report in light of the information gathered.

In particular, the aspects listed below were assessed:

size, composition and diversity representation in the Board of Directors;
functioning, decision-making processes and role of the Board of Directors;
Chairman's role
strategy and objectives
structure and people;
Committees of the Board of Directors;
board dynamics, self-assessment method and benchmarking.

The results of the self-assessment process and corresponding analysis indicate that most responses were positive, with a particular appreciation of the openness and quality of board discussions.

Turning to the key strengths, nearly all responses:

hold that the present size of the Board, as contemplated by the Articles of Association, is appropriate;
believe to be suitably prepared for the requirements of the office and in possession of the knowledge necessary for the duties, responsibilities and the reference regulatory framework;
appreciate the onboarding programme and, in general, the ongoing training activities organised for Directors. Further matters were also proposed as ideas for further investment in training, including:
- 1. Updates on Abertis operations and the corresponding organisation of the Group
- 1. Information Technology;
retain that the number of Board meetings suffices to address relevant matters on the agenda;
are satisfied with the frequency of meetings and the calls thereto;
believe that the interaction between the Board of Statutory Auditors, the Board of Directors and other bodies is constructive and well balanced;
transmit full satisfaction regarding the minutes, finding the process to be effective and timely in reporting deliberations based on single arguments and views;
consider that the matters reserved to the Board of Directors are such as to allow Directors to take part in the most important decisions for the effective management of the Company and management and coordination activities in the subsidiaries;
cite the Abertis operation when referring to the decision-making process as an example of an effective decision made by the Board in 2018;
are satisfied with how price-sensitive information is managed;
believe that the Board is sufficiently informed regarding the confidentiality of the items addressed;
appreciate the role carried out by the Chairman, particularly in ensuring the appropriate and timely definition of the items on the agenda and the way in which the Chairman effectively managed relations with all key stakeholders;
feel strongly motivated to be part of the Board;
view the method adopted for self-assessment to be entirely appropriate.

With reference to article 123-bis, paragraph 2, sub-paragraph d-bis of the Consolidated Finance Act on the implementation of diversity policies, the responses expressed a positive view of Atlantia's Board of Directors.

Diversity is respected in the Board's composition, in terms of age, experience/seniority and gender, while less emphasis was placed on training, culture and international experience.

The latter aspect, whose priority dimension is even beneficial for potential future deliberations regarding the diversity policy for the Board, was similarly indicated as susceptible to improvement, particularly in light of the recent acquisition of the Abertis Group. Though to a lesser degree, some Directors mentioned the advisability to incorporate expertise in legal and IT fields.

In this regard, Atlantia adopted in the articles of association a policy in compliance with the applicable legislation that guarantees gender balance in the composition of the Board of Directors and the Board of Statutory Auditors.

At the meeting of 14 February 2019, the Control, Risk and Corporate Governance Committee performed a preliminary review of the outcome of the 2018 self-assessment.

At the meeting of 15 February 2019, the Board of Directors analysed the results and confirmed the positive trend in recent years of the self-assessment with the participation of the Board of Statutory Auditors.

The assessment on the functioning and composition of the Board of Directors and committees thereof also contains the recommendations addressed in the letter of 21 December 2018 from the Chairman of the Italian Committee for Corporate Governance.

- Activities performed in 2018

The Board of Directors of Atlantia held a total of 16 meetings in 2018 with an average length of 2.5 hours.

The average attendance of Directors at Board meetings was 88.4% (Table 2 lists the attendance percentage for each Director).

On the occasion of the meetings Directors were provided sufficiently in advance with all the necessary documentation to ensure fruitful participation in Board discussions. The Chairman ensured that the documents provided in advance were timely and complete, preserving the confidentiality of the relevant data and information.

In order to ensure the timeliness and completeness of pre-meeting information for the Board of Directors, documentation relating to board meeting agenda items was sent by email in compliance to procedures for confidential information sufficiently in advance to review the items on the agenda, and in any case before the date of the Board of Directors' meetings.

On the limited number of occasions where the documents could not be provided sufficiently in advance, care was taken to illustrate in suitable and accurate manner the matter, providing all the necessary clarifications was provided during the Board meeting, where required, and making available by e-mail the relevant documentation in any case.

The Company's Chief Financial Officer, who the Board of Directors assigned the role of Manager Responsible for Financial Reporting, participated in the Board meetings.

The Chairman assured that Directors were able to participate in initiatives aimed at providing them with sufficient expertise in the sector in which Atlantia works, corporate dynamics and their evolution as well as the regulatory and self-regulatory environment. Regarding 2018, reference is made to paragraph 4.2.

At its meeting of 12 July 2018, the Board of Directors approved the dates of Board meetings it expects to be held during 2019, in which regard 11 meetings were scheduled.

A calendar of corporate events showing the dates of Board of Directors' meetings to approve the annual, six-monthly and quarterly financial reports has been published in accordance with the applicable regulations and made available on the Company's website at www.atlantia.it.

As of the date of this Report, 3 meetings had been held in 2019.

The Board of Directors activities in 2018 included:

assessing the Company's performance after considering information provided by executive directors and officers and comparing planned with actual results;
approving transactions of Atlantia and its subsidiaries with a significant strategic impact on earnings, financial conditions and cash flows based on the provisions of paragraph 4.3 and the Company's Corporate Governance Code;
approval of the Group budget in the Board of Directors' meeting on 18 January 2018 and acknowledgement of the Group's medium- and long-term projections;
assessment of the appropriateness, effectiveness and proper functioning of the internal control and risk management system at Atlantia and the Group for 2017 during the meeting on 2 March 2018. The Board of Directors also assessed the guidelines for the aforementioned internal control and risk management system.

Pursuant to article 3 of Consob Resolution no. 18079 of 20 January 2012, on 17 January 2013, Atlantia's Board of Directors approved participation in the streamlining required by arts. 70, paragraph 8, and paragraph 1-bis of CONSOB Resolution 11971/1999 of 20 January 2012, as amended, exercising the option to depart from the obligation to publish the information required by Annexe 3B of the Resolution for significant mergers, demergers, capital increases through in-kind contributions, acquisitions and assignments.

* * * *

The Board of Directors, upon proposal of the CEO, established the Internal Audit department, effective 1 January 2015, and at the recommendation of the Director in charge of the Risk Management and Internal Control System and subject to the consent of the Control, Risk and Corporate Governance Committee, and having consulted with the Board of Statutory Auditors, appointed Concetta Testa as Director of the Group Internal Audit department

4.3 Role of the Board of Directors

The Board of Directors is the corporate body responsible for the management of the Company and is, therefore, the only body with the authority and full powers to conduct the affairs of the Company in pursuit of the priority objective of creating shareholder value.

In performing its duties, the Board of Directors must comply with the principles of proper management of the Company and its affairs by observing all relevant laws and regulations and requirements of the Code of Ethics.

The Board of Directors oversees the proper execution and implementation of powers that it has delegated and has the power to issue directions regarding the powers so delegated and to assume responsibility for related transactions. The Board of Directors must, in any event, continue to be vested with policy-making and control powers in respect of the overall operations of the Company in its various components.

The Board of Directors is provided with accurate and timely reports by holders of delegated powers within the Company regarding the performance of those powers and with respect to the Company's business undertakings and their outlook, as well as transactions entered into by the Company and the Group that are considered material due their size or nature. Consequently, as required by art. 27 of the Articles of Association, Directors delegated with specific powers reports to the Board of Statutory Auditors on transactions having significant effects on the results of operations and financial position entered into by the Company and Subsidiaries, particularly having regard to any such transactions that involve Directors acting on their own behalf or on behalf of third parties. Such reports are made on the occasion of Board meetings to be held at least every quarter or, for urgent matters, in documentation to be sent by registered mail to each standing Auditor.

The responsibilities of the Board of Directors, specified in article 1.3 of the Atlantia Corporate Governance Code include:

adopting the Company's corporate governance rules and setting out the guidelines for the Group's corporate governance;
approving and periodically monitoring the implementation of short and long-term strategic, operating and financial plans for the Company and the Group, in addition to making any changes that become necessary to engage in transactions of strategic importance not originally contemplated in the plans;
approving transactions that are of strategic or commercial significance or have a material effect on the Company's results of operations, financial position or cash flows;
determining and revoking powers of the Chairman, Chief Executive Officer and any other executive Directors; appointment of members of the Human Resources and Remuneration and the Risk Control and Corporate Governance, establishing any limits thereto, the manner in which their powers are to be exercised and the frequency at which the officers (at least quarterly) and committees (at least half yearly) holding such powers are required to report on the activities undertaken in the performance of their delegated powers and duties;
assessing the adequacy of the organisational, administrative and accounting structure of the Company and the Group; reviewing and assessing the general performance of the Company and the Group with periodic comparison of actual with forecast results; reviewing and assessing the existence of any conflicts of interest in the performance of such reviews with reference to information received from delegated bodies, the Company's and Group's management and the Internal Audit department, and particularly any information received from the Chairman, Chief Executive Officer and the Risk Control and Corporate Governance Committee;

The Board of Directors shall meet on the basis of the meeting schedule approved every year by the Board of Directors, or whenever deemed appropriate by the Chairman. Meetings may also be called by Directors and/or the Board of Statutory Auditors and/or Statutory Auditors, pursuant to the law and the Articles of Association.

The Chairman and the Chief Executive Officer normally inform the Board of Directors during the meeting about significant events that have occurred since the last meeting and, at least on a quarterly basis, about the overall performances of the Company and the Group, the outlook and their exercise of the powers granted to them. Prior to the meeting, and subject to the procedure for market announcements, the Directors shall be provided with adequate information and documentation regarding the matters to be discussed and included in the agenda. The material, which shall include the content of the resolutions to be voted on, must normally be sent to the Directors at least three days before the date of the meeting to which it refers.

Any Director may propose agenda items for future meetings of the Board of Directors. Every Director shall also be entitled to raise issues, during the meeting, that are not on the agenda. The meeting shall decide whether or not to deliberate the issue not on the agenda by majority vote of all the Directors present.

The participation at Board of Director meetings of the General Manager, where appointed, the Chief Financial Officer, the Manager Responsible for Financial Reporting and of any other managers – in relation to agenda items for which the Board deems their contribution to be of consequence – is deemed to be consistent with management of the Company in pursuit of the creation of shareholder value.

The Chairman, with attendees' consent, may invite other external persons to attend meetings of the Board of Directors as observers or in order to provide support or advice. To that end, 2018 saw the participation in Board meetings of Company and Group directors and executives, depending on the area of expertise, to discuss in greater depth items on the agenda.

* * * *

4.4 Executive Directors and Officers

- Executive Committee

The Board of Directors has not set up an Executive Committee.

- Chairman of the Board of Directors

Chairman Fabio Cerchiai, according to article 30 of the Articles of Association, is vested with the powers of representation before third parties and in legal proceedings.

The Chairman also has an executive role, in as much as he is also responsible, in addition to the powers provided by law and the Articles of Association, for the following:

following, in accordance with the plans approved at Board level, general initiatives designed to promote the image of the Company and the Group in Italy and abroad, and manage the related communications;
following any legal issues relating to the Company;
following the preparation and presentation of proposals on the Company's and the Group's strategic, industrial and financial plans, including multi-year plans, by the Chief Executive Officer;
following the operating and financial performance of the Company;
overseeing the internal control system;
ensuring the accuracy and timeliness of disclosures to market regulators, in agreement with the Chief Executive Officer;
following the preparation of external and investor relations strategies; together with the CEO setting the agenda for and participating in meetings with strategic investors;
overseeing corporate affairs and the proper implementation of Board resolutions;
representation, in implementation of resolutions approved by the relevant corporate bodies, the Company at the ordinary and extraordinary general meetings of companies or entities in which the Company holds interests, with discretionary powers to confer

specific powers on the Company's employees or other parties with respect to participation in such meetings;

overseeing relationships between the Company and Italian and non-Italian authorities, entities and organisations, including those of a supranational nature, and managing the relevant communication process.
ensuring the receipt by Directors of all the necessary documentation regarding items on the agenda for Board meetings sufficiently in advance, in order for them to participate effectively and constructively in the business of Board meetings;
ensuring adequate information flows between the Company's Board and other management and corporate bodies to assure that decisions are consistent with Board resolutions.

- Chief Executive Officer

At its meeting of 22 April 2016, the Board of Directors re-appointed Giovanni Castellucci as Chief Executive Officer and General Manager. The Chief Executive Officer is responsible for the execution of Board resolutions falling within the scope of his duties and the management of the company.

Atlantia observes the requirement of art. 2391, Italian Civil Code, that directors must notify other directors and the Board of Statutory Auditors of any interest of the director or a third party in a transaction of the Company advising the nature, terms, origin and importance. In the event such director is the Chief Executive Officer, the director should refrain from becoming involved in the transaction delegating all powers to the Board.

The CEO is responsible for the formulation and presentation of proposals to the Board of Directors regarding:

short and long-term strategic business and financial plans of the Company and the Group,

in addition to any revisions to such plans needed to undertake strategic transactions not originally foreseen;
budgets and the Group's consolidation;
corporate transactions/operations of the Company and Group;
determination of the policies and coordination of Group Companies within the scope of the powers vested in him by the Board of Directors according to the Management and Coordination Regulation adopted by the Company as per letter f), Section 2;
preparation, in accordance with the Board of Directors' guidelines, external and investor relations strategies and implement the relevant contact plans; in agreement with the Chairman, to define and implement plans for contacting strategic investors;
acquisition and disposal of equity interests in Companies, Entities, Consortia and Temporary Groupings of Companies and, in general, to conclude any stock market transaction of up to €5,000,000 per transaction, even though such transaction might consist of a series of smaller transactions carried out on different occasions.

The General Manager's responsibilities include:

conclusion of contracts with any third party in relation to the business purpose, provided that the amount does not exceed €5,000,000 per contract;
conclusion of legal instruments and agreements intended to settle disputes, involving amounts of up to €2,000,000 per settlement;
conclusion of legal instruments and agreements for the extension of loans to Group companies and guarantees to, or on behalf of, third parties (including Group companies), provided that the amount does not exceed €5,000,000 per transaction;
conclusion of legal instruments and agreements for the issue of surety bonds involving a maximum notional amount of €10,000,000, for the payment of fees of no more than €30,000.00 p.a. for terms of 36 months or less, to guarantee the proper performance of obligations undertaken, for whatever reason, by the Company or its direct and indirect subsidiaries.

The Chief Executive Officer regularly, at least quarterly, submits the same report to the Board of Directors and the Board of Statutory Auditors on the activities performed in discharging his duties, ensuring, above all, that the Board of Directors receives adequate information on significant, irregular, unusual or related party transactions, or transactions in which the Chief Executive Officer acts in his own interest or in the interests of third parties, so that the Board of Directors may, in turn, formally report to the Board of Statutory Auditors.

Similar reporting requirements are applicable to executive Directors in respect of the activities performed in discharging their duties.

The Company's CEO is in no situation of interlocking directorate.

4.5 Independent Directors

A suitable number of non-executive Directors are required to qualify as independent Directors.

On the basis of the provisions of the Company's Corporate Governance Code, a Director shall normally, but not necessarily, be disqualified from being an independent Director if the Director:

a) directly or indirectly controls the issuer, including control exercised through subsidiaries, trustees or through a third party, or is able to exercise significant influence over the issuer, or participates in a shareholders' agreement through which one or more persons may exercise control or significant influence over the issuer;
b) has, or had in the previous year, a direct or indirect commercial, financial or professional relationship of significance with (i) the issuer, a subsidiary of the issuer or any prominent representative of such parties, (ii) with a party, who, either alone or together with others through a shareholders' agreement, controls an issuer or (for companies or entities) with any prominent representative thereof;
c) is or was, at any time during the previous three years, an employee of the issuer, one of its subsidiaries or any party controlling the issuer through a shareholders' agreement, or of a representative of the issuer;
d) is or was, at any time during the previous three years, a representative of the issuer or any of the issuer's strategically important subsidiaries, or of a company jointly controlled with the issuer; or, a company or other entity that, whether acting alone or in concert with others through a shareholders' agreement, controls the issuer or is able to exercise significant influence. 'Prominent representative' means the Chairman, legal representative, executive Directors and key management personnel;
e) receives, or has received in the past three years, from the issuer or a subsidiary or parent of the issuer, significant additional remuneration compared to the "fixed" (as determined by Atlantia) remuneration paid to a non-executive Director of the issuer,

including participation in performance-related incentive plans, including share option plans;

f) is the Executive Director in another company in which an executive Director of the issuer is a Director;
g) is a shareholder or a Director of a company or entity belonging to the group of companies appointed to audit the issuer's accounts;
h) is a close family member of an individual who holds any one of the above positions or engages in any one of the above activities;
i) was a Director of the Company for more than nine of the last twelve years.

As mentioned above, such examples are to be construed as merely guidelines and not mandatory insofar as their occurrence is in any case subject to the assessment of the Board of Directors.

The independence of Directors shall be periodically reviewed by the Board of Directors, based on information provided by the individuals concerned and that available to the Company. The Board shall examine the Director's direct or indirect commercial, financial or professional relationships with the Company, assessing their significance both in absolute terms and with reference to the economic and financial position of the individual concerned. To this end, account shall be taken of any relations that, although not significant from a financial viewpoint, are of particular importance for the prestige of the interested party. The results of the Board of Directors' reviews shall be disclosed to the market.

Any criteria used for the determination of independence other than that provide by the Code is assessed, as and when necessary, by the Board of Directors.

In particular, regarding director independence, both pursuant to article 148, paragraph 3, of the CFA and the Company's Corporate Governance Code, the Board of Directors currently in office assessed the relevant statements by Directors Angela, Bertoldi, Coda, Lapucci, Marcus, Mari, Mondardini and Tyler-Cagni upon submission of their candidacy in the meeting of 8 June 2018, pursuant to article 144-novies, paragraph 1 bis, sub-paragraph a) of the Regulations for Issuers.

On 8 June 2018, the Board of Statutory Auditors, according to article 15, paragraph 7 of the Company's Corporate Governance Code, verified the correct application of the criteria and procedures adopted by the Board of Directors in assessing the independence of Directors.

The outcome of the assessments conducted by the Board of Directors and the Board of Statutory Auditors was disclosed to the market on 8 June 2018.

As of 31 December 2018, following the resignation of Director Lynda Tyler Cagni, there are 7 Independent Directors⁸ .

Provided that Atlantia is still a component of the FTSE MIB, article 2.2 of the Company's Corporate Governance Code requires that at least one third of the Board of Directors must be independent. In the event one third is not a whole number, it is rounded.

The number of independent Directors may, however, never be less than two. Atlantia's Corporate Governance Code requires the independent Directors to meet separately in closed session at least once a year. Furthermore, the Code requires that the meetings of the Independent Directors be considered separate and different from meetings of the Board of Directors.

In 2018, Independent Directors met in absence of the other directors on 31 August 2018, 14 September 2018 and 8 November 2018; the meetings were held to address the tragic event that occurred on 14 August 2018.

4.6 Lead Independent Director

According to article 30 of the Articles of Association, the Chairman and Chief Executive Officer are authorised to represent the Company.

The separation of the positions of Chairman and Chief Executive Officer renders the appointment of a Lead Independent Director unnecessary.

⁸ Following the aforementioned resignation by now former Director Mondardini, the number of Independent Directors on the date the present report was drawn up is 6.

5. PROCESSING OF CORPORATE INFORMATION

With regard to the internal management and publication of documents and information relating to Atlantia, with specific reference to price sensitive information, the Company's Board of Directors has adopted the following procedures:

the Procedure for Market Announcements;
the Code of Conduct for Internal Dealing.

Moreover, in June 2016, following a positive opinion of the Control, Risk and Corporate Governance Committee, in 2014 the Board of Directors updated both procedures, to introduce the amendments required by the Regulation of the European Parliament and the European Union of 16 April 2014, no. 596/2017 on market abuse ("MAR Regulation"), the Commission implementing Regulation no. 347/2016 and the Commission delegated Regulation of 17 December 2015, no. 2016/522 (Delegated Regulation). The updated versions of these documents are available on the internet at: www.atlantia.it/it/corporate governance/.

The Procedure for Market Announcements regulates the internal management and publication of price sensitive information by Atlantia SpA and its subsidiaries (meaning the companies controlled directly or indirectly by Atlantia), as provided for in the related regulations and in compliance with art. 8 of the Company's Corporate Governance Code and art. 7 of the Group's Code of Ethics.

In particular, the Chairman and Chief Executive Officer are responsible for managing confidential information in line with the requirements of Atlantia's Corporate Governance Code (articles 6.3, letter c, and 8.1) and their powers. The Chairman is responsible for proper and prompt disclosure to market regulators and the Chief Executive Officer for providing the market with trading updates.

In compliance with the MAR Regulation and the Implementing Regulation EU no. 347/2016, Atlantia has established a register of persons with access to insider information as a result of their jobs, profession or in the course of the performance of their duties.

The Domestic Legal and Corporate Affairs unit is responsible for keeping the Register current.

The same unit also notifies the relevant persons that they have been included in the register and of all subsequent variations, and/or deletions and advises them of the responsibilities involved in accessing and properly managing information into which they may come into possession as well as obligations of confidentiality.

The Procedure for Market Announcements is completed and supplemented by the provisions of the Code of Conduct for Internal Dealing, in implementation of the applicable rules and regulations (the "Code of Internal Dealing").

The Code of Internal Dealing governs the reporting requirements of Relevant Persons to Atlantia and the Market on transactions (share purchase, sale subscription or exchange) concluded by such persons on shares and bonds, or on related financial instruments, issued by Atlantia, within the limits and terms imposed by the Code.

The Company's Code of Internal Dealing identifies Relevant Persons and "Persons closely linked to them", also establishing that it is the responsibility of a Relevant Person to indicate other Persons who, in relation to the activities performed by or tasks assigned to them, including for limited periods of time, are subject to the same rules as Relevant Persons.

The Code of Internal Dealing also provides that Relevant Persons and Persons Closely Linked to them may not trade in the Company's shares and bonds, or related financial instruments, during the thirty days preceding an announcement to the market of Board of Directors approval of the Company's draft annual and semi-annual financial statements, or in the ten days preceding the announcement to the market of additional information pertaining to the first and third quarters.

The aforementioned procedures are under review in light of the legislative developments incorporated with Consob Resolution No. 19925 of 22 March 2017 and Legislative Decree No. 107 of 10 August 2018, to incorporate the Insider Information Management Guidelines published by Consob and the ESMA guidelines on market abuse.

****

6. BOARD COMMITTEES

The Board of Directors established the Committees listed below, pursuant to the recommendations of the Corporate Governance Code for Listed Companies:

1) Control, Risk and Corporate Governance Committee;
2) Human Resources and Remuneration Committee, and
3) Appointments Committee (created by the Board of Directors in the meeting on 18 January 2019).

The Board of Directors also created the Committee of Independent Directors with responsibility for Related-Party Transactions, pursuant to the CONSOB Regulations on related-party transactions.

Regarding said Committees, reference is made to the following sections of the Report.

* * * *

In 2004, the Company created the Committee for Social and Environmental Responsibility, now named Sustainability Committee, which is responsible for setting out the Group's Sustainability strategies, policies and objectives, monitoring closely their effectiveness.

This Committee approves the guidelines for the reports that describe and convey to the outside the Group's approach to Sustainability.

This Committee is chaired by an external representative and comprises a total of 21 members, including the Atlantia CEO and executives with the qualifications and expertise necessary to support the Committee's activities.

* * *

7. APPOINTMENTS COMMITTEE

On 18 January 2019, the Board of Directors, in adherence to the recommendations of the aforementioned Corporate Governance Code for Listed Companies, implemented an Appointments Committee, thus updating the cited Code.

The Committee comprises 5 Directors, with a majority of independent directors: Gianni Coda (Independent Director) in his capacity as Chairman, Carla Angela and Bernardo Bertoldi (Independent Directors), Marco Patuano (Non-executive Director) and Giovanni Castellucci (Chief Executive Officer).

The Appointments Committee is tasked with assisting the Board of Directors in an advisory capacity according to articles 4 and 5 of the Corporate Governance Code for Listed Companies. In this regard, in particular, the Committee:

a. advise the Board of Directors regarding the size and composition of the Board;
b. convey recommendations to the Board of Directors concerning which professional profiles should be on the Board;
c. convey recommendations to the Board of Directors regarding the maximum number of directorships or positions as statutory auditor in listed companies, even when foreign entities, financial, banking, insurance companies or large corporations that could prove to be compatible with the effectiveness of their role as Company Directors or Statutory Auditors, in consideration of the Directors' participation in the Board Committees thereof;
d. convey recommendations to the Board of Directors concerning potential problematic issues linked to the application of the non-compete obligation for Directors under article 2390 of the Italian Civil Code if the General Meeting authorises, in general or as a preventive step, mandates in this regard;
e. submit proposals to the Board of Directors regarding nominees for the position of Director in cases of co-option whenever there is a need to replace Independent Directors;
f. advise on compliance of proposals for appointments carried out by the Company's CEO, chairmen, executive directors, non-executive directors (when outside the Group) and auditors with the "Guidelines for appointing members of corporate bodies of strategic importance"

The Appointments Committee will assess application of the diversity criteria insofar as article 123-bis, paragraph 2, d-bis of the CFA in relation to the composition of the Board of Directors as set out in the preceding letters a) and d).

The Committee will remain as such until approval of the financial statements for the year ended 31 December 2018.

On the date when the present Report was drawn up, the Committee met twice for an average duration of one hour. All members were present at the meeting. The activities were coordinated by the Chairman and minutes were kept of the meeting.

During the meeting of 15 February 2019, the Committee drew up the report for the Company's Board of Directors regarding the future size and composition of the board of directors to submit to the Shareholders in light of the slate voting procedure for the General Meeting to convene to, inter alia,re-elect the Board of Directors.

8. HUMAN RESOURCES AND REMUNERATION COMMITTEE

As provided for under article 10 of Atlantia's Corporate Governance Code, the Board of Directors has set up a board committee called the Human Resources and Remuneration Committee, which has five non-executive Directors. The Committee has investigative functions and provides consultation and advice to the Board. At least one member of the Committee must possess adequate financial knowledge and expertise, to be evaluated by the Board of Directors at the time of appointment. The Committee elects the Chairman from among its members.

With reference to the composition of the Committee, Atlantia's Corporate Governance Code deviates in part from principle 6.P.3 of the Corporate Governance Code for Listed Companies, which provides that: "The Board of Directors shall establish, from among its members, a remuneration committee, made up of independent directors. Alternatively, the committee can be made up of non-executive directors, the majority of which being independent; in which case, the chairman of the committee is selected from among the independent directors. At least one committee member shall have an adequate knowledge and experience in finance or remuneration policies, to be assessed by the Board of Directors at the time of his/her appointment".

In fact, the Board of Directors was granted the broadest powers possible when determining the Committee's composition to assess the experience, professionalism and independence of the non-executive directors considered to be the best candidates for the committee.

This approach was approved by the Board of Directors at the meeting of 14 December 2012, having heard the opinion of the Control, Risk and Corporate Governance Committee.

This, however, did not preclude Atlantia's Board of Directors from adopting, upon the appointment of the Human Resources and Remuneration Committee in office, a composition in line with the recommendation contained in principle 6.P.3 of the Corporate Governance Code for Listed Companies ("Alternatively, the committee may be made up of non-executive directors, the majority of which to be independent; in this case, the chairman of the committee is selected among the independent directors") as the majority of members of the Committee consists of independent directors and the Chairman is a Director that fulfils the independence requirement.

In the meeting held on 22 April 2016 Atlantia's Board of Directors appointed the following non-executive Directors as members of the Committee: Carlo Bertazzo, Gianni Coda (Independent), Massimo Lapucci (Independent), Monica Mondardini (Independent) and Lynda Tyler-Cagni (Independent).

At the meeting of 9 June 2016, the Committee appointed independent Director Lynda Tyler-Cagni as its Chairman.

Following the resignation of Ms Tyler-Cagni from her positions at Atlantia, the Company's Board of Directors integrated the composition of the Human Resources and Remuneration Committee in a meeting on 14 December 2018, appointing Independent Director Carla Angela to that Committee.

In the next meeting on 17 January 2019, the Committee appointed independent Director Gianni Coda as its Chairman.

On 19 February 2019, independent director Mondardini submitted his resignation of the posts of Director and member of the Human Resources and Remuneration Committee.

The possibility to appoint non-executive Directors as members of the Committee – without the obligation for the majority to be made up of independents – allows the Board of Directors the broadest choice of highly qualified candidates for the position. In the meantime, the Board may appoint as members of the Committee all independent directors, or a majority of Independent Directors, thus following, in fact, the recommendations of the Corporate Governance Committee – which was in fact the case in this particular instance.

The objective is to allow the Board of Directors to identify, from among its members, those non-executive Directors that, for various reasons (such as professional experience, specific duties assigned to the Committee, individual characteristics, ability to express a substantially independent conduct, beyond the formal requirement etc.), are best suited to ensure the proper functioning of the Committee and to provide research support to the Board of Directors on financial issues and related compensation policies.

Upon their appointment, the Board found that all the Committee members are in possession of specific and adequate financial expertise and at least one has expertise in remuneration policy.

The Committee elects a Chairman from among its members and

a) submits proposals to the Board relating to the establishment of a general policy for the remuneration of the Chairman, the Chief Executive Officer, executive Directors and key management personnel (in the latter case, based on the information provided by the Chief Executive Officer), including for the purpose of preparing the Board's report describing the policy, to be presented to the Annual General Meeting, and periodically assesses the adequacy, overall consistency and effective application of the general remuneration policy approved by the Board;
b) submits proposals to the Board to determine the criteria for the remuneration of Company and Group senior management, including the relevant performance targets related to the variable component thereof;
c) monitors application of decisions taken by the Board, verifying above all the effective achievement of performance targets;
d) examines any share-based or cash incentive plans for employees of the Company and the Group, and strategic staff development policies.

As required by the Corporate Governance Code, the Chairman and Chief Executive Officer/General Manager attend the Committee's meetings, except for meetings at which proposals regarding their own remuneration are discussed.

As required by the Committee's Regulation, the Chairman of the Board of Statutory Auditors (or other Standing Auditor designated by the Chairman) participates in meetings – upon request of the Committee's Chairman - whenever matters are deliberated for which the Statutory Auditors' recommendation is required; this particularly includes meetings where the overall compensation of Chairman of the Board of Directors, the Chief Executive and other Directors is determined or the criteria for the remuneration of Company and Group key management personnel and senior management for approval by the Board of Directors as recommended by the Board of Statutory Auditors.

The Committee's meetings are attended also by the Group Head of Human Resources who, in his capacity as Secretary of the Committee (as appointed on 9 June 2016), records the minutes of the meeting.

The Committee's meetings may be attended also by other persons, if requested by the Committee, to provide information and opinions on specific agenda items.

The Corporate Governance Code of Listed Companies calls for the Chairman of the Committee to report to the Board of Directors, as soon as feasible, on the meetings held. The Atlantia Corporate Governance Code adopted the recommendation, leaving it up to the Committee Chairman and the Directors to choose the most appropriate date to report to the Board on the activities performed. This also not to overburden further the Board's activities.

In 2018, the Committee held six meetings, which were duly recorded on minutes by the Secretary, with an average duration of approximately one hour and a half (the percentage attendances of Committee members at the meetings are shown in Table 2) and took decisions and formulated proposals regarding the following points:

Planning of the Committee's activities for 2018;
Evaluation of the implementation and adequacy of the 2017 Policy;
2018 Remuneration Policy for the Atlantia Group;
Preparation of the Atlantia Group's 2018 Remuneration Report;
Report on the 2018 Remuneration of Autostrade Meridionali SpA (a listed indirect subsidiary of Atlantia);
Assignment of 2018 objectives (annual);
2017-2019 LTI Plans: identification of beneficiaries and 2nd cycle target;
Final results related to the 2017 annual objectives (annual target);
2014-2016 LTI Plan: progress report on the implementation of the plan and review of Gate achievement;
Overall compensation package for the Group's key management personnel;
Atlantia Group incentive schemes: focus on regulatory elements.

The Board has been supported by verifiably independent leading consultancy firms for the above matters.

At least five meetings are planned for 2019, three of which have already been held at the date of this Report.

The Company, through the Head of Human Resources, ensured that the Committee had access to the information and functions necessary for the performance of its duties and, when so required, the Committee availed itself of external consultants.

9. REMUNERATION OF DIRECTORS

Atlantia's Board of Directors approved a Group Remuneration Policy on recommendation of the Human Resources and Remuneration Committee in December 2011.

At the Board meeting of 2 March 2018, a recommendation by the Committee was approved to review Policy for 2018.

In the face of sustainable performance, the Policy entailed the pursuit within the organisation of competitiveness with the Company's peers in comparable sectors in terms of business and size, and impartiality in accordance with the principles of equal opportunity, equality and not discrimination, personal growth and integrity referred to also by the Group's Code of Ethics.

The Group Remuneration Policy was developed in a manner consistent with the applicable laws and regulations, including the principles and criteria of art. 6 of the July 2015 version of the Corporate Governance Code of Listed Companies adopted by art. 10 of Atlantia's Corporate Governance Code.

The Policy is described in the Remuneration Report, which is posted on the Company's website (http://www.atlantia.it/it/corporate-governance/remunerazione.html) and was submitted to the General Meeting on 20 April 2018 for a consultative, non-binding vote pursuant to art. 123 ter, paragraph 6, CFA, where it was approved.

All of the information on remuneration paid in 2018 required to be disclosed in the Report on Corporate Governance and the Ownership Structure, including the information required by art. 123-bis of the CFA, has been included in that Report, to which reference is made.

10. CONTROL, RISK AND CORPORATE GOVERNANCE COMMITTEE

A) Composition and functioning

Atlantia's Board of Directors established and Control and Risk Committee and called it "Control, Risk and Corporate Governance Committee" (hereinafter referred to as "CRCGC" or "the Committee").

The Committee's composition is governed by Atlantia's Corporate Governance Code, which provides that this Committee be composed of "non-executive Directors, including at least one Director representing minority shareholders (…)".

On this aspect, Atlantia's Corporate Governance Code differs in part from principle 7.P.4 of the Corporate Governance Code for Listed Companies, which provides that: "The control and risk committee is made up of independent directors. Alternatively, the committee can be made up of non-executive directors, the majority of which being independent; in which case, the chairman of the committee is selected from among the independent directors. (...)".

This approach had been approved by the Board of Directors at the meeting of 14 December 2012, having regard to the opinion of the CRCGC.

Such approach is intended to allow the Board of Directors a broad overview of the experience, expertise and independence of judgement of the non-executive Directors considered suitable candidates for the Committee.

This, however, did not preclude Atlantia's Board of Directors from adopting, when the current Committee was appointed, a composition that is totally in keeping with the recommendation contained in the abovementioned principle 7.P.4 of the Corporate Governance Code for Listed Companies ("The control and risk committee is made up of independent directors"), as the members of the current Committee are all independent directors.

In fact, on 22 April 2016, the Board of Directors appointed as members of the CRCGC Carla Angela, Bernardo Bertoldi and Giuliano Mari, all of them non-executive and independent directors pursuant to article 148, paragraph 3, of the Consolidated Finance Act and article 3 of the Corporate Governance Code.

The possibility to appoint non-executive directors as members of the CRCGC – without the obligation that at least the majority be made up of independent directors – allows the Board of Directors the broadest choice of qualified candidates for the position, it being understood that the Board may appoint all independent directors on the Committee, or mostly independent directors, in keeping with the recommendations of the Corporate Governance Committee, as was the case in this instance.

The objective is for the Board of Directors to identify such non-executive directors who, for different reasons (such as professional experience, specific expertise in the matters dealt with by the Committee, individual characteristics, ability to act independently in both substance and form etc.), are best qualified to ensure the proper functioning of the Committee and the most effective research support to the Board on the internal control system, risk management and financial reporting.

* * * *

Still with respect to the composition of the Committee, Atlantia's Corporate Governance Code provides that: at least one member should be a minority Directors; at least one of the members should have adequate accounting, finance or risk management experience; the Chairman of the Committee should be elected by the members of the Committee.

Regarding the above provisions, attention is called to the following.

Mr Bernardo Bertoldi was elected on the minority slate.

Mr Giuliano Mari has accounting, finance and/or risk management expertise considered adequate by the Board of Directors at the time of appointment.

In the first meeting of the Committee, which was held on 3 May 2016, Giuliano Mari was elected Chairman of the Control, Risk and Corporate Governance Committee.

Giuliano Mari subsequently stepped down as Committee Chairman (yet remaining member thereof), effective as of 30 January 2019.

In its first meeting on 14 February 2019, the Committee appointed Carla Angela as its new Chairwoman.

Carla Angela, Honorary Chairwoman of the Italian Institute of Actuaries, was also professor of financial mathematics in the Economics Faculty at the La Sapienza University of Rome, and also the Head of the Mathematics Department for Finance and Insurance.

With respect to the functioning of the Committee in question, it is noted in particular that:

The Committee's meetings are coordinated by a chairman and the proceedings are duly recorded; the Chairman of the Committee reports to the Board of Directors on the activities performed whenever it deems it appropriate, or upon request by one or more directors. On this aspect, the Board of Directors – in transposing into Atlantia's Corporate Governance Code the amendments introduced in July 2015 in the Corporate Governance Code for listed companies – adopted substantially the new recommendation, leaving it up to the Chairman of the Committee and the Directors to decide when to report to the Board of Directors on the activities performed by the Committees. This also not to overburden the Board's activities (reference is made to paragraph B, sub-paragraph e) hereunder;
In 2018, the Committee had 14 meetings.
The average length of the meetings was about two and a half hours.
Attendance to the meetings of each member is indicated in Table 2;
The Committee has scheduled ten meetings for the current year; as of the date of this Report, five meetings had been held.

As required by the Corporate Governance Code, the Chairman of the Board of Statutory Auditors (or another standing Auditor, at his request) is always invited to attend Committee meetings. Depending on the issues to be deliberated, the Chairman of the Board of Directors, the Chief Executive Officer, the Director responsible for the Internal Control and Risk Management System, the Manager Responsible for Financial Reporting, all standing Auditors, the General Counsel, Head of Internal Audit and any other managers whose presence is deemed necessary may be invited to take part.

In 2018, the CRCGC's meetings were attended, upon the Chairman's request, by all the corporate executives responsible for the areas under review by the Committee, in relation to the items on the agenda.

B) Functions assigned to the Control, Risk and Corporate Governance Committee

The Control, Risk and Corporate Governance Committee provides support, with due examination, for the Board's evaluation of and decisions relating to the Internal Control and Risk Management System as well as those relating to approval of financial reports.

The Control, Risk and Corporate Governance Committee:

a) assists the Board of Directors in carrying out its duties as defined in Article 11.3 of the Company's Corporate Governance Code(6)⁹ :
b) at the request of the Chief Executive Officer, express opinions on specific aspects of the identification of the main business risks and the design, implementation and management of the Internal Control and Risk Management System;
c) evaluates the work plan developed by the Head of Internal Audit, examine the periodic reports prepared by the same and oversee the independence, adequacy, effectiveness and efficiency of the Internal Audit department;
d) assesses, together with the Manager Responsible for Financial Reporting, the independent auditors and the Board of Statutory Auditors, the adequacy of the accounting standards used, the propriety of their application and their consistency for the purposes of preparation of separate and consolidated financial statements;
e) reports to the Board of Directors, at least every six months on the occasion of approval of annual and half-year financial statements, with respect to the activities regarding internal control and risk management and the adequacy of the system;
f) may require the internal audit of specific operating areas. Such internal audits must be reported to the Chairmen of the Board of Statutory Auditors;

⁹ Article 11.3 of the Atlantia Corporate Governance Code specifically provides that:

^1. The Board of Directors shall, subject to the consent of the Control, Risk and Corporate Governance Committee:

a) determines guidelines for the Internal Control and Risk Management System and review their adequacy at least once a year in terms of the nature of the company and the risks to which it is exposed. The Board shall also ascertain the effectiveness of the system and require the Director responsible for the Internal Control and Risk Management System to establish and maintain effective risk management and internal control procedures;

b) having consulted the Board of Statutory Auditors and the Director responsible for the Internal Control and Risk Management System, approves, at least once a year, the work plan developed by the Director of Internal Audit; and, having consulted the Board of Statutory Auditors, assess the findings of the independent auditors as may be contained in a letter of recommendations and the report on material deficiencies detected during the course of the independent audit.

g) carries out any other duties assigned by the Board of Directors; to this end, the Committee is called upon to supervise compliance with and the periodic update of the corporate Governance rules and the Organisation, Management and Control Model and the Code of Ethics adopted by the Company;
h) through adequate investigation, supports the decisions of the Board of Directors with respect to the approval of periodic financial statements;
i) expresses its opinion to the Board of Directors on the corporate governance report, for the description of the characteristics of the Internal Control and Risk Management System and the assessment of its adequacy;
j) reviews, where deemed appropriate, the management of risk deriving from the main detrimental events that have come to the Board of Directors' knowledge, providing, where required, its opinion to the Board of Directors.

The Committee meets at least once every two months at the behest of one of its members. Its members set down the Committee's rules of functioning.

The Committee's functions are entirely independent of those of the Supervisory Board, with which it engages in wide-ranging exchanges of information. The Committee: (i) may request information from the Supervisory Board and (ii) provides information requested by the Supervisory Board.

In particular, the Board of Directors adopts resolutions on the matters listed below, with the favourable opinion of the Control Risk and Corporate Governance Committee.

Setting out of guidelines for the Internal Control and Risk Management System and test, at least once a year, of its adequacy in relation to the Company's characteristics, as well as its effectiveness.
Approval, at least once a year, of the work plan prepared by the Head of Internal Audit, having regard to the opinion of the Board of Statutory Auditor and the Director responsible for the Internal Control and Risk Management System;
Evaluation, having regard to the opinion of the Board of Statutory Auditors, of the results illustrated by the independent auditor in any management letter and in the report on the main deficiencies detected during the audit.

Furthermore, the Board of Directors, at the recommendation of the Director responsible for the Internal Control and Risk Management System and based on the favourable opinion of the Control, Risk and Corporate Governance Committee, and having regard to the opinion of the Board of Statutory Auditors:

a) appoints and dismisses the Head of Internal Audit;
b) ensures that the Head of Internal Audit has adequate resources to perform his duties;
c) sets his compensation in accordance with corporate policies.

The favourable opinion of the Control, Risk and Corporate Governance Committee on the matters under a), b) and c) is binding.

Following the update of the Company's Corporate Governance Code on 18 January 2019, the Control, Risk and Corporate Governance Committee receives regular reporting on sustainability-related risks via non-financial reporting carried out independently by the Sustainability Committee.

C) Activities performed in 2018

The Control, Risk and Corporate Governance Committee met 14 times in 2018, for an average of approximately two hours and thirty minutes.

The Chairman of the Board of Directors and the Chief Executive Officer were invited to participate in all of the Committee's meetings and actually attended almost all. The Chairman of the Board of Statutory Auditors has always been invited to attend and did attend several meetings, some of which were held jointly with the entire Board of Statutory Auditors. Moreover, the Committee's meetings are attended regularly also by the General Counsel, the Group's Head of Internal Audit and the Group's Head of Compliance and Security.

Committee meetings are recorded by the secretary to the Committee with the minutes being submitted at the next meeting to Committee members for approval.

In carrying out its duties, the Committee was able to access the company information needed for its duties.

The Committee addressed the following matters in 2018:

Approval of Reports to the Board of Directors on the activities carried out by the Committee in the second half of 2017 and the first half of 2018;
2018 Audit Plan: opinion to the Board of Directors.
Update on activities, subsequent walkthrough-test on the "Purchasing and Procurement" process.
Pre-assessment Quality Assurance Group Internal Audit Department.
Assessment of the Methodological Guidelines on Risk Assessment.
Regulation on management and coordination activities of the Atlantia Group Parent.
Impairment tests for the Atlantia Group.
Review of the Report of the Head of Internal Audit for 2017 pursuant to article 11.3, paragraph 3, sub-paragraph d) of Atlantia's Corporate Governance Code.
Review of the documentation related to the assessment of the composition and functioning of the Board of Directors and its Committees for 2017.
Outcomes of the audit intervention requested by the ADR Safety and Security Committee.
Meeting with the Central Resources Director at ASPI.
Report of the Manager Responsible for Financial Reporting on his activities pursuant to art. 154, fifth paragraph, CFA. Financial statements for the year ended 31 December 2017.
Review of the pre-closing financial statements for the year ended 31 December 2017: meeting with the Manager Responsible for Financial Reporting and the independent auditors.
Non-financial reporting as per Legislative Decree 254/2014.
Annual assessment of the adequacy of the guidelines for the Internal Control and Risk Management system with respect to the characteristics of the company and its risk profile: opinion to the Board of Directors.
Assessment of the adequacy, efficacy and effective functioning of the internal control system during 2017: opinion to the Board of Directors.
Annual Report on Corporate Governance and the Ownership Structure for 2017.
Reports on the implementation of the 2018 Audit Plan and monitoring of audit activities.
Meeting with the Airport Management Director and Safety Manager at ADR regarding the airport emergency plan.
Focus on the legislation addressing money laundering: fulfilment regarding politically exposed persons.
Focus on the privacy legislation and related organisational adjustments; subsequent updates in this regard.
ASPI governance structure.
Update on the Group's main legal disputes.
Review of reports for the period on the activities performed by the Ethics Officer and the Supervisory Board;
Meeting with the Head of Anti-Corruption to apprise on activities carried out.
Meeting with the Head of Health, Safety and Environment at Atlantia. Report of the Manager Responsible for Financial Reporting on his activities pursuant to art. 154, fifth paragraph, of the Consolidated Finance Act: financial statements for the six months ended 30 June 2018.
Review of the pre-closing consolidated financial statements for the six months ended 30 June 2018: meeting with the Manager Responsible for Financial Reporting and the independent auditors.
Meetings held regularly with Ethics Officer and Supervisory Board;
Event on 14 August 2018 on motorway A10:
o information and subsequent developments;
o considerations of the methodological orders;
o discussion regarding risks;
o tasked to the Group Internal Audit Department;
o considerations/observations on possible economic/financial impacts;
o replies from ASPI to the Ministry of Infrastructure in the letter of 31 August 2018;
o outcomes of the assignment request to the Group Internal Audit Department;
o meeting with the CFO in relation to the financial status as of 30 September 2018.
ASPI emergency response procedure.
Atlantia emergency response management procedure.
Letter from the Chairman of the Italian Committee for the Corporate Governance of Listed Companies: deliberations.
Update on risk assessment and report on the risk appetite of Atlantia and the main Group companies.
Results of risk management activities.
Review of the Atlantia Group Whistleblowing Policy.
Proposal to amend the Atlantia Corporate Governance Code.
Meeting with the ASPI General Manager.
Regular meetings with: the Director responsible for the Internal Control and Risk Management System, Group Head of Internal Audit, Atlantia Group Controlling Director, Group Head of Compliance and Security, CFO, Manager Responsible for Financial Reporting, independent auditors, and the Atlantia Board of Statutory Auditors. One of the reasons for the meetings was the evaluation of Internal Control and Risk Management Systems.

The Committee's work was supported by the Corporate Governance department.

The Committee did not make use of any specific financial resources in carrying out its duties.

During 2018, the Committee did not use any external consultants.

11. INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM

As set out in the latest revision of the Company's Corporate Governance Code, whose most recent update was approved by the Board of Directors on 18 January 2019, the Internal Control and Risk Management System consists of all of the instruments, rules, procedures and corporate organisational structures designed to enable - via the adequate identification, measurement, management and monitoring of the main risks - sound and correct management of the Company in a manner consistent with the Company's objectives set out by the Board of Directors.

The risk management and internal control system established by the Board of Directors shall be based on the following general principles:

a) operational powers: operational powers are assigned taking account of the size and risks associated with the various categories of transaction;
b) organisational structures: the organisational structures are arranged in such a way as to avoid functional overlaps and the concentration of responsibility for highly critical or risky activities in one individual;
c) regular reports: each process is subject to a set of standards and a related regular report designed to measure its efficiency and effectiveness;
d) regular analyses: the professional knowledge and skills available within the organisation are periodically analysed in terms of their match with the objectives assigned;
e) operating processes: operating processes are defined in such a way as to ensure that there are adequate documentary records enabling their continuous assessment in terms of fairness, consistency and responsibility;
f) security systems: security systems safeguard an adequate level of protection for the corporate organisation's assets and data, to allow access to data as required for the assigned activities;
g) risk monitoring: the risks connected to achievement of objectives are identified and periodically monitored and updated. Negative events that could pose a threat to the organisation's business continuity shall be appropriately assessed and the related safeguards adapted;

h) ongoing supervision: the risk management and internal control system must be subject to continuous supervision to enable periodic assessment and ongoing adaptation.

An effective Internal Control and Risk Management System contributes to:

i) monitoring the efficiency, measurability and verifiability of the Company's operations and, in general, verifying and monitoring the correctness and reliability of corporate governance and management of the Company's and the Group's businesses;
ii) ensuring and checking the quality and reliability of accounting, management and financial information provided to the governance bodies and disclosed to the market, in general, including controls of the related registration processes and information flows;
iii) ensuring and monitoring compliance with the requirements of the Code of Ethics and, in general, the applicable legislation and regulations;
iv) ensuring implementation of and compliance with the Organisational, Management and Control Model pursuant to Legislative Decree 231/2011 and regulatory requirements;
v) protecting the value of the Company's assets, including the prevention of fraudulent activity that may damage the Company and the financial markets.

The function of the Board of Directors, as explained in the section on its role, is, subject to the consent of the Control, Risk and Corporate Governance Committee, to:

determine guidelines for the Internal Control and Risk Management System, and the manners of coordination among the parties involved in it, and review their adequacy at least once a year in terms of the nature of the company and the risks to which it is exposed. The Board shall also ascertain the effectiveness of the system and require the Director responsible for the Internal Control and Risk Management System to establish and maintain effective risk management and internal control procedures;
having consulted the Board of Statutory Auditors and the Director responsible for the Internal Control and Risk Management System, approve, at least once a year, the work plan developed by the Head of Internal Audit;
and, having consulted the Board of Statutory Auditors, assess the findings of the independent auditors as may be contained in a letter of recommendations and the report on material deficiencies detected during the course of the independent audit.

On 11 December 2014 the Board of Directors, upon proposal of the Chief Executive Officer, established the Internal Audit Department (which was eventually renamed Group Internal Audit Department) as of 1 January 2015 and - upon proposal of the Director responsible for the Internal Control and Risk Management System and with the favourable opinion of the Control, Risk and Corporate Governance Committee, having regard to the Board of Statutory Auditors' opinion - appointed as Head of Internal Audit Concetta Testa.

The Group's Internal Audit Department and the scope of its responsibilities, which had been originally defined by Memorandums no. 12/2014 of 19 December 2014 and no. 4/2015, have been reorganised with Memorandum no. 1/2017 of 15 February 2017. Subsequently, considering that the growing complexity of the Atlantia Group requires greater geographical and sector focus for the audit activities, Memorandum no. 9/2017 of 27 November 2017 outlined a new structure for the Department and related responsibilities. In particular, the units listed below report to the Group's Internal Audit Department:

Internal Audit Italian Motorways
Internal Audit Airports
Internal Audit Holding and Other Entities
Internal Audit Overseas Motorways
Compliance Audit, Methodologies and Relations with Control Bodies

The Head of Internal Audit reports hierarchically to the Chairman of the Board and has no responsibility over any operational areas.

In addition to being responsible for the matters attributed to it by the Company's Corporate Governance Code, the Internal Audit Department is responsible for:

providing support, within the scope of its duties and responsibilities, to the Company and its subsidiaries, the Board of Statutory Auditors, the Supervisory Bodies, the Ethics Officer and the Manager Responsible for financial reporting;
providing support to the Group's foreign subsidiaries in upgrading their Compliance Programmes, checking their adherence thereto;

determining and revising internal audit and risk management methodologies through the provision of continual development in accordance with best practice.

In the second half of 2016, the Group's Internal Audit Department, in cooperation with the General Counsel Department, the Human Resources Department and the Group's Security and Compliance Department started a project with the support of a prime consulting firm that substantiated how, at Atlantia, the internal audit process is aligned with the leading practices of the main listed groups and International Standards for the Professional Practice of Internal Auditing, concluding with the formalisation of the Internal Audit Guidelines in early 2017.

In particular, the purpose of the Guidelines is to:

illustrate the roles and responsibilities of the main parties involved in the audit process;
formalise relationships between Internal Audit and the audited Departments as well as the reporting lines between the Internal Audit and the Control Bodies of the Company and Atlantia;
make transparent the behavioural rules and principles that auditors need to observe in performing activities in line with the International Standards for the Professional Practice of Internal Auditing.
contemplate a quality insurance improvement programme that would enable the Audit Department to regularly assess internal audit activity compliance with International Standards and the Guidelines and therefore detect possible opportunities to improve.

The Guidelines have been approved by the Director responsible for the Internal Control and Risk Management System and by Atlantia's Chairman and, on 19 April 2017, were disseminated to all the direct and indirect Subsidiaries, in Italy and abroad, with an accompanying letter signed by both the Director responsible for the Internal Control and Risk Management System and Atlantia's CEO.

In this letter, the Subsidiaries were asked to adopt formally the Guidelines – providing written confirmation to the Group's Internal Audit Department within 90 days of receipt of said letter – through a resolution by the respective Board of Directors, with any modification and addition deemed fit.

In 2017, all the Companies of the Atlantia Group adopted the Guidelines without any modification.

With special reference to the Companies listed in a regulated market (SAM) or supervised by the Bank of Italy (Telepass-Pay), with which the Internal Audit Department has established relations respectful of their autonomy, the Boards of Directors of the Companies resolved to adopt the Guidelines and to enter into a service agreement governing the services rendered by the Group's Internal Audit Department.

* * * *

On 11 December 2014, the Board of Directors resolved to create, as of 2 February 2015, a Group Controlling Department, reporting directly to the Chief Executive Officer and General Manager.

Memorandum no. 8/2015 outlined the scope of the duties and responsibilities of the Group Controlling Department (which was renamed Group Controlling & Risk Management Department, with Memorandum Atlantia no. 5/2017 of 6 December 2017 – see next page):

On 22 April 2015, the Control, Risk and Corporate Governance Committee outlined the methodological guidelines on the Group's Enterprise Risk Management(7)¹⁰, which are updated every year and set out:

1. the Risk Management Process adopted in 2016 by all the Group Companies;
1. the Risk Appetite Model established for all Group companies;
1. the methodology to be adopted for identifying, assessing, managing and reporting risks by individual Group Companies (Risk Assessment and Catalogue of risks).

The Group companies have all appointed a Risk Officer to oversee the Risk Management process.

Moreover, the Boards of Directors of Atlantia and its Subsidiaries approve every year the nature and level of risk consistent with the strategic objectives (Risk Appetite, with the last approval by Atlantia and its subsidiaries in the respective Boards of Directors within the first half of 2018) and the catalogue of risks (most recent approval of the Atlantia Catalogue of Risk in the 1st quarter 2019).

Upon the entry into force of Legislative Decree 254/16, the Non-Financial Report was integrated (starting in 2017) with the support of KPMG, containing the main generated or

¹⁰ ) In the second half of 2016, as put forward by the Control, Risk and Corporate Governance Committee, a review was performed (and completed on 10 November 2016), with the support of a prime consulting firm, on the alignment with best practices of the Risk Management methodological guidelines adopted by the Atlantia Group and their proper application by Group Companies.

The analysis did not reveal any major criticality and the methodology adopted by the Group was in line with the reference frameworks and benchmarks. Moreover, the test showed a substantial uniformity in the comprehension and application of the methodology by the Group Companies.

faced risks arising from the Group's activity in the following areas: environment, social, personnel, respect for human rights, fight against active and passive corruption, supply chain and subcontracting.

On 17 November 2017 Atlantia's update of the "Risk Management Process" procedure was formalised. This procedure applies to Atlantia SpA and all its direct and indirect Subsidiaries, both in Italy and abroad.

Such renewed procedure:

adopts the phases of the Risk Management process set out by the Group's methodological guidelines on Risk Management;
requires all Group companies to appoint a Risk Officer;
updates the scope of the responsibilities of the departments involved in the process (Group Controlling Department, Risk Officer, Risk Owner, etc.), describing the duties of the single companies in relation to all Risk Management activities. In its role as coordinator of the Enterprise Risk Management process, the Group Controlling Department will be notified of any flaws detected by the Companies in applying the Group's methodology;
introduces regular meetings between the Group Controlling & Risk Management Department and the Risk Officer to explore risk management themes (such as the application of methodological guidelines and the sharing of best practices adopted by the Group Companies). The results of such reviews will be formalised in a specific document and circulated to all the parties involved;
formalises reporting lines between Risk Officers and the Internal Audit Department, in keeping with Atlantia's "Guidelines on Internal Audit" Procedure.

With Memorandum no. 5/2017 dated 6 December 2017, the Group Controlling Department was renamed Group Controlling & Risk Management Department, with the following changes in the relevant responsibilities concerning risk management activities:

defining and communicating the methodological guidelines on the Group's Risk Management process, supporting subsidiaries in their interpretation.
Supporting the Director in charge of the Internal Control and Risk Management System, the Control, Risk and Corporate Governance Committee and the Board of Directors, ensuring:
i) the necessary information flows within the Group;
ii) consistency in the methodological approach and the alignment of execution schedules in respect of the Risk Appetite and the Catalogue of risks of the Company and the Group, directing the activities of the Risk Officers;
iii) the preparation of the Group's risk appetite, taking into account the risk assessments made by the Company and its Subsidiaries on the basis of the risk appetite of each;
ensuring, within the scope of Risk management activities, that all obligations toward the Control, Risk and Corporate Governance Committee and the Company's Board of Directors are met.

The Group Controlling & Risk Management Department coordinates the competent departments in the areas of planning, operational budget, operations control and risk management of the Subsidiaries."

Lastly, Memorandum no. 10/2017 of 4 December 2017 appointed a Risk Officer in Atlantia's Group Controlling & Risk Management Department, outlining the relevant responsibilities, including yet not restricted to: (i) the annual preparation of the Company's Risk Appetite (on the basis of the methodological guidelines on Risk Management issued by the Parent Company and in keeping with the Group's Risk Appetite); and (ii) the annual update of the Company's catalogue of risks, in agreement with the Risk Owners.

* * * *

On 11 November 2016, the Board of Directors resolved, effective 14 November 2016, to create a Group Compliance and Security Department that would report directly to the Chief Executive Officer and General Manager.

Memorandum no. 5/2016 outlined the scope of the duties and responsibilities of the Group Compliance and Security Department:

design the overall governance model for Group Compliance;
define and develop, in agreement with the organisational areas concerned, specific Compliance programmes for the Company and its subsidiaries, with reference to the regulatory framework of reference and the policies adopted;
lead and coordinate the competent organisational areas of Atlantia and its subsidiaries in the implementation of the Compliance programmes, monitoring and assessing their progress;
setting out, in agreement with the General Counsel, the Guidelines for Atlantia and its Subsidiaries to prepare and implement the procedures called for by the Organisation, Management and Control Models under Legislative Decree 231/01 and the procedures implementing the rules of conduct adopted;
provide support to Atlantia's Supervisory Board;
ensure, at Group level and in agreement with the General Counsel, the legal criteria to support the definition of the risk appetite and the catalogue of risks, monitoring the area of interest for proper implementation.
guide and coordinate at Group level the security activities for the human resources and for all the Group's assets and infrastructures.

At the behest of the Group's Security and Compliance Department, at the end of October the Group issued an anti-corruption policy that combines in a coherent whole the rules to prevent and combat corruption already in place in the Atlantia Group. The objective was to reiterate the Group's commitment in combating and preventing illegal behaviours and to raise further in all the addressees (all of the Group's employees worldwide and all those who operate in the name of and/or on behalf of and/or in the interest of the Atlantia Group or who entertain business or professional dealings with the Atlantia Group) awareness of the rules and behaviours that must be complied with. The Policy includes the concept of corruption as defined both by Italian laws and by the main international sources (Transparency International, World Bank), with reference also to corruption practices through third parties.

In this context, the Head of Group Compliance and Security was named Head of Group Anti-Corruption, with the task of providing methodological assistance on prevention of corruption practices.

In particular, the Head of Group Anti-Corruption, in agreement with General Counsel, (i) monitors constantly the laws and case law on anti-corruption; (ii) adopts methods of reference, setting Group standards; and (iii) adjusts, updates and improves the Policy.

Furthermore, the Head of Group Anti-Corruption acts also as Atlantia SpA's Head of Anti-Corruption.

In addition, the Head of Anti-Corruption: (i) reports regularly on his activities to his Company's Supervisory Board, ensuring a level of coordination that allows both to fulfil effectively their duties; (ii) provides the Internal Audit Department indications on the plan of audit activities related to the Company that employs him and any other useful or necessary information; (iii) interacts with the competent General Counsel (and Compliance department, where established) for updates on developments in the laws and case law in the areas of interest.

The Head of Group Anti-Corruption prepares a six-monthly report on monitoring activities to be submitted to Atlantia SpA's Supervisory Board, Board of Statutory Auditors, Control, Risk and Corporate Governance Committee as well as Group Risk Management.

In 2018, Group Companies appointed the Heads of Anti-Corruption in accordance with the Group Anti-Corruption Policy.

In May 2018, Atlantia appointed a Data Protection Officer (from the Group's Head of Compliance and Security) whose duties include support, control, advisory, training and informative functions.

- Main characteristics of existing risk management and internal control systems in respect of the financial reporting process

The risk management system should not be considered separately from the internal control system in relation to financial reporting. In fact, both are part and parcel of the same system.

In the context of the internal control system, with reference to the process of financial reporting, the Group has implemented and continually revises an internal control system for financial reporting, based on a series of administrative and accounting procedures such as to guarantee their truthfulness, accuracy, reliability and punctuality in accordance with the regulations governing their preparation.

The planning, implementation and maintenance of this system, and its regular assessment, are informed by international best practices and compliant with the "CoSo Report III", which is the internationally recognised framework of reference for the implementation, analysis and assessment of the Internal Control and Risk Management System. In particular, the CoSo Report III (published by the Committee of Sponsoring Organizations of the Treadway Commission) provides for five components (control environment, risk assessment, control activities, information and communication, monitoring activities) that operate at the level of organisational entity and/or operating/administrative process, based on their characteristics.

The internal control system for financial reporting provides for regulations, procedures and guidelines by virtue of which Atlantia SpA ensures the exchange of data and information with its subsidiaries, thereby ensuring their coordination. In particular, this activity is carried out through the distribution, by the Parent Company, of regulations for the application of the reference accounting standards, such as the "Guidelines for preparation of the IFRS reporting package used in drawing up the Group's consolidated financial statements", and procedures regulating the preparation of the separate and consolidated financial statements and of the six-monthly accounts and reports. The operational processes put in place by subsidiaries on the basis of the Parent Company's guidelines are applicable to the above.

The setting up of audits is performed after a process conducted according to a top-down approach, aimed at identifying the organisational entities, processes and specific activities capable of generating the risk of unintentional errors or fraud that could have a material impact on financial reports.

- Description of the main characteristics of existing risk management and internal control systems in respect of the financial reporting process

a) Phases of the existing risk management and internal control systems in respect of financial reporting

The process of monitoring the internal control system for financial reporting is reiterated on a six-monthly basis in compliance with the provisions contained in art. 154 bis, paragraph 5 of the CFA. The process is broken down into the following phases:

Identification of financial reporting risks: risk identification activities are performed with reference to Atlantia SpA's separate financial statements and the Atlantia Group's consolidated financial statements, and is based on the assessment of qualitative and quantitative aspects concerning, firstly, the selection of significant companies to be included in the analysis, and then the classes of transaction and significant accounts.

This selection activity requires:

i) the determination of quantitative criteria with respect to the contribution in terms of operating performance and financial condition of the individual companies to the latest accounts and the selection rules, including minimum materiality thresholds;
ii) the consideration of qualitative elements that might contribute to the inclusion of other entities or classes of transactions on the basis of the specific risks determined by the accounting implications of the transactions carried out by the above entities, or by the presence in the accounts of the latter of substantial amounts in terms of contribution to the consolidated financial statements in relation to items not considered in the above criteria.

Every material item of data/information is traced back to the accounting and administrative processes that originated them and the typical financial report "assertions" are identified (existence and occurrence of events, completeness, measurement and recognition, rights and obligations, presentation and reporting) and the risks that one or more financial statement assertions do not provide a true and fair view, with consequent impact on the financial report.

Assessment of financial reporting risks: the risks are assessed in terms of potential impact on the basis of quantitative and qualitative indicators and assuming the absence of controls (at an inherent level). Risks are assessed at entity level and process level. The former includes risks of fraud, incorrect working of IT systems and other unintentional errors. At process level, financial reporting risks (underestimation, overestimation, inaccuracy etc.) are analysed with reference to the activities that make up the processes.
Identification of controls for the risks detected: the risks detected are addressed through controls capable of mitigating them, both at entity level and at process level. Key controls are determined, according to risk-based and top-down controls; such controls are deemed necessary to ensure with reasonable certainty the prevention and timely identification of material errors in financial reporting.
- Assessment of controls in relation to identified risks: the process of analysing and assessing the internal control system for financial reporting continues with the assessment of the identified controls in terms of adequacy (effectiveness of control design) and in terms of effective application. Effective application is tested through specific activities performed first of all by the management line responsible for implementing such controls and, to ensure the effective assessment and consistent design of the control system, by the Financial Compliance and International Administration unit of the Administration function available to the Manager responsible for financial reporting.

The monitoring of the effective application of administrative and accounting procedures is conducted with regard to the effective implementation of key controls. The assessment procedure is chosen on the basis of the underlying risk: this choice takes into account the strengths and weaknesses of the control environment that may condition the outcome of the assessments made, the complexity of the control, the type of control (manual or automatic), the level of judgment required during the process and the dependence of the control on the functionality of other controls.

The monitoring activities involve sampling techniques in line with international best practices.

With reference to the automatic controls implemented, the assessment of adequacy and effective application is extended to the design and operation of general IT controls supporting the relevant applications.

At the end of the monitoring activity, any deficiencies or problems are tested for significance.

The Manager responsible for financial reporting will, at least every six months, bring to the attention of the Control, Risk and Corporate Governance Committee the results of the activities performed and the assessment process described above by checking, together with it, the adequacy of the administrative and accounting procedures, and their effective application, in view of the issue of the attestations provided for by article 154 bis of the Consolidated Finance Act. Such results are also brought to the attention of the Board of Directors and the Board of Statutory Auditors.

On 30 November 2018, Atlantia submitted the application to the Revenue Agency for adhesion to cooperative compliance and, on 20 December 2018, the following documentation was transmitted as per the legislation introduced by the institution, including:

The Tax Strategy approved by the Atlantia Board of Directors on 11 March 2018;
description of the adopted tax risk control system and its operations (Tax Compliance Model and Interpretative risk Policy);
maps of corporate processes and tax risks contemplated by the control system.

The risks and safeguards formalised in the tax risk map relevant for the purposes of the Tax Control Framework (TCF) are based on the procedures already in place for the Regulation of 262/05 , to which the risks and safeguards from the TCF were added.

The risk map incorporated the information requested by the guidelines issued by the Revenue Agency (process evaluation, inherent risk assessment and residual risks). The methodologies followed for quantifying the risk and assessing the controls were declined in the Tax Compliance Model.

The company is awaiting the commencement of the inquiry by the Revenue Agency that will conclude within 120 days from submission of the cited documentation, unless suspended because of the request for additional documentation.

The Internal Control and Risk Management System requires a clear identification of the roles involved in its planning, implementation, monitoring and upgrading over time.

The Manager responsible for financial reporting is responsible for monitoring the internal control system on financial reporting. In particular, this Manager:

is responsible for ensuring the preparation of the administrative and accounting procedures necessary to prepare the annual financial statements, the six-monthly condensed financial statements and the consolidated financial statements, as well as any other periodic financial reports;
complies with article 154-bis by issuing the attestations required by the applicable laws and regulations.

In performing these duties, the Manager responsible for financial reporting relies on the Financial Compliance and International Administration structure, which performs the following functions:

operational management of the System in its planning, implementation, monitoring and upgrading phases;
review of the design and effectiveness of controls;
fostering of the necessary synergies with Atlantia's Internal Audit department and the coordination of primary external experts in relation to their support to the performance of the unit's duties and responsibilities;
ensure at Group level, thanks to the Company's and its subsidiaries' departments, the upgrade, implementation and monitoring and effective application of the procedures falling within the purview of the Manager responsible for financial reporting.

Lastly, the Manager responsible for financial reporting works in cooperation with the company units responsible for auditing the internal control system, to obtain all the information necessary to take effective action and to ensure the effectiveness and efficiency of the attestation process.

- Guidelines and assessment of the adequacy, efficacy and effective functioning of the Internal Control and Risk Management System

Regarding the definition of the guidelines for the internal control system and assessment of its adequacy, efficacy and effective functioning, article 1.3 of the Corporate Governance Code states that the Board of Directors shall define the nature and level of risk consistent with the issuer's strategic objectives, including, in its considerations, all the risks that might affect the medium/long-term sustainability of the Company's business.

Based on the proposals of the Director responsible for the Internal Control and Risk Management System, and the favourable opinion of the Control, Risk and Corporate Governance Committee – after consultation with the Board of Statutory Auditors – the Board of Directors, at the meeting of 2 March 2018, set out the guidelines for the Internal Control and Risk Management System and gave a positive assessment of Atlantia's Internal Control and Risk Management System.

In the meeting of 8 June 2018, the nature and level of risk were defined to be consistent with the strategic objectives of Atlantia SpA and the Group.

In the meeting of 14 December 2018, the updated Catalogue of Risks was presented to the Board of Directors.

Moreover, during the year the Board noted the six-monthly reports in which the Internal Control and Corporate Governance Committee, the Supervisory Board, the Ethics Officer and the Manager Responsible for Financial Reporting described the activities carried out.

On the basis of the Group's Anti-Corruption Policy, the Head of Group Compliance and Security was named Head of Group Anti-Corruption in 2017, with the task of providing methodological assistance on prevention of corruption practices. In particular, the Head of Group Anti-Corruption, in agreement with the General Counsel Department, (i) monitors constantly the laws and case law on anti-corruption; (ii) adopts methods of reference, setting Group standards; and (iii) adjusts, updates and improves the Policy. The Head of Group Anti-Corruption (also acting as Atlantia SpA's Head of Anti-Corruption) reports his activity regularly to the Control, Risk and Corporate Governance Committee and the Supervisory Board.

In 2018, the Heads of Anti-Corruption were appointed for each subsidiary, operating with the corresponding powers specified by the relevant appointment provisions and whose independence is guaranteed by not becoming involved in company activity at any risk of corruption. Their role entails safeguarding compliance with corruption prevention and ensuring (i) implementation of the policy by the subsidiary, (ii) specialist assistance in anticorruption matters for employees thereof, (iii) verification that the corruption prevention management system meets the general requirements, and (iv) constant monitoring of the risk of corruption.

As part of the activity carried out in 2018, over 7,500 Group employees participated in the particular staff training conducted to disseminate the Anti-corruption Policy via e-learning.

Turning to privacy, in May 2018, Atlantia appointed a Data Protection Officer (from the Group's Head of Compliance and Security) whose duties include support, control, advisory, training and informative functions.

In particular, the Data Protection Officer:

Ensures monitoring of legislative developments in privacy, reporting to data processors and controllers thereon, and also verifies compliance of corporate procedures and documentation therewith.
Informs and advises the controller or the processor and the employees who carry out processing of their obligations pursuant to the Regulation and to other EU or national data protection provisions.
Verifies compliance with this Regulation, with other EU or national data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awarenessraising and training of staff at the organisation.
Provides advice where requested as regards the data protection impact assessment and monitors its performance.
Acts as the corporate contact point for data subjects to address matters and issues concerning the processing of their data or exercising their rights in that regard.
Acts as the corporate contact point for the Data Protection Supervisor, particularly regarding cases of reported personal data breaches as contemplated in articles 33 and 34 of the Regulation, and any other public authority engaging the Company for

matters related to processing, or for consultation with the Supervisor for the other supervisory authorities on its own initiative.

Lastly, at its meeting of 7 March 2019, after noting the conclusions of the analysis by the Control, Risk and Corporate Governance Committee of the detailed information provided by staff responsible for the Internal Control and Risk Management System, the Board of Directors was of the opinion that the Internal Control and Risk Management System, as a whole, may be deemed adequate, efficacious and in good working order.

11.1 Director responsible for the Internal Control and Risk Management System

The Board of Directors determines guidelines for the Internal Control and Risk Management System and review their adequacy at least once a year in terms of the nature of the Company and the risks to which it is exposed. The Board also ascertain the effectiveness of the system and require the Director responsible for the Internal Control and Risk Management System (the "Director Responsible") to develop and maintain effective risk management and internal control procedures.

The Director Responsible determines the tools and the implementation procedures for the risk management and internal control system, in accordance with the guidelines set by the Board of Directors, overseeing the overall adequacy of the system, its functionality, and its adaptation to changes in the operating environment and in the legislative and regulatory frameworks. The Director Responsible also proposes the appointment of a member of staff to head the Internal Audit department or the revocation of such appointment.

The Head of Internal Audit reports his findings to the Chairman and the Director Responsible as well as to the Chairman, the Control, Risk and Corporate Governance Committee and Board of Statutory Auditors.

The Director Responsible implements revisions of the Internal Control and Risk Management System, whenever required to remedy any weaknesses found by the above audits.

The Director Responsible has the powers to require the Head of Internal Audit to examine specific operating areas and compliance with internal rules and procedures for company operations. Such internal audits are notified to the Chairmen of the Board of Directors, Control, Risk and Corporate Governance Committee and Board of Statutory Auditors.

The Director Responsible promptly reports any problems and critical issues, found through the Director's activities or notified to the Director, to the Control, Risk and Corporate Governance Committee (or Board of Directors) for the Committee (or the Board of Directors) to take the appropriate action.

On 22 June 2016, the Board of Directors appointed independent Director Giuliano Mari to the role of Director Responsible subject to the consent of the Control, Risk and Corporate Governance Committee, thereby confirming the duties and responsibilities attributed to the latter in the 2013-2015 three-year period.

- Activities performed in 2018

In 2018, the Director Responsible for the Internal Control and Risk Management System performed the activities required by the Corporate Governance Code, which involved several meetings with the Head of Internal Audit, the Head of Group Controlling & Risk Management, the Head of Group Security and Compliance, the General Counsel, the Risk Officers of Autostrade per l'Italia and Aeroporti di Roma, and with the Chief Executive Officer of Autostrade per l'Italia and Aeroporti di Roma, to analyse operational risks and to review the risk managementactivities performed to update the risk catalogue.

In the previous year, the Director Responsible:

participated regularly in the meetings of ASPI's Post-Audit Committee and ADR's Post-Audit Committee;
in relation to these activities, took specific actions to strengthen the Internal Control and Risk Management System;
supervised the preparation of the 2018 Audit Plan;
monitored progress of the 2018 Audit Plan, reviewing all audit reports;
identified the principal corporate risks, taking into account the characteristics of the activities carried out by Atlantia and its subsidiaries, through several meetings with the Group Controlling Director and ASPI's and ADR's Risk Officers, to determine the criteria to identify, evaluate and manage risks, in view of the upgrading of the risk catalogues for the Group companies;
implemented the guidelines of the Internal Control and Risk Management System established by the Board of Directors, by designing, building and managing the Internal Control and Risk Management System and checking constantly its adequacy and effectiveness;
adapted this system to Company operations and the legal and regulatory framework.

In more general terms, the activity of the Director Responsible is to ensure the seamless operation and consistency of the components of the Group's Internal Control and Risk Management System.

11.2 Head of Group Internal Audit

Pursuant to article 11.3 of the Corporate Governance Code, the Head of Internal Audit is responsible for verifying that the Group's risk management and internal control system is properly functioning and is fit for purpose. In particular, the Head of Group Internal Audit:

a) audits, on an ongoing and ad hoc basis and in compliance with international standards, the efficiency and adequacy of the risk management and internal control system through the application of an audit plan, duly approved by the Board of Directors, based on a structured analysis and ranking of material risks;
b) is not responsible for any operational area and reports to the Chairman of the Board;
c) is given direct access to all information required for the performance of his duties;
d) draws up regular reports containing suitable information on audit activities, risk management procedures and compliance with risk containment plans. Regular reporting contains an assessment of the suitability of the internal control and risk management system;
e) promptly presents reports on events of particular relevance;
f) distributes the reports pursuant to d) and e) above to the Chairmen of the Board of Statutory Auditors, the Risk Control and Corporate Governance Committee and the Board of Directors, as well as to the Director responsible for the Internal Control and Risk Management System;
g) ascertains, as part of the audit plan, the reliability of information systems including accounting systems.

The Head of Group Internal Audit is appointed, at the recommendation of the Director Responsible for the Internal Control and Risk Management System in conjunction with the Chairman of the Board of Directors, by the Board of Directors subject to the consent of the Control, Risk and Corporate Governance Committee and in consultation with the Board of Statutory Auditors. On 11 December 2014, the Board of Directors established the Internal Audit Department (subsequently called Group Internal Audit Department)- effective 1 January 2015 - and, at the recommendation of the Director in charge of the and Internal Control and Risk Management System, and subject to the consent of the Control, Risk and Corporate Governance Committee, and having consulted with the Board of Statutory Auditors, appointed Ms Concetta Testa as Head of Internal Audit, ensuring that the Internal Audit Department has resources adequate to its responsibilities

The remuneration of Ms Testa is consistent with the remuneration policy of the Atlantia Group, in her capacity as an executive at Atlantia.

The Head of Internal Audit, who reports to the Chairman of the Board of Directors, is not responsible for any operating areas. She has direct access to the information required for the performance of her duties, in addition to adequate resources for her work.

She regularly reports her findings. Internal Audit conducts audits of Atlantia and its Italian and international direct and indirect subsidiaries.

Internal Audit carries out its audit activities whilst assuring the necessary degree of independence, expertise and professional diligence as established in international professional practice standards and the Code of Ethics.

The audit activities are intended to check:

controls over operational risks (business);
compliance with rules and regulations, including yet not limited to: Legislative Decree 231/01, Legislative Decree 81/08, Legislative Decree 152/06, Legislative Decree 50/16 and subsequent amendments and additions thereto, European Regulation 2016/679 (the General Data Protection Regulation) on data protection and privacy.- (compliance);
that financial reports are compliant with applicable accounting principles and regulations (financial);
the reliability of the information systems;
that the Company's assets are protected.

The main activities carried out by the Group Internal Audit Department are:

outlined in an annual plan based on structured analyses and priorities of the principal risks to which Atlantia and its subsidiaries are exposed;
surprise audits at the request of the persons responsible for the internal control system or senior management;
monitoring the implementation of measures to remedy audit findings in accordance with the recommendations;
support of the Ethics Officer with respect to signed, unsigned and confidential reports received in connection with preliminary investigations in support of the assessments by the Company's various control bodies;
development and revision of internal audit operating methodologies and processes in keeping with policy and best practice.

The findings of internal audits are set out in Internal Audit Reports which are simultaneously distributed to the audited units and the respective hierarchical lines.

Moreover, the audit report or the executive summary is sent to the Company's coordinators, where available, and the competent Heads of Human Resources, General Counsel and Compliance of Atlantia's sub-holdings.

For unscheduled audits, the audit report or the executive summary is sent also to the parties that required them, if different from the above-mentioned executives.

Regarding inspections, given the special nature of these actions, the audit report is transferred solely to the parties who required them.

Internal Audit Reports contain descriptions of findings and areas of improvement for internal controls in addition to an appropriate action plan.

The Internal Audit department is also responsible for monitoring, via its follow-up activities, implementation of the corrective actions identified, reporting to the Director responsible for the Internal Control and Risk Management System, the relevant managers and supervisory bodies.

In addition, the Group Internal Audit Department contributed, for the aspects falling within its purview and where required, to initiatives and working groups relating to the internal control, governance or compliance system objectively and independently, in accordance with the guidelines on Internal Audit.

During the year, the Head of Internal Audit continued to interact with executives and members of corporate bodies. In particular, as required by article 11.4 of Atlantia's Corporate Governance Code, the Head of Group Internal Audit reported on her activities to the Chairman of the Board, the Director Responsible for the Internal Control and Risk Management System and to the Control, Risk and Corporate Governance Committee. She met regularly with the Chairman of Atlantia's Board of Statutory Auditors and, upon request, with the Boards of Statutory Auditors of the Group's subsidiaries.

In addition, in accordance with article 12.1 of the Corporate Governance Code, the Head of Internal Audit participated in all the meetings of the Control, Risk and Corporate Governance Committee held during the year.

Upon proposal of the Director responsible for the Internal Control and Risk Management System, following a favourable opinion from the Control, Risk and Corporate Governance Committee and after consultation with the Board of Statutory Auditors, on 19 January 2018, the Board of Directors reviewed and approved the 2018 Audit Plan. For the corresponding activities, the Plan was approved by the Boards of Directors of the direct and indirect subsidiaries, in Italy and abroad.

Lastly, the Head of Group Internal Audit submitted to ASPI's Post-Audit Committee and ADR's Post-Audit Committee reports and any recommended corrective actions, as applicable to their respective roles.

During 2018, the Internal Audit department carried out 142 audit missions (119 audits and 23 inspections), of which 116 were part of the Plan and 26 were undertaken following specific requests (of which 3 audits and 23 inspections). In addition, one internal auditor acted as secretary to support the Ethics Officer in investigating around 39 reports.

In particular, in connection with the 119 audits conducted, 79 were operational audits (related to Group companies), the reliability of the information systems were also checked, including the accounting entry systems. In addition, upon request of the Supervisory Boards, monitoring activities were initiated in areas exposed to the perpetration of offences under Legislative Decree 231/2001 for Atlantia and 15 additional Group companies while adherence to the Compliance Programme was checked in 16 foreign subsidiaries in Brazil, Chile, Poland and the USA. Support was also given to the Managers responsible for financial reporting for Atlantia and Società Autostrade Meridionali.

Lastly, 23 inspections were conducted (of which 4 related to Atlantia, 10 to Autostrade per l'Italia, 1 to Aeroporti di Roma, 2 to Pavimental, 2 to Spea Engineering, 1 to Società Autostrade Meridionali, 1 to Autostrade Tech, 1 to AB Concessoes Group and 1 to Azzurra Aeroporti).

* * * *

On 14 February 2019, the Head of Internal Audit issued her annual report for the period 1 January - 31 December 2018 to the Control, Risk and Corporate Governance Committee, certifying that in light of:

the findings of the audit activities carried out on the basis of the 2018 Audit Plan as well as upon specific requests;
the changes in the governance of the Group's Internal Control System;
the exchange of information with other control bodies and operators in the Internal Control and Risk Management System;

and as far as the department could ascertain within the scope of its duties and responsibilities, the Internal Control and Risk Management System is fit to ensure that the Company is managed in a way that is sound, proper and consistent with pre-established objectives.

11.3 Organisational, Management and Control Model, Legislative Decree 231/2001

In 2018, the Supervisory Board continued monitoring legislative developments made in scope 231 with a view to updating the Organisational, Management and Control Model, Legislative Decree 231/01, whose most recent update was approved by the Board of Directors on 15 December 2017.

In particular, the Organisation further elaborated on the analysis of Law 179 of 30 November 2017, namely "Provisions for the protection of whistleblowers who report crimes or misconduct of which they become aware in the context of private or public employment", published in official state gazette No. 291 on 14 December 2017 and entering into force on 29 December 2017. This law also amended art. 6 of Legislative Decree 231/01, stipulating that Organisational Models must contemplate:

at least one channel to enable whistleblowing as indicated in art. 5, paragraph 1, letters a) and b), of Legislative Decree 231/01, with a view to protecting the integrity of the entity, for reporting circumstances entailing a crime or illegal conduct, as contemplated in Legislative Decree 231/01 and based on specific and solid evidence, or violations of the entity's Organisational Model that were detected during the course of functions. Such channels must safeguard the confidentiality of the whistleblower's identity during management thereof;
at least one alternative digital whistleblowing channel established to guarantee the confidentiality of the whistleblower's identity;
the prohibition of retaliatory acts or discrimination, whether direct or indirect, regarding whistleblowers in direct or indirect relation to whistleblowing;
disciplinary steps against individuals who violate whistleblower protection measures and for whoever wilfully or intentionally blows the whistle on an alleged serious matter that proves to be baseless.

In this regard, the Supervisory Board has met several times with the General Counsel and the Group's Head of Compliance and Security to transpose developments regarding whistleblowing according to Law 179/2017.

In particular, in late October 2018, the Group's Head of Compliance and Security illustrated the "Atlantia Group Whistleblowing Policy" for the Board (which transposed even the most recent legislative developments in safeguarding the confidentiality of the whistleblower's identity, incorporated in September 2018 with Legislative Decree 101/2018), addressing how to report whistleblowing and underlining how the digital platform enables:

anonymous whistleblowing;
nominative whistleblowing with a guarantee that the whistleblower's identity will be safeguarded;
transparent management of the entire whistleblowing process;
forwarding whistleblowing referring to all group companies.

Whistleblowing will be delivered to the Group's Ethics Officer and then, depending on the results thereof, a possible report (as per Legislative Decree 231/2001) to the company's corresponding Supervisory Board/Compliance Officer.

The platform also allows whistleblowing to be sent directly to the Supervisory Board for the purposes of the cited decree (231).

In 2018, the Supervisory Body also acknowledged the creation of the permanent workgroup Team 231, coordinated by the General Counsel and the Head of the Group's Compliance and Security, and comprising resources from General Counsel, Group Human Resources, Group Internal Audit and Group Controlling & Risk Management, in relation to the need to guarantee alignment and an ongoing adjustment to the Organisational, Management and Control Model (as per Legislative Decree 231/2001) in response to organisational changes, outcomes of internal controls or observance of regulatory developments referring to Legislative Decree 231/01.

In this regard, at the request of the Supervisory Board, Team 231 is drawing up an approach to update the general part of the model as per Legislative Decree 231/2001 in view to achieving continuous improvement. Such updates will be submitted to the Supervisory Board during the first half of 2019.

The presently valid Model (approved by the Board of Directors on 15 December 2017) comprises:

a General Part, which summarises the relevant provisions of Decree 231/2001, describes the structure and purpose of the Model, establishes the composition and role of the Supervisory Board, establishes the criteria and methods for reporting required information to the Supervisory Board and describes the disciplinary system for breaches of the Model's requirements;
Special Parts developed with respect to the risk of criminal activities which have been identified for Atlantia as the following: Special Part A) - Crimes against the Public Administration (including: Inducement of others to withhold evidence or commit perjury in legal proceedings; Employment of third-country nationals who are illegally resident; unlawful intermediation and labour exploitation); Special Part B) – Corporate crimes (including corruption and incitement to private-to-private corruption); Special Part C – Market abuse; Special Part D) – Offences in breach of occupational health and safety regulations (Culpable homicide and negligent injury or grievous bodily harm resulting from breaches of occupational health and safety regulations); Special Part E) - Receipt of stolen goods, money-laundering and deriving benefit from ill-gotten monies, property or gains, and self-laundering; Special Part F) – Computer crimes and illegal processing of data, cybercrimes (Computer crimes, counterfeiting of trademarks or patents, offences against industry and commerce and violation of copyright).

Every Special Part in the Model is structured as follows:

Indication of the "types of offences" contemplated by Legislative Decree 231/2001, containing:
- a description of each offence;
- penalties applicable to the Entity;
- possible manners of perpetration (non-exhaustive list).
Areas at risk, related to corporate activities considered potentially at risk in relation to the offences under Legislative Decree 231/2001, with separate identification of Areas subject to direct risk and instrumental Areas.
General principles of conduct in the Areas at risk, which indicate the relevant behaviours in terms of:
- Adoption, in performing activities at risk, of behaviours inconsistent with the law or the Code of Ethics or the Model;
- Violation of the procedures and/or internal company rules.
General control principles, which represent the control criteria adopted by Atlantia – also in light of the guidance contained in the new Guidelines issued by Confindustria in March 2014 – to ensure virtuous behaviours, consistent with Legislative Decree 231/2001.
Control protocols related to the Areas subject to direct risk that are relevant for the mitigation of risk 231 (Procedures, Operating Standards, Procedural Instructions, Manuals, internal rules on corporate activities, setting out responsibilities, duties, computer applications and control and monitoring activities, where available).
Control protocols related to the instrumental Areas that are relevant for the mitigation of risk 231 (Procedures, Operating Standards, Procedural Instructions, Manuals, internal rules on corporate activities, setting out responsibilities, duties, computer applications and control and monitoring activities, where available).

The Model in its current form is based on the deliberations and analysis carried out by the Supervisory Board and a penal code expert, and derives from an examination of developments in regulations and jurisprudence relating to Organisational Models.

The adoption of the Organisational, Management and Control Model, of which the Code of Ethics is one of the elements, has contributed towards implementation of the Company's internal control system.

As further confirmation of its commitment to preventing and combating illegal practices, the Company adopted a Group Anti-Corruption Policy in 2017, coherently combining the rules on the prevention and fight against corruption existing within the Group, with the objective of raising further the Addressees' awareness of the rules and conduct to be adopted.

In this context, the Head of Group Compliance and Security was named Head of Group Anti-Corruption, with the task of providing methodological assistance on prevention of corruption practices. In addition, Head of Group Anti-Corruption acts also as Atlantia SpA's Head of Anti-Corruption and, in this context, reports regularly to the Company's Supervisory Board.

Atlantia's current Supervisory Board was appointed by the Board of Directors on 8 June 2018 for the period 1 July 2018 – 30 June 2021, and comprises two external members, one of whom acting as coordinator, and the Head of Group Internal Audit.

The Supervisory Board met 11 times in 2018 to address issues concerning updates of the Model and implementing the Action Plan for monitoring and assessing the appropriateness and effective functioning of the Model. In the same year, the Atlantia Supervisory Board regularly referred to the Board of Directors of the Company and the Board of Statutory Auditors regarding activities carried out with a view to updating and monitoring the Organisational, Management and Control Model.

In common with Atlantia's Supervisory Board, the supervisory boards of Group Companies have implemented their action plans for monitoring and assessing the adequacy of their Organizational, Management and Control Models. The required operating assessments were conducted by the Group Internal Audit department, and periodical reports concerning supervisory activities during the various reporting periods were drawn up and sent to the respective boards of directors and boards of statutory auditors.

Ethics Officer

Over the years, Atlantia has established within its organisations an Ethics Officer, with the task of:

overseeing compliance with the Code, by reviewing news of possible violations and conducting the investigations considered necessary, including with the Group Internal Audit Department;
disseminating and verifying knowledge of the Code, undertaking communication programmes and activities aimed at promoting a better understanding of the Code;
proposing the issue of guidelines and operating procedures, or changes and improvements in the existing ones, to reduce the risk of breaching the Code;
proposing to the Company's Supervisory Board any change to the Code of Ethics.

The Ethics Officer, appointed by Atlantia's Chief Executive Officer, consists of the General Counsel (as Coordinator), the Head of Group Human Resources, the Head of Group Internal Audit, by the Head of Legal and Corporate Affairs of Aeroporti di Roma and by the Head of Legal Affairs of Autostrade per l'Italia.

For the purpose of submitting whistleblowing, Atlantia has set up multiple channels enabling whistleblowing through digital channels or via paper. Any whistleblowing on allegedly improper conduct is examined attentively and help the corresponding Company take suitable steps, regardless of whether the report is signed or not.

In 2018, Atlantia also implemented a digital platform that lets anyone (employees and collaborators, vendors and any other person having or intending to have a business relationship with the Company) to blow the whistle or report potential crime, unlawful conduct, irregularity, infringement or breach of standards, violation of Model 231, violation of the Code of Ethics, violation of the Anti-corruption Policy and any sort of procedural violations and corporate provisions.

The multilingual version of the platform enables:

• anonymous whistleblowing by third parties and Group employees via the websites of Atlantia and Group Companies;

• nominative whistleblowing with a guarantee that the whistleblower's identity will be safeguarded (in which regard names and identifying particulars are rendered anonymous) following compilation of a registration card by Group employees through the corporate intranet;

• a transparent management of the entire whistleblowing process, even through the possibility of dialogue with the whistleblower and possibility of attaching documents;

• forwarding whistleblowing referring to all group companies. Whistleblowing will be delivered to the Group's Ethics Officer and then, depending on the results thereof, a possible report (as per Legislative Decree 231/2001) to the company's corresponding Supervisory Board/Compliance Officer.

Following the launch of the platform, Atlantia adopted the "Whistleblowing policy", which replaces the "Reporting to the Ethics Officer" procedure. The Policy guides the receipt, analysis and handling of Whistleblowing and the manners of conducting the relevant investigation in accordance with the laws on privacy or other laws in force in the country where the reported events occurred, as applicable to the complainant and the subject of the Whistleblowing.

The platform integrates the following whistleblowing channels (now active):

electronically: [email protected];
by regular mail to: Atlantia SpA, Ethics Officer, via Antonio Nibby, 20 00161 Roma.

All the reports are reviewed by the Ethics Officer to initiate corrective actions, if warranted.

Therefore, in line with article 11.6 of the Corporate Governance Code, Atlantia's Internal Control and Risk Management System is equipped with suitable whistleblowing systems -

where employees and non-employees can report any irregularities or breaches of laws and internal procedures - in line with domestic and international best practices, which guarantee a specific and confidential channel as well as the anonymity of the complainant.

In 2018, the Ethics Officer met 10 times and reviewed all the tips received, starting an investigation for all those containing sufficient elements to justify further inquiry or that were potentially founded.

In 2018, Atlantia also adopted a proprietary Code of Conduct to safeguard against discrimination and protect the dignity of the men and women at the Group.

The purpose of the Code of Conduct is to inform Group workers of their rights and obligations for preventing and eradicating any discrimination while maintaining a working environment that ensures the respect of each individual's dignity.

Workers who feel that they have faced harassment or discrimination are encouraged to report the matter to the competent HR structure and Ethics Officer without delay. Anyone who has witnessed discrimination and/or conduct considered to be harassment must immediately report it through the proper channels.

11.4 Independent Auditors

In consequence of their engagement on 24 April 2012, Deloitte & Touche SpA are the Independent Auditors engaged to perform the statutory audit of the separate and consolidated financial statements, the periodical assessment of the propriety of bookkeeping and a limited scope audit of the consolidated interim reports of Atlantia SpA for the financial years 2012-2020.

The Board of Statutory Auditors and the Independent Auditors periodically exchange information and data on their respective audits.

The "Procedure for the engagement of statutory audit firms and the monitoring of other assignments to its affiliates" - as revised in 2016 to take into account the changes introduced by Regulation EU no. 537/2014 of the European Parliament and of the Council, as well as by legislative Decree 135/2016 (implementation of directive 2014/56) – sets out the corporate responsibilities and internal operating methods in support of the Board of Statutory Auditors for the engagement of statutory external auditors in accordance with law and regulation as in force from time to time and the management of the relationship with the statutory audit firm and its affiliates.

The procedure relates to senior management and the managements of Group companies who, in the performance of their duties, have direct or indirect contact with independent auditors during their internal audit procedures.

11.5 Manager responsible for financial reporting

Pursuant to article 33 of the Articles of Association, and in compliance with art. 154-bis of the Consolidated Finance Act, the Board of Directors, subject to obtaining the required opinion of the Board of Statutory Auditors, appoints and dismisses the Manager Responsible for Financial Reporting.

The Manager Responsible for Financial Reporting is selected from candidates with at least three years' experience in positions with appropriate responsibility for administration and finance, or administration and control in listed joint-stock companies, and who possess the integrity required by the regulations in force. The Directors fix the related remuneration and the term of office, which is renewable, and grant the manager all the authority and instruments necessary in order to carry out the duties assigned to them by law.

At its meeting of 22 April 2016, the Board of Directors confirmed the Chief Financial Officer (CFO) Giancarlo Guenzi as the Manager Responsible for Financial Reporting, having obtained the favourable opinion of the Board of Statutory Auditors, establishing his term of office as until the termination of the term of the Board of Directors currently in office.

In 2018, the internal control system was upgraded from an administrative and accounting viewpoint, for the purposes of attestations by the Chief Executive Officer and the Manager Responsible for Financial Reporting of the separate and consolidated annual financial reports concerning, inter alia, the adequacy and effective application of the administrative and accounting procedures. Moreover, on 29 October 2018, the transaction for acquiring Abertis Infraestructuras SA by a partnership consisting of Atlantia, Acs and Hochtief concluded. Since the date on which the financial statements for Abertis Group companies were approved, a system of procedures and control is currently being implemented to correspond with the system in the other Atlantia Group companies, a process which is expected to conclude by late 2019.

The certification of the Atlantia Group consolidated financial statements at 31 December 2018, in accordance with art. 81-ter of Consob Regulation No. 11971 of 14 May 1999 and subsequent amendments and integrations thereof by the Manager Responsible, and art. 154 bis of Legislative Decree 58 of 24 February 1998, includes a specific mention of the aforementioned circumstances.

11.6 Coordination of individuals involved in the Internal Control and Risk Management System

In accordance with article 11.3 of the Company's Corporate Governance Code, the Board of Directors, with the favourable opinion of the Control, Risk and Corporate Governance Committee, establishes the manners in which the parties involved in the internal control system are coordinated.

To this end, the Company has developed over the years a comprehensive set of reporting procedures – partly laid down by the Corporate Governance Code (regarding the Chairman of the Board of Directors, the Director responsible for the Internal Control and Risk Management System, the Control, Risk and Corporate Governance Committee, the Internal Audit Department) an partly laid down in connection with the scope of responsibilities of the different departments involved in the Internal Control and Risk Management System.

In particular:

The Chairman guarantees that adequate reporting procedures are in place between the Board of Directors and other administrative and corporate functions and, by virtue of the powers vested in him, oversees the functioning of the Internal Control and Risk Management System.
The Director responsible for the Internal Control and Risk Management System reports promptly to the Control, Risk and Corporate Governance Committee (or the Board of Directors) on issues and critical matters arisen in performing his activities or that came to his or her knowledge, so that the Committee (or the Board of Directors) might take appropriate steps.
The Control, Risk and Corporate Governance Committee:
- receives adequate reports on the different areas of the Internal Control and Risk Management System from the other control bodies and the competent Company departments (Ethics Officer, Supervisory Body, Manager Responsible);
- reports to the Board of Directors, at least once every six months, when the annual and six-monthly financial reports are approved, on the activities performed and the adequacy of the Internal Control and Risk Management System;
expresses its opinion to the Board of Directors on the corporate governance report, for the description of the characteristics of the Internal Control and Risk Management System and the assessment of its adequacy.
The Group Internal Audit Department:
- reports to the Control, Risk and Corporate Governance Committee concerning the audit activities related to the Atlantia Group;
- reports yearly on the Internal Control and Risk Management System.
The Group Controlling & Risk Management Department:
- reports regularly to the Control, Risk and Corporate Governance Committee on risk identification, measurement, management and monitoring;
- ensures the necessary reporting within the Group to guarantee consistency in the methodological approach and alignment of execution schedules referring to the Risk Appetite and Catalogue of risks of the Company and Group, directing the activities of the Risk Officers.
The Manager Responsible for Financial Reporting is responsible for:
- planning, managing and monitoring the processes concerning, in particular, administrative and accounting reports, including automated data processing and financial transaction recording systems, also to attest to their adequacy and effective application;
- giving instructions also to the subsidiaries, so that they adopt all the necessary measures and administrative and accounting procedures, and take any other step or action, that ensure the proper preparation of the consolidated financial statements, as well as any measure that might ensure the utmost reliability of the data and information submitted to the Manager Responsible in relation to the preparation of financial reports;
- report every six months to the Control, Risk and Corporate Governance Committee and the Board of Statutory Auditors on the monitoring activity under article 154 of the Consolidated Finance Act.
The General Counsel Department is responsible for:
coordinating, at Group level, legal aspects, dispute management and external counsel;
ensuring, at Group level, the proper performance of filing obligations, including through the implementation of coordination mechanisms, and managing, regarding these aspects, relations with Investors and Supervision Authorities;
managing the approach to concession arrangements of the Group's airport and motorway operators;
reviewing in legal terms the strategies of the Group companies on tenders, contracts, works, outsourcing, sub-concessions and procurement, and coordinating, at Group level, legal assistance for acts relating to the expansion and upgrade of the operated infrastructure;
reviewing the forms and standard contracts prepared by the subsidiaries, to ensure consistency at Group level;
directing and coordinating, at Group level, the international activities related to new business initiatives, corporate actions and M&A;
providing support, at Group level, in the application of Corporate Governance systems and rules.

The General Counsel coordinates the legal and corporate affairs departments of the Group companies.

The Group Compliance and Security Department is responsible for:
- lead and coordinate the competent organisational areas of Atlantia and its subsidiaries in the implementation of the Compliance programmes, monitoring and assessing their progress;
- set out, in agreement with the General Counsel, the Guidelines for Atlantia and its Subsidiaries to prepare and implement the procedures called for by the Organisation, Management and Control Models under Legislative Decree 231/01 and the procedures implementing the adopted conduct policy;
- ensure, at Group level and in agreement with the General Counsel, the legal criteria to support the definition of the risk appetite and the catalogue of risks, monitoring the area of interest for proper implementation.
The Health, Safety & Environment structure of the Group's Human Resources Department:
- updating and monitoring the comprehensive health, safety and environmental model;
- verifying observance with legal provisions and measures adopted for health, safety and environmental protection with regular visits and checks;
- ensuring training and information regarding occupational safety;
- regularly apprising the Control, Risk and Corporate Governance Committee on the status of the Health, Safety and Environmental Management Model and initiatives taken regarding occupational health and safety and environmental protection.

12. DIRECTORS' INTERESTS AND RELATED PARTY TRANSACTIONS

Related party transactions shall be subject to the issued Regulation and CONSOB Resolution 17221 of 12 March 2010, as amended and as implemented in Atlantia's Procedure for Related Party Transactions (the "Procedure").

Further information is also contained in art. 34 of the Articles of Association on related party transactions.

In compliance with the provisions of CONSOB Regulations, on 21 October 2010, Atlantia set up the Committee of Independent Directors with Responsibility for Related Party Transactions, as shown below (hereinafter "RPT Committee").

The aforementioned Procedure was adopted by the Board of Directors - with the prior approval of the Independent Directors on the Related Party Transactions Committee, dated 8 November 2010 – on 11 November 2010, pursuant to the Regulation.

The Procedure defines the scope of application of the rules governing related party transactions (transactions of greater and lesser significance and transactions within the purview of the general meeting), the related cases of exclusion, and the procedures for drawing up and updating the list of related parties.

12.1 Committee of Independent Directors with responsibility for Related-Party Transactions

As mentioned, the Atlantia Board of Directors, following a favourable report by the Committee of Independent Directors with responsibility for Related-Party Transactions, approved the Procedure for Related-Party Transactions on 11 November 2010, in pursuance of article 2391 bis of the Italian civil code and provisions contemplated in the Consob Regulation.

The Procedure was implemented on 1 January 2011.

The Procedure has since then been reviewed every year by the RPT Committee and the Board of Directors with respect to the need to modify or update the Procedure.

Following the foregoing reviews, the Board of Director confirmed that the Procedure was fit for purpose given in 2011, 2012, 2013, 2014; in 2015 there was an update to accommodate the merger of Gemina SpA into Atlantia; in 2016 the Procedure was confirmed.

The most recent update was approved by the Board of Directors on 15 December 2017, with the consent of the RPT Committee, in relation to the need for adapting it to the Consob Regulation as amended in May 2017, following the enactment of Regulation (EU) No. 596/2014.

In 2017, further revisions and additions were made to the Procedure, to reflect the Group's practices and organisational changes, to ensure the proper functioning of communication and reporting lines among the parties involved in the process.

Furthermore, the frequency of the assessment to determine any change to the Procedure was changed from annual to triennial, in line with Consob Communication DEM/10078683 of 24 September 2010.

The Procedure governs related party transactions entered into by the Company or one of its subsidiaries. It establishes the criteria for classification as a related party transaction and the definition of greater and lesser important transactions. It also indicates the methods of handling such transactions of greater and lesser importance.

The Procedure is available on the Atlantia website www.atlantia.it

In implementation of the Procedure, Atlantia established a Committee of Independent Directors with responsibility for Related Party Transactions made up of three unrelatedparty Independent Directors, responsible for:

a. formulating an opinion on Atlantia's Procedure for Related Party Transactions and related amendments (CONSOB regulation on related party transactions, art. 4.3);
b. expressing an opinion on any amendments to the Articles of Association (CONSOB regulation on related party transactions, art. 4.3);
c. performing, during negotiations and examination of Atlantia's related-party transactions of greater significance, the functions contemplated by art. 8, paragraph 1.b of the CONSOB regulation on related party transactions linked to the involvement of the Committee, or of one or more delegated members;
d. expressing an opinion on Atlantia's related party transactions of greater significance (art. 8, paragraph 1.c) of the CONSOB regulation on related party transactions);
e. expressing, before the approval of smaller transactions with Atlantia's related parties, a reasoned opinion on the interest of the Company in the transaction as well as the relative attractiveness and substantial fairness of the relevant terms and conditions, with the option to retain, at the Company's expense, one or more independent experts of its choosing.

On 22 April 2016, the Board of Directors appointed the following Independent Directors to form a new RPT Committee:

Bernardo Bertoldi, Lynda Christine Tyler-Cagni and Giuliano Mari, who was appointed Chairman of the Committee at the first meeting on 6 May 2016.

Subsequently, following the resignation as Board Member and member of the RPT Committee by Lynda Tyler-Cagni on 16 November 2018, on 14 December 2018, the Board of Directors appointed Independent Director Massimo Lapucci to the RPT Committee.

Moreover, since Giuliano Mari submitted his resignation as Chairman and member of the RPT Committee, effective as of 30 January 2019, the Board of Directors appointed Independent Director Lucy Marcus as member of the RPT Committee on 18 January 2019, effective immediately.

In its meeting on 15 February 2019, the RPT Committee elected Massimo Lapucci as its Chairman.

The RPT Committee thus presently comprises the following Directors:

Massimo Lapucci Chairman
Bernardo Bertoldi
Lucy Marcus

All committee members are Independent Directors in accordance with art. 148, paragraph 3, of the Consolidated Finance Act and article 3 of the Corporate Governance Code.

The Committee has adopted its own Rules of functioning, approved at the meeting of 13 December 2010 and then amended on 27 January 2011.

The Committee met 8 times in 2018, and its activities included expressing its opinions to the Board of Directors regarding a significant transaction.

- Directors' interests

Regarding the cases where a Director has an interest in a certain company transaction, whether personal or on behalf of third parties, such Director is required, in accordance with article 2391 of the Italian Civil Code, to notify the other Directors and the Board of Statutory Auditors, specifying the nature, terms, origin and extent of such interest. In the event such Director is the Chief Executive Officer, the Director should refrain from becoming involved in the transaction, delegating all powers to the Board of Directors.

The Board did not adopt any further resolution in this area.

13. ELECTION OF STATUTORY AUDITORS

As required by art. 32 of the Articles of Association, members of the Board of Statutory Auditors are elected using slate voting and in compliance with law in force having regard to the balance between gender quotas. Should the application of gender quotas not result in a whole number of Board members belonging to the least represented gender, this number is rounded up to the nearest whole number.

Individuals who hold a number of posts as director or standing auditor equal to or above the maximum established by the applicable regulations, or do not meet the requirements for integrity, expertise and independence required by the applicable regulations, are not eligible. At least two Standing Auditors and one Alternate shall be selected from among individuals listed in the register of auditors, who have been engaged in the statutory audit of accounts for a period of not less than three years. Statutory Auditors not meeting such requirement shall be selected from amongst those persons with at least three years wide-ranging experience in:

a) the management and control of or executive duties in joint-stock companies having issued capital of at least two million euros; or,
b) professional activities or university instruction in legal, business and finance subjects; or,
c) managerial functions at government or public administration entities engaged in lending, finance or insurance. The lists shall indicate the names of one or more candidates, which must not exceed the number of Statutory Auditors to be elected, with each name assigned a sequential number.

Each slate shall consist of two sections: one for candidates for the office of Standing Auditor and one for Alternates. Each section must contain the names of one or more candidates.

Slates that, taking into account both sections, contain a number of candidates equal to or higher than three must indicate:

at least a fifth of the candidates belonging to the least represented gender for the first term of office in application of Law 120 of 12 July 2011;
at least a third of the candidates belonging to the least represented gender for the following two terms of office.

Where the number of candidates for Alternate Auditor is equal to or higher than two, they must be of two different genders.

Only those Members who, singly or jointly with other Members, at the date on which the lists were filed with the Company, represent at least the percentage shareholding required by the preceding art. 20 for the submission of slates of candidates for the position of Director.

Slates submitted by Members are filed with the registered office at least twenty-five days prior to the date of the General Meeting to be held as a first or one call meeting.

The slates are made available to the public, according to the procedures required by the applicable regulations, at least 21 days prior to the date of the General Meeting to be held in first or one call.

If, at the end of the above term of twenty-five days, only one slate has been submitted, or only slates submitted by Members associated with each other – as defined by the CONSOB pursuant to art. 148, section 2 of Legislative Decree 58/1998 – qualifying persons may continue to submit slates, through filing at the registered office, up to the latest deadline provided for by the laws and regulations in force. In this case, the size of shareholding required to qualify for the right to submit lists is reduced by half.

No individual shareholder, or shareholders belonging to the same group or shareholders who are party to a shareholder's agreement, may submit or vote for more than one slate, including via a proxy or a trust company, and any candidate included in more than one slate shall be disqualified.

Each slate shall be accompanied by:

information on the Members who have submitted the slates and their total percentage shareholding, together with certificates attesting to their ownership of the related shares;
exhaustive information regarding candidates' personal and professional details;
declarations from the individual candidates accepting their candidature and a personal warranty that there is no fact or deed which could give rise to their disqualification and that they meet the legal requirements for holding such office, including compliance with the limit on the total number of positions held, as established by the laws and regulations in force, and indicating any positions as director or statutory auditor held at other joint-stock companies;
a declaration from shareholders other than those who singly or jointly hold a controlling or relative majority interest, certifying the absence of any association - as defined by the CONSOB pursuant to art. 148, section 2 of Legislative Decree 58/1998 – with such shareholders.

Any slates not in compliance with the above are deemed to have not been submitted. Any individual having the right to vote may only vote for one slate. Members of the Board of Statutory Auditors shall be elected in the following manner:

a) three Standing Auditors and one Alternate to be elected shall be taken in sequential order from the slate receiving the majority of votes cast by the holders of shares carrying voting rights, and in compliance with the legislation in force concerning gender quotas;
b) the remaining two Standing Auditors shall be taken from the other slates. For that purpose, the votes cast for those other lists shall be successively divided by one and two. The resultant quotients shall be allocated to the candidates on each slate who shall then be ranked in decreasing order by the total quotients allocated to them: the candidates elected shall be those with the highest quotients, provided that the required balance between the gender quotas has been complied with. The quotients attributed in this manner to the candidates of the various slates shall then be ranked in decreasing order: the two candidates elected are those with the highest quotients subject to the compliance with gender quotas;

c) if, on completion of the election and the above procedures, legislation concerning the balance between the gender quotas elected has not been complied with, the candidates elected from the various lists are ranked in decreasing order, based on the quotients calculated in accordance with the procedure described in letter b). The candidate from the most represented gender with the lowest quotient in the ranking shall thus be replaced by the first of the candidates from the least represented gender to not be elected and belonging to the same slate. If there are no other candidates in this slate, the above replacement shall be approved by the General Meeting with the majority required by law.

If replacement of the candidate from the most represented gender with the lowest quotient in the ranking does not, however, enable the minimum quota required by the legislation in force to be reached, the above replacement process shall also be applied to the candidate from the most represented gender with the penultimate quotient, and so on rising from the lowest ranked candidate. In the event candidates have equal quotients, the General Meeting shall hold a new election and the candidate receiving the majority of votes shall be elected, provided that the legislation in force concerning the balance between gender quotas has been complied with.

The Chairman of the Board of Statutory Auditors shall be the first candidate on the minority slate that obtains the highest number of votes.

The remaining Alternate Auditor shall be drawn from the slate which receives the highest number of votes among the list submitted and voted for by Members who are not associated with the majority shareholders as defined by law;

d) any Statutory Auditors not appointed using voting slates, are appointed by General Meeting resolution approved with the majority required by law in compliance with the legislation in force concerning the balance between gender quotas;
e) in the event that a Statutory Auditor elected by the majority is replaced, the Alternate receiving the majority of votes is appointed. In the event that a Statutory Auditor elected by the minority is replaced, the Alternate elected by minority shareholders shall be appointed, or, failing this, the next ranked candidate from the same list or, failing this, the first candidate on the minority list that obtained the second highest number of votes. Replacement must, in any event, take place in compliance with the legislation in force concerning the balance between gender quotas.

Article 15.2 of the Company's Corporate Governance Code states that members of the Board of Statutory Auditors must verify their independence requirements after the election, and every year thereafter, notifying the outcome of such tests to the Board of Directors. This will, in turn, disclose the outcome to the market and, eventually, in the Corporate Governance Report, in the same manner as that contemplated for Directors.

On 18 January 2019, Atlantia's Board of Directors integrated the wording of article 15.2, stating that Atlantia considers respect for diversity in the composition of the Board of Statutory Auditors, relating to aspects such as gender, professional qualifications and the presence of different age groups and seniority in office, with the priority objective of ensuring adequate competence and professionalism of the members thereof.

Article 15.4 of the Atlantia Corporate Governance Code states that the Statutory Auditors' remuneration should be commensurate with the time required, relevance of the role and the Company's size and sector characteristics.

14. COMPOSITION AND FUNCTIONING OF THE BOARD OF STATUTORY AUDITORS

On 20 April 2018, the General Meeting elected, through the slate voting procedure, the Board of Statutory Auditors for the financial years 2018-2019-2020.

Alberto De Nigro, Lelio Fornabaio and Livia Salvini were elected as standing auditors while Laura Castaldi was elected as alternate auditor on the basis of the slate submitted by Sintonia SpA. The Chairman, Corrado Gatti, standing auditor Sonia Ferrero and alternate auditor Michela Zeme were elected in accordance with the provisions of article 148 of Legislative Decree 58/1998, as amended by Law 262/2005, on the basis of a slate submitted by a group of asset management companies and other institutional investors.

All the Statutory Auditors in office meet the integrity and experience requirements stipulated in the articles of association and applicable legislation. The Articles of Association also disqualify persons holding a number of management and supervisory positions equal to or greater than the maximum number, as established by relevant legislation, from being appointed as a Statutory Auditor.

In this regard, art.144-terdecies of the CONSOB's Regulations for Issuers (Limits on the accumulation of positions) states that anyone who is a member of the boards of statutory auditors of five issuers is disqualified from becoming a member of an issuer's board of statutory auditors.

A member of an issuer's board of statutory auditors may take up other positions as a director or statutory auditor in the companies defined in Book V, Title V, Chapters V, VI and VII of the Italian Civil Code (the number of positions is shown in Table 3, whilst details of the related positions are available on the Consob website), provided they do not exceed the maximum of six points resulting from application of the calculation model contained in Annexe 5-bis, Schedule 1. Exempt positions and positions as a director or statutory auditor of small companies are not taken into account in calculating the cumulative positions.

In consideration that article 15, paragraph 2 of the valid Corporate Governance Code states that "the Board of Statutory Auditors shall ascertain compliance with these criteria after election and subsequently annually, reporting on its findings in the corporate governance report in a manner consistent with the arrangements for Directors", in its meeting on 11 May 2018, the Board of Statutory Auditors verified the existence of independence for all the auditors, obtaining statements to that effect from all the auditors, effective as of the General Meeting of shareholders on 20 April 2018, in which regard each Statutory Auditor declares to meet the independence requirements as stipulated in art. 148, paragraph 3 of Legislative Decree 58/1998, and the independence requirements contemplated in article 3.1 of the Atlantia Corporate Governance Code (as mentioned in art. 15.2 of the cited Code). As the outcome of the check in question was positive, the Board of Statutory Auditors resolved to notify the Board of Directors of such positive outcome.

Pursuant to the Corporate Governance Code, any Statutory Auditors who, either themselves or on behalf of third parties, have an interest in a specific Company transaction, must promptly inform the other Statutory Auditors and the Chairman of the Board of Directors as regards the nature, terms and extent of their interest.

Atlantia's Board of Statutory Auditors met a total of 22 times in 2018 (the percentage of meetings actually attended by members of the board is reported in Table 3). The average length of the meetings was approximately two hours.

It should also be pointed out that the Board of Statutory Auditors normally meets with the same frequency as the Board of Directors. At the meeting of 18 January 2019, a total of 16 meetings were scheduled for 2019.

In 2019, the Board of Statutory Auditors held 4 meetings and also met with the Company to review the main matters concerning the 2018 financial statements.

In carrying out its duties, the Board of Statutory Auditors had regular meetings during the year with Independent Auditors, the Manager Responsible for Financial Reporting and the Head of Group Internal Audit. Certain meetings, on particularly significant issues, were held jointly with the Control, Risk and Corporate Governance Committee.

The Chairman of the Board of Statutory Auditors, or another standing Statutory Auditor at his request, attended the meetings of the Internal Control and Corporate Governance Committee, pursuant to the Corporate Governance Code.

The Board of the Statutory Auditors monitored, in accordance with art. 149 c. paragraph 1.c bis of the CFA, the implementation of the corporate governance rules provided for in Atlantia's Corporate Governance Code.

Before issuing their reports on the financial statements, the Board of Statutory Auditors and the Independent Auditors exchanged information on the checks carried out.

Partly in the light of the amendments introduced by Legislative Decree 39/2010, in 2010 the Board of Statutory Auditors assumed the role of the Internal Control and Audit Committee. Article 15.5 of the Company's Corporate Governance Code states that the Board of Statutory Auditors, in compliance with the pertinent legislation in force, monitors the financial reporting process; effectiveness of the internal control system, internal review and risk management; on the legal review of annual financial statements, including the consolidated statements, and the independence of the auditors, particularly concerning the provision of non-review services.

If should be borne in mind that Legislative Decree 135/2016 was amended, effective as of the first financial year following that under way in 2016, changing the duties and responsibilities of the Internal Control and Audit Committee, providing that it will:

a) inform the board of directors of the audited company after the audit, sending to this board the report under article 11 of the European Regulation, with any accompanying remarks;
b) monitor the financial reporting process and submit the recommendations and proposals intended to ensure its integrity;
c) check the effectiveness of the internal quality control and risk management systems and, where applicable, internal audit, with respect to the financial reports of the audited company, without impinging on its independence;
d) monitor the audit of the annual and consolidated accounts, taking into account any results and conclusions regarding the quality audits performed by Consob in accordance with article 26, paragraph 6, of the European Regulation, where available;
e) check and monitor the independence of the independent auditor or of the audit form in accordance with articles 10, 10-bis, 10-ter, 10-quarter and 17 of this decree and article 6 of the European Regulation, especially as regards the adequacy of services other than audit to the audited company, in keeping with article 5 of this regulation;
f) be responsible for the procedure to select the independent auditors or the audit firm and recommend the independent auditors or audit firms to be designated pursuant to article 16 of the European regulation.

Legislative Decree no. 254 of 30 December 2016 introduced a new provision into article 123-bis of the Consolidated Finance Act (sub-paragraph d-bis of paragraph 2), whereby the Corporate Governance Report "shall contain a description of diversity policies applied in relation to the composition of the administrative, management and control bodies regarding such aspects as age, gender composition and professional and educational background, as well as a description of the objectives, the manners of implementation and the results of these policies.

In the event that no policy is applied, the company will explain in a clear and comprehensive manner the reasons for such choice".

In this regard and as mentioned above, on 18 January 2019, the Company's Board of Directors approved some amendments in the Corporate Governance Code, specifying that Atlantia considers respect for diversity in the composition of the Board of Statutory Auditors, relating to aspects such as gender, professional qualifications and the presence of different age groups and seniority in office, with the priority objective of ensuring adequate competence and professionalism of the members thereof.

Regarding the composition of the Board of Statutory Auditors, it is noted that article 32 of the Articles of Association provides that this body is elected in accordance with the rules on gender balance. In fact, one-third of the Board of Statutory Auditors currently in office is made up of individuals belonging to the less represented gender.

As to professional requirements, the same article of Atlantia's Articles of Association provides that "Individuals who do not meet the requirements of integrity, professionalism and independence required by the applicable regulations may not serve as Statutory Auditors. At least two Standing Auditors and one Alternate shall be selected from among individuals listed in the register of auditors who have been engaged in the statutory audit of accounts for a period of not less than three years.

Statutory Auditors not meeting such requirements shall be selected from amongst those persons with at least three years wide-ranging experience in:

a) the management and control of or executive duties in joint-stock companies having issued capital of at least two million euros; or,
b) professional activities or university instruction in legal, business and finance subjects; or,
c) managerial functions at government or public-sector entities engaged in lending, finance or insurance."

In the meeting of 16 February 2018, based on the CVs of the Statutory Auditors in office and following an in-depth analysis on diversity in relation to the composition of its own members, the Board of Statutory Auditors determined that it features diversity in terms of age, skills and experience, including in complementary international contexts, developed by the Statutory Auditors currently in office which foster dialogue and its efficient and effective functioning.

At the meeting of 15 February 2019, the Board of Directors analysed the results and confirmed the positive score of the self-assessment with the participation of the Board of Statutory Auditors.

14.1 Procedure for reporting to the Board of Statutory Auditors

Regarding article 150, paragraph 1, Legislative Decree 58/1998, the procedure for reporting information to the Board of Statutory Auditors was revised on 20 December 2013. The objective of this procedure is, firstly, to ensure that the Board of Statutory Auditors is provided with all the information it needs to perform the supervisory role assigned to it by the above Decree and, secondly, by favouring the transparency of the Company's management, to enable each Director to participate in its management in a more aware and informed manner. This procedure covers the flow of information between the Chief Executive Officer and the Board of Directors recommended by the Corporate Governance Code, and aims to confirm the centrality of the Company's Board of Directors, by ensuring that all members of the Board of Directors and Board of Statutory Auditors have access to the same information, and strengthen the internal control system.

The following information is to be provided under the procedure:

details of activities carried out;
material transactions in terms of impact on the Company's results of operations, financial position and cash flows;
details of the activities through which the Company exercises its management and coordination functions, other than those already reported in connection with the activities carried out;
atypical or unusual transactions and any other activity or transaction deemed necessary to report to the Board of Statutory Auditors.

Each report reflects activities and transactions performed in the period of time (no more than three months) following the period (also no more than three months in length) covered by the previous report.

For the purposes of the reports, the procedure identifies transactions whose impact might be regarded as material in terms of the Company's results of operations, financial position and cash flows. Specifically, in addition to transactions that fall within the purview of the Board of Directors, pursuant to article 2381 of the Italian Civil Code, the Articles of Association and the Corporate Governance Code, material transactions conducted by Atlantia or by its main direct or indirect subsidiaries include:

the issue of financial instruments of a total amount in excess of €5 million;
lending, borrowing or provision of guarantees, as well as investments and divestments, including those relating to properties, involving amounts in excess of €5 million per transaction;
acquisitions and sales of equity interests, companies or business units, assets and other individual transactions of an amount in excess of €5 million;
extraordinary corporate transactions (capital increases, mergers, spin-offs, transfers, and/or the spin-out of business units, etc.).

During the year the Board of Directors reported to the Board of Statutory Auditors on a quarterly basis.

The Procedure is available on the Company's website at http://www.atlantia.it/en/corporate governance/statuto-codici-procedure.

Furthermore, the Statutory Auditors participated in three inductions during the year for the purpose of providing the Boards of Directors and Statutory Auditors with information pertaining to the Company's operations, its corporate dynamics and evolution.

With respect to Legislative Decree 231/2001 and the Group's Code of Ethics, the Procedure for Relations with the Board of Statutory Auditors was revised on 20 December 2013 in order to determine the responsibilities and operational procedures for managing relations with the Board of Statutory Auditors.

This procedure relates to the staff of Atlantia and its subsidiaries who, in the performance of their specific duties, have direct or indirect contact with Statutory Auditors during their internal audit activities.

15. INVESTOR RELATIONS

Atlantia's financial reporting is aimed at all its stakeholders.

o To this end, the Company has set up a specific Corporate Finance and Investor Relations Department, which is responsible for relations with the financial community. It is headed by Massimo Sonego. The department is responsible for providing the market with timely, complete and clear quantitative and qualitative descriptions of the Group's strategies and results of operations, communicating with the market (shareholders, bondholders, financial analysts and rating agencies) in all respects through:

o periodic mandatory disclosures: provided with the publication of annual and interim financial statements;
o periodic voluntary disclosures: pursuant to article 82ter of the Regulations for Issuers, to provide constant and regular information to the financial community, a financial report is published as of 31 March and 30 September in accordance with the applicable regulations;
o extraordinary disclosures: extraordinary disclosures: publication of prospectuses relating to corporate actions affecting the Company;
o mandatory disclosures on material events, made in accordance with Legislative Decree 58 of 24 February 1998 and the CONSOB Regulations for Issuers. In fact, the principles laid down therein, and any subsequent amendments, are adopted in accordance with the Corporate Governance Code for Listed Companies and Borsa Italiana's Guide for Reporting to the market, and in accordance with the instructions in the above-mentioned "Procedure for Market Announcements";
o voluntary information to investors and analysts provided in regular meetings (road shows, conference calls, one-on-one meetings) with institutional investors in the main financial centres and meetings with stock and credit analysts.

In order to facilitate an ongoing dialogue with the financial community and, generally, with all stakeholders a webpage is active and constantly updated on the Company's website (developedwww.atlantia.it/en/investors/index.html), with a special section containing important information on the Group of interest to stakeholders.

16. GENERAL MEETINGS

The Directors encourage and facilitate the highest possible attendance of shareholders at General Meetings, in particular by providing all the necessary information and documents to ensure the smooth running of and informed participation at meetings. The information is made available on a specific page of the Company's website.

The Corporate Governance Code requires General Meetings to be treated as forums to provide shareholders with reports on the Company's operating performance and outlook, in accordance with the regulations governing price sensitive information. In the event of significant changes in the Company's overall capitalisation, in the shareholder structure and in the number of shareholders, the Directors assess the appropriateness of recommending changes to the Memorandum of Association to the General Meeting, as regards the majorities required to pass resolutions and to exercise the prerogatives designed to protect minority shareholders.

The functioning of General Meetings, the related powers, the rights of those entitled to vote and how to exercise the rights are governed by the laws and regulations in force.

In particular, the Company's Articles of Association provide for the following.

To be entitled to attend general meetings and to exercise voting rights, the holders of voting rights are required to send a notice to the Company through their intermediary, in accordance with the laws and regulations in force (article 13). In particular, pursuant to the laws applicable in this area, the right to attend and to vote can be exercised by such persons as are holders of voting rights at the end of the seventh stock exchange trading day preceding the date set for the General Meeting in first call (the "Record Date") for which the intermediary sent the communication required by law. Persons who assume ownership of shares after the record date are not entitled to attend and vote at the General Meeting.

Furthermore, the holders of voting rights may appoint a proxy also by electronic means; the proxy can also be notified through the website or by certified email, in accordance with the procedures indicated in the notice of the General Meeting.

In addition, for each General Meeting the Company designates a person whom shareholders can appoint as a proxy, by the second stock exchange trading day prior to the date set for the General Meeting in first call, with voting instructions on all or some of the items on the agenda. The proxy is effective only for the matters for which voting instructions have been provided. The General Meeting Regulations, shown at the end of the Articles of Association, provide for the orderly and functional proceedings of Ordinary and Extraordinary General Meetings.

The Regulations address matters such as setting out the procedure for qualifying shareholders to request to speak on items in the Agenda.

The full text of the Articles of Association and the General Meeting Regulations are available on the Company's website at http://www.atlantia.it/en/corporate-governance/articles-codes procedures.html.

The Board of Directors endeavours to provide shareholders with adequate information on agenda items, making the related reports available to the public in the manner and in accordance with the timing provided for by law. Furthermore, pursuant to art. 127-ter, Legislative Decree 58/98 shareholders with voting rights may even put questions up to three days before a meeting in first call, which will be answered later in the meeting, using the appropriate webpage of the Company's website and sending the questions by fax or certified post.

In 2018, two General Meetings of Shareholders were held, an extraordinary one on 21 February 2018 and an ordinary one on 20 April 2018.

The Extraordinary General Meeting on 21 February 2018 was held in relation to the public takeover bid and/or voluntary exchange on all of the ordinary shares issued by Abertis Infraestructuras SA ("Bid" or "PTB") launched by Atlantia in May 2017, and the deliberations addressed:

extending the term for executing the share capital increase for the Bid from 30 April to 30 November 2018;
changing the transfer restriction period on special shares, to be issued by virtue of the capital increase for the bid to 90 days from the issue thereof (instead of a fixed date).

Four Directors attended the Annual General Meeting of 21 February 2018.

Regarding the bid, on 12 April 2018, Atlantia announced the decision to withdraw it in performance of the agreements reached with Hochtief Aktiengesellschaft and ACS (Actividades de Construcción y Servicios SA) on 23 March 2018 entailing a joint investment transaction in Abertis Infraestructuras SA.

Following the withdrawal of the bid, the share capital increase and the amendments to the articles of association addressed by the General Meeting of 2 August 2017 regarding the takeover were not carried out.

The General Meeting on 20 April 2018:

examined and approved the Atlantia Group's separate and consolidated financial statements for the year ended 31 December 2017;
determined the amount of the dividend;
approved the proposal for integrating the consideration for the statutory review of the accounts related to the years 2017 through 2020;
authorised, pursuant and for the purposes of articles 2357 et seq. of the Italian Civil Code, article 132 of Legislative Decree 58 of 24 February 1998 and article 144-bis of the CONSOB Regulations adopted with Resolution 11971 as subsequently amended, the purchase of treasury shares, subject to prior revocation, in whole or in part, of the unused portion of the authority granted by the General Meeting of 21 April 2016 (see information in this report on the authority to purchase treasury shares); the Board of Statutory Auditors appointed for the financial years 2018-2019-2020, determining their remuneration:
approved the first section of the Remuneration Report prepared in compliance with art. 123-ter, Legislative Decree 58 of 24 February 1998;
updated the additional long-term incentive plan addressed at the General Meeting on 2 August 2017 based on its financial instruments for the Company's executive directors and employees of the Company and its direct and indirect subsidiaries.

Eight Directors attended the Annual General Meeting of 20 April 2018.

17. CONSIDERATIONS OF THE CHAIRMAN OF THE CORPORATE GOVERNANCE COMMITTEE ON THE LETTER OF 21 DECEMBER 2018

The VIII version of the Italian Stock Exchange's format for the preparation of the Corporate Governance Report by listed companies requires the inclusion in this section the Company's opinion on the recommendations contained in the letter of 21 December 2018 by the Chairman of the Committee for Corporate Governance to the Chairmen of the Boards of Directors of listed companies. The letter expressed the hope that the considerations contained therein "would be brought to the attention of the Board of Directors and the competent Committees of the Issuer"; the letter also requested that observations "would be considered, also in connection with the self-assessment, to identify possible changes in governance or to correct any shortcoming in the application or in the explanations provided"; and that the Issuer's considerations and any initiative undertaken in that respect be illustrated in the next corporate governance report.

In its meeting on 18 January 2019, the Board of Directors, before the Board of Statutory Auditors, on the basis of the assessments of the Control, Risk and Corporate Governance Committee, acknowledged the elevated degree of adhesion by Atlantia to the indications expressed by the Italian Committee for Corporate Governance and resolved not to assume further initiatives, with the exception of the institution of the Appointments Committee, to which reference is made to the specific paragraph in the Report.

These recommendations are also considered in the self-assessment of components by the Board of Directors and its Committees.

TABLE 1 - INFORMATION ON THE OWNERSHIP STRUCTURE OF ATLANTIA

BREAKDOWN OF THE ISSUED CAPITAL AS AT 31 DECEMBER 2018
	No. of shares	% of issued capital	Listed	Rights and obligations
Ordinary shares	825,783,990	100	Italian Stock Exchange	Rights and obligations of ordinary shareholders

Other Financial Instruments (providing a conditional right to subscribe to a new issuance of shares)*
	Listed/Unlisted	Number issued**	Class of shares to satisfy exercise	Maximum number of shares to satisfy exercise
Contingent Value Rights ("CVRs")	unlisted	163,956,286	Ordinary shares	18,455,815

_______________________________________________________________________________ *The CVRs provide their holders, on the fulfilment of the conditions of allotment as defined in the Terms and Conditions of Atlantia SpA 2013 Ordinary Share Contingent Value Rights, available for inspection at http://www.atlantia.it/pdf/integrazione-del-regolamento-dei-diritti-di-assegnazione-condizionati.pdf, subject to the conditions of allotment as defined in the Terms and Conditions, the CVRs provide their holders with the right to receive a number of Atlantia ordinary shares determined with reference to the Final Allotment Ratio and a Dividend Adjustment as set out in the Terms and Conditions.

The following were approved at the Extraordinary General Meeting of 8 August 2013 together with the issuance of shares to satisfy the merger share exchange ratio of up to 164,025,376 CVRs and, at the same time, an increase in issued capital to irrevocably satisfy the CVRs up to a par value of €18,455,815.00, through the issuance of 18,455,815 ordinary Atlantia shares with a par value of €1.00.

** The holders of the CVRs have exercised put options for 160,698,634 CVRs (98% of the outstanding CVRs) as at 31 December 2014, in accordance with the Terms and Conditions; at 31 December 2018, the situation was unchanged. Refer to paragraph 2 "Information on the ownership structure" in the Report.

The CVRs acquired by the Company from such holders are cancelled.

SIGNIFICANT SHAREHOLDINGS AS AT 31 DECEMBER 2018*
Reporting entity	Direct shareholder	% of ordinary shares	% of voting shares
Edizione Srl	Sintonia SpA	30.254	30.254
Government of Singapore Investment Corporation Pte Ltd (GIC PTE LTD)	InvestCo Italian Holdings Srl GIC PTE LTD	8.136	8.136
Fondazione Cassa di Risparmio di Torino	Fondazione Cassa di Risparmio di Torino	5.062	5.062
LAZARD ASSET MANAGEMENT LLC	LAZARD ASSET MANAGEMENT LLC	5.017	5.017
HSBC BANK PLC	INKA INTERNATIONALE KAPITALANLAGEGESELLSCHAFT MBH HSBC BANK PLC	4.958	4.958

* The percentages shown have been derived from the notifications of the shareholders pursuant to article 120 CFA. Accordingly, such percentages might not be in line with the data processed and disclosed by other sources, in the event that the change in equity interest did not entail any notification obligations by the shareholders. Article 119-bis, paragraphs 7 and 8 of the Regulations for Issuers, grants asset management companies and duly authorised entities who have purchased managed investments, represented by interests of above 3% and below 5%, an exemption from the reporting requirements provided for by article 117 of the Regulations for Issuers.

Atlantia SpA's Board of Directors (*)							Control, Risk and Corporate Governance Committee		Human Resources and Remuneration Committee
Position	Members (Name and surname)	Year of birth	Date first elected (1)	In office since (2)	In office until (2)	Slate (3)	Executive directors	Non-executive directors	Independent Directors per Atlantia's Corporate Governance Code	Independent Directors per CFA	Number of other positions held (4)	Attendance at Board of Directors meetings (5)	( 5 )	'(6 )	(5 )	(6)
Chairman	CERCHIAI Fabio	1944	14-04-2010	21-04-2016	approval of 2018 financial statements	M	X				6 #	16/16	9/14
Director CEO	CASTELLUCCI ° Giovanni	1959	12-05-2006	21/04/2016 ◊	approval of 2018 financial statements	M	X				6	16/16	11/14
Director	ANGELA ° Carla	1938	30-04-2013	21-04-2016	approval of 2018 financial statements	M		X	X	X	0	15/16	13/14	P (****)	0/6	M (*)
Director	BERTAZZO Carlo	1965	30-04-2013	21-04-2016	approval of 2018 financial statements	M		X			7	14/16			5/6	M
Director	BERTOLDI ° Bernardo	1973	30-04-2013	21-04-2016	approval of 2018 financial statements	m		X	X	X	7	16/16	14/14	M
Director	CODA ° Gianni	1946	30-04-2013	21-04-2016	approval of 2018 financial statements	m		X	X	X	2	16/16			6/6	P (**)
Director	DE BERNARDI DI VALSERRA Elisabetta	1977	21-04-2016	21-04-2016	approval of 2018 financial statements	M		X			4	13/16
Director	LAPUCCI Massimo	1969	30-04-2013	21-04-2016	approval of 2018 financial statements	M		X	X	X	9	16/16			4/6	M
Director	MARCUS Lucy P.	1971	30-04-2013	21-04-2016	approval of 2018 financial statements	m		X	X	X	0	16/16
Director	MARI Giuliano	1945	23-04-2009	21/04/2016•	approval of 2018 financial statements	M		X	X	X	1	16/16	14/14	M *
Director	MARTINELLI Valentina	1976	30-04-2013	21-04-2016	approval of 2018 financial statements	M		X			0	16/16
Director	MONDARDINI Monica	1960	20-01-2012	21-04-2016	approval of 2018 financial statements	M		X	X	X	5	13/16			3/6	M (***)
Director	PATUANO ° Marco	1964	20-01-2017	21-04-2017	approval of 2018 financial statements	M		X			9	15/16
Number of meetings held in 2018 Board of Directors: 16 Quorum required for the submission of slates for most recent election (as per art. 147 ter of the CFA): 0.5% as per CONSOB Resolution No. 19499 of 28 January 2016.					Control, Risk and Corporate Governance Committee: 14				Human Resources and Remuneration Committee: 6

TABLE 2: STRUCTURE OF ATLANTIA SpA'S BOARD OF DIRECTORS AND BOARD COMMITTEES

NOTES:

(*) Director Gilberto Benetton passed away on 22 October 2018 and Director (independent) Lynda Christine Tyler-Cagni submitted her resignation on 16 November 2018

(1) The "Date first elected" indicates the date on which each Director was elected for the first time (in absolute terms) as a member of the issuer's board of directors.

(2) The symbols indicated below in the "Position" column have the following meaning: •Director responsible for the Internal Control and Risk Management System.

◊This symbol indicates the person responsible for issuer management (Chief Executive Officer or CEO).

(3) This column indicates M/m according to whether the Director was elected from the majority (M) slate or a minority (m) slate; "BoD": slate presented by the Board of Directors)

(4) This column indicates the number of directorships or positions as statutory auditor held by the interested party in other companies listed on domestic or foreign regulated markets, finance, banks and insurance companies, or entities of relevant dimensions. In the Corporate Governance Report, refer to Annexe 1, which further specifies the positions.

(5) This column shows the attendance of directors at meetings of the Board of Directors and Committees (i.e. number of meetings attended with respect to the total number of meetings that could have been attended; e.g. 6/8; 8/8, etc.).

(6) This column indicates the category of the Director on the Committee: "P": Chairman; "M": Member.

° member of the Appointments Committee created by the Atlantia BoD in the meeting on 18 January 2019, in which Gianni Coda was appointed Chairman

on 30 January 2019

* effective as of 14 December 2018

** effective as of 17 January 2019

*** until 19 February 2019

**** effective as of 14 February 2019

***** effective as of 30 January 2019

Annexe A

Summary of the personal and professional details of Atlantia's Directors as at 31 December 2018*

Name and surname	Position at Atlantia	Age
Fabio Cerchiai	Chairman	74
Giovanni Castellucci	Chief Executive Officer	59
Carla Angela	Director (1 )	80
Carlo Bertazzo	Director	53
Bernardo Bertoldi	Director (1 )	45
Gianni Coda	Director (1 )	72
Elisabetta De Bernardi di Valserra	Director	41
Massimo Lapucci	Director (1 )	49
Lucy P. Marcus …………………	Director (1 )	47
Giuliano Mari	1 Director ( )	73
Valentina Martinelli	Director	42
Monica Mondardini	Director (1 )	58
Marco Patuano	Director	54

(1) Directors having declared that they meet the independence requirements

* Director Gilberto Benetton passed away on 22 October 2018 and Director (independent) Lynda Christine Tyler-Cagni submitted her resignation on 16 November 2018

Fabio Cerchiai

Fabio Cerchiai was appointed Chairman in April 2010.

Mr Cerchiai graduated in Economics. He began his career in 1964 with Assicurazioni Generali. He was also Chairman of ANIA (the National Association of Insurance Companies).

He has been a director of Edizione Srl since 2005 and Chairman of the Board of Directors of the ARCA Insurance Group since 2008.

On 27 March 2009, Mr Cerchiai was appointed, upon proposal of the President of the Council of Ministers, member of CNEL, to represent insurance companies. Mr Cerchiai was Chairman of Autostrade per l'Italia SpA (until January 2019) and SIAT SpA (until August 2018).

He is presently Chairman of Cerved Group Information Solutions SpA, Arca Vita SpA, Arca Assicurazioni SpA, Edizione Srl, Sintonia SpA. (since April 2018), of Edizione Property SpA (since December 2018) of Schematrentatrè SpA (since June 2018).

He is also Deputy Chairman of Unipol SpA.

Giovanni Castellucci

Giovanni Castellucci has been a director since June 2006.

Mr Castellucci graduated in mechanical engineering from the University of Florence and completed an MBA at SDA Bocconi in Milan.

From 1988 to 1999 he worked for the Boston Consulting Group, initially as a consultant, Case Leader and eventually as an executive in Paris until 1991 and then Milan from 1991, where he became a partner responsible for Italian Customer Service and Pharma Practices.

In January 2000 he was appointed Chief Executive Officer of the Barilla Group. He joined Atlantia in June 2001 as General Manager.

Between April 2005 and 30 January 2019, he was Chief Executive Officer of Autostrade per l'Italia SpA, maintaining the position of General Manager of Atlantia. Since 2006, Mr has been Chief Executive Officer of Atlantia.

Mr In addition, he is a member of the Board of Directors of Aeroporti di Roma SpA and Autostrade dell'Atlantico Srl. Member of the Conseil de Surveillance of Aéroports de la Côte d'Azur.

He currently also is a member of the Board of Directors of GETLINK SE and Abertis Infraestructuras SA.

Carla Angela

Carla Angela has been a Director since May 2013.

Ms Angela holds a degree in Actuarial Sciences awarded by the La Sapienza University of Rome. She is the Chairwoman of the Italian Institute of Actuaries and was a professor of financial mathematics in the Economics Faculty of the La Sapienza University of Rome and was also the Head of the Mathematics Department for Finance and Insurance, Chairwoman of the Finance and Insurance Degree Programme and Coordinator of the European PHD in Social Statistical and Economical Studies.

She is a member of the International Actuarial Association Council and the Board and Treasurer of the Actuarial Approach for Financial Risk Section.

She has also worked in the Actuarial Association of Europe and was recently appointed Honorary Chair.

She is Chairwoman of the National Institute of Actuaries.

Carlo Bertazzo

Carlo Bertazzo has been a Director since May 2013. Mr. Bertazzo graduated in Business Studies from the Ca'Foscari University of Venice in 1990. He joined Edizione Srl in 1995, where he is now General Manager. Chief Executive Officer of Sintonia SpA. Member of the Board of Directors of Aeroporti di Roma SpA; Connect SpA; Schematrentatre

SpA and also currently Cellnex Telecom SA and Abertis Infraestructuras SA.

Bernardo Bertoldi

Bernardo Bertoldi has been a Director since May 2013.

Mr. Bertoldi holds a degree in Economics from the University of Turin and currently lectures in the Department of Management at the University of Turin and at the ESCP Europe London and Turin Campus.

He is a member of the CIFE (Cambridge Institute for Family Enterprise) and has collaborated with Il Sole 24 Ore.

He is one of the founders of 3H partners. Director of Sabelt SpA. Chairman of the Board of Statutory Directors at CNH Industrial Capital Solutions SpA, Standing Auditor at Iveco SpA; Iveco – Oto Melara SCrl.; FIAT Chrysler Finance SpA; Azimut|Benetti SpA and Fenera & Partners – Società di Gestione del Risparmio SpA.

Gianni Coda

Gianni Coda has been a Director since May 2013.

Mr Coda is a graduate in Mechanical Engineering.

He joined the Fiat Group in 1979 and is an expert in the automobile business and related procurement and supply. He has held various positions at the Fiat Group during his career. Mr Director of CLN Group and SABELT.

Elisabetta De Bernardi di Valserra

Elisabetta De Bernardi di Valserra has been a Director since 2016.

Mr A graduate in Electronic Engineering from the University of Pavia, Ms De Bernardi di Valserra began her career in Morgan Stanley, where she served in various positions. In 2013 she joined Space Holding.

She has worked at Edizione Srl since 2015, in subsidiary management and investment transactions. She is currently also the Chief Executive Officer of ConnecT SpA and Director at Cellnex Telecom SA; Getlink SE and Sintonia SpA.

Massimo Lapucci

Massimo Lapucci has been a Director since May 2013.

Mr. Lapucci graduated in economics and business studies from La Sapienza University of Rome in 1995.

He is currently serving as the Secretary General of the Fondazione Cassa di Risparmio di Torino. He has served on the Board Director of numerous companies during his career. He is a member of the Italian accountants body and is a registered auditor.

Mr Lapucci has been Director of Beni Stabili Gestione SpA. – SGR and Chief Executive Officer of Effeti SpA. (until 22 December 2014). Chairman of the European Foundation Centre. He is also Director of Banca Generali SpA; Sofito SpA; Caltagirone Editore SpA; European Venture Philanthropy Association; Istituto dell'Enciclopedia Italiana founded by Giovanni Treccani; Associazione Social Impact Agenda per l'Italia and Istituto Bruno Leoni. Standing Auditor at Fondazione Museo Antichità Egizie Torino.

Lucy P. Marcus

Lucy P. Marcus has been a Director since May 2013. Ms Marcus graduated in History and Political Science from Wellesley College, Massachusetts, USA in 1993. She is professor of Leadership and Governance at the IE Business School and an associate of the CIBAM Centre for International Business and Management at Cambridge University. She is the founder and Chief Executive of Marcus Venture Consulting Ltd.

Giuliano Mari

Giuliano Mari has been a Director since April 2009. Mr Mari graduated in Chemical Engineering from the La Sapienza University of Rome. He was employed at the IMI SpA group from 1969 to 2002, holding, inter alia, the position of Chairman and General Manager of IMI Investimenti SpA from 1999 to 2002. He subsequently served as General Manager of Cofiri SpA until 2004.

Mr Mari is a member of the Board of Directors of Assietta Private Equity SGR SpA. He has been Chairman of Autostrade per l'Italia SpA since 30 January 2019.

Valentina Martinelli

Valentina Martinelli has been a Director since May 2013. Ms Martinelli graduated in business studies from the Ca'Foscari University of Venice. She is currently in charge of the preparation of Group consolidated financial statements and corporate affairs at Edizione Srl. She commenced her career at Arthur Andersen SpA and is a registered auditor.

Monica Mondardini

Monica Mondardini was appointed a Director in January 2012. She holds a degree in statistics and economics from the University of Bologna. She has worked at the Hachette Group and was a General Manager for Europe Assistance, and Chief Executive of Generali Spain. She is currently the Chairman of Sogefi SpA and, since April 2018, Deputy Chairman of GEDI - Gruppo Editoriale SpA. She was also Chief Executive Officer of C.I.R. SpA.

Director at Crédit Agricole SA and Trevi Finanziaria Industriale SpA.

Marco Patuano

Marco Patuano has been a Director since January 2017.

Mr Patuano graduated in Business Management – Finance from Università Bocconi, Milan, and attended several post-graduate courses in Europe and in the United States. Starting from 1990 and until 2006, he worked with Telecom Italia Group, until he was appointed Chief Executive Officer in 2011.

Until 2016, he was also a member of the Board of Directors of Telecom Italia Foundation, Bocconi Foundation, European Institute of Oncology and cooperated with various universities in Italy and in the United States. Since 18 January 2017, Chief Executive Officer of Edizione Srl.

He holds the office of Chairman of Cellnex Telecon SA and Chief Executive Officer of Schematrentatre SpA.

In addition, he is a member of the Board of Directors of Benetton Group Srl, Autogrill SpA, Associazione Calcio Milan SpA; Sintonia SpA; ConnecT SpA and Edizione Property Srl.

TABLE B

Number of years in position since initial appointment at Atlantia (commencing with the General Meeting of 26 November 2003)

Directors in office as at
31 December 2018 (*)
	YEARS IN
	OFFICE
CARLA ANGELA **	6
CARLO BERTAZZO	6
BERNARDO BERTOLDI **	6
GIOVANNI CASTELLUCCI	13
FABIO CERCHIAI	9
GIANNI CODA **	6
ELISABETTA DE	3
BERNARDI DI VALSERRA
MASSIMO LAPUCCI **	6
LUCY P. MARCUS **	6
GIULIANO MARI **	10
VALENTINA MARTINELLI	6
MONICA MONDARDINI **	7
MARCO PATUANO	2

(*) Director Gilberto Benetton passed away on 22 October 2018 and Director (independent) Lynda Christine Tyler-Cagni submitted her resignation on 16 November 2018
** Independent Director

ANNEXE 1

**LIST OF OTHER POSITIONS HELD BY THE DIRECTORS IN OTHER COMPANIES LISTED ON ITALIAN AND INTERNATIONAL REGULATED MARKETS, AND IN LARGE FINANCIAL, BANKING AND INSURANCE COMPANIES (*)**

DIRECTOR	OTHER POSITIONS
CERCHIAI Fabio	 Chairman of Autostrade per l'Italia SpA (until 30 January 2019)  Chairman of Cerved Group Information Solutions SpA  Chairman of Arca Vita SpA  Chairman of Arca Assicurazioni SpA  Chairman of Edizione Srl (since 18 January 2017)  Chairman of Edizione Property SpA. (since December 2018)  Deputy Chairman of UnipolSai SpA
CASTELLUCCI Giovanni	 Chief Executive Officer of Autostrade per l'Italia SpA (until 30 January 2019)  Director of Aeroporti di Roma SpA  Director of Autostrade dell'Atlantico Srl  Member of the Supervisory Board of Aéroports de la Côte d'Azur  Director of GETLINK S.E.  Director of Abertis Infraestructuras SA.
ANGELA Carla	----
BERTAZZO Carlo	 Chief Executive Officer of Sintonia SpA.  General Manager of Edizione Srl  Director of Aeroporti di Roma SpA  Director of Connect SpA.  Director of Schematrentatre SpA.  Director of Cellnex Telecom SA.  Director of Abertis Infraestructuras SA.

DIRECTOR	OTHER POSITIONS
BERTOLDI Bernardo	 Director of Sabelt SpA.  Chairman of the Board of Statutory Auditors at CNH Industrial Capital Solutions SpA  Standing Auditor at Iveco SpA.  Standing Auditor at Iveco – Oto Melara S.C.r.l.  Standing Auditor at FIAT Chrysler Finance SpA  Standing Auditor at Azimut Benetti SpA.  Standing Auditor at Fenera & Partners – Società di Gestione del Risparmio SpA
CODA Gianni	 Director of CLN Group  Director of SABELT
DE BERNARDI DI VALSERRA Elisabetta	 Chief Executive Officer of ConnecT SpA.  Director of Cellnex Telecom SA.  Director of Getlink S.E.  Director of Sintonia SpA.
LAPUCCI Massimo	 Chair of the European Foundation Centre  Director of Banca Generali SpA  Director of Sofito SpA  Director of Caltagirone Editore SpA.  Director of the European Venture Philanthropy Association  Director at Istituto dell'Enciclopedia Italiana founded by Giovanni Treccani  Director at Associazione Social Impact Agenda per l'Italia  Director at Istituto Bruno Leoni  Standing Auditor at Fondazione Museo Antichità Egizie Torino
MARCUS Lucy P.	----
MARI Giuliano	 Chairman of Autostrade per l'Italia SpA (since 30 January 2019)  Director of Assietta Private Equity SGR SpA
MARTINELLI Valentina	----

DIRECTOR	OTHER POSITIONS
MONDARDINI Monica	 Chair of Sogefi SpA  Deputy Chairman of GEDI - Gruppo Editoriale SpA. (since April 2018)  Chief Executive Officer of GEDI - Gruppo Editoriale SpA (until April 2018)  Director of C.I.R. SpA.  Director of Credit Agricole SA  Director of Trevi Finanziaria Industriale SpA
PATUANO Marco	 Chairman of Cellnex Telecom SA.  Chief Executive Officer of Edizione Srl  Director of Schematrentatre SpA.  Director of Autogrill SpA  Director of Benetton Group Srl  Director of Associazione Calcio Milan SpA  Director of Sintonia SpA.  Director of ConnecT SpA.  Director of Edizione Property Srl.

(*) Director Gilberto Benetton passed away on 22 October 2018: until that date he was Chairman of Autogrill SpA and Deputy Chairman of Edizione Srl

Director Lynda Christine Tyler-Cagni submitted her resignation as Atlantia Director on 16 November 2018 and assumed the role of Director at Dufry AG (company listed in Switzerland).

Director Monica Mondardini submitted her resignation as Atlantia Director on 19 February 2019.

TABLE 3

Structure of the Board of Statutory Auditors

Table 3 – Board of Statutory Auditors
Position	Member	Year of birth	Date first elected *	In office from	In office until	Slate **	Independent as per CG Code	Attendance at Board of Statutory Auditor meetings ***	Number of other positions held ****
Chairman	Gatti Corrado	1974	24/04/201 2	24/04/2012	Approval of the 2020 financial statements	m	X	8/8(1) 15/15(2)	12
Standing Auditor	De Nigro Alberto	1958	24/04/201 5	24/04/2015	Approval of the 2020 financial statements	M	X	8/8(1) 15/15(2)	12
Standing Auditor	Fornabaio Lelio	1970	24/04/201 5	24/04/2015	Approval of the 2020 financial statements	M	X	8/8(1) 13/15(2)	15
Standing Auditor	Ferrero Sonia	1971	20/04/201 8	20/04/2018	Approval of the 2020 financial statements	m	X	15/15	6
Standing Auditor	Salvini Livia	1957	24/04/201 5	24/04/2015	Approval of the 2020 financial statements	M	X	8/8(1) 14/15(2)	3
Alternate Auditor	Castaldi Laura	1965	24/04/201 5	24/04/2015	Approval of the 2020 financial statements	M	X	----	----
Alternate Auditor	Zeme Michela	1969	20/04/201 8	20/04/2018	Approval of the 2020 financial statements	m	X	----	----
AUDITORS LEAVING IN THE YEAR OF REFERENCE
	Surname Name	Year of birth	Date first elected *	In office from	In office until	Slate **	Independent as per CG Code	Attendance at Board of Statutory Auditor meetings ***	Number of other positions held ****
Standing Auditor	Olivotto Silvia	1950	24/04/2015	24/04/2015	20/04/2018	m	X	8/8	NA
Alternate Auditor	Cerati Giuseppe	1962	24/04/2015	24/04/2015	24/04/2017	m	X	----
Number of meetings held during the year of reference: 23 (of which 15 were of the current Board of Statutory Auditors and 8 from the Board standing until 20 April 2018).

Indicate the quorum required for the submission of slates by minority shareholders for the election of one or more members (as per art. 148 of the CFA): 1%

NOTES

* The "Date first elected" indicates the date on which each Statutory Auditor was elected for the first time (in absolute terms) as a member of the issuer's board of statutory auditors.

** This column indicates M/m according to whether the member was elected from the majority (M) slate or a minority (m) slate. *** This column shows the attendance of Auditors at meetings of the Board of Statutory Auditors (indicate the number of meetings attended with respect to the total number of meetings that could have been attended; e.g. 6/8; 8/8, etc.).

**** This column shows the number of directorships or positions as statutory auditor held by the interested party, pursuant to art. 148-bis of the CFA and related implementing measures contained in the CONSOB Regulations for Issuers. The full list is published by the CONSOB on its website, pursuant to art. 144-quinquiesdecies of the CONSOB Regulations for Issuers.

(1) Attendance at Board of Statutory Auditor meetings until 20 April 2018 (2) Attendance at Board of Statutory Auditor meetings on 20 April 2018

AI Terminal

Mundys (formerly: Atlantia SpA)

6228_10-k_2019-03-28_814ec8ad-6b8b-4061-b9cb-f8418b4d264b.pdf

ANNUAL REPORT ON CORPORATE GOVERNANCE AND THE OWNERSHIP STRUCTURE

CONTENTS

INTRODUCTION

1. PROFILE OF ATLANTIA

2. INFORMATION ON THE OWNERSHIP STRUCTURE

a) Structure of Issued Capital

b) Significant shareholdings in the Company

c) Shareholder agreements

d) Change of control and similar clauses

a. Triangulo do Sol Auto-Estrada SA.

b. Rodovias das Colinas SA.

c. Concesionaria de Rodovia MG-050 SA.

d. Autostrade Concessões e Participacões Brasil Ltda

e. Electronic Transaction Consultants

f. Grupo Costanera

g. Radial Nororiente

h. Los Lagos

i. Stalexport Autostrada Malopolska SA.

k. Aéroports de la Côte d'Azur

e) Authority to purchase treasury shares

f) Management and coordination activities

3. COMPLIANCE

4. BOARD OF DIRECTORS

4.1 Election and replacement

- Succession planning

4.2 Composition

- Assessment of the size, composition and functioning of the Board of Directors

- Activities performed in 2018

4.3 Role of the Board of Directors

4.4 Executive Directors and Officers

- Executive Committee

- Chairman of the Board of Directors

- Chief Executive Officer

4.5 Independent Directors

4.6 Lead Independent Director

5. PROCESSING OF CORPORATE INFORMATION

6. BOARD COMMITTEES

7. APPOINTMENTS COMMITTEE

8. HUMAN RESOURCES AND REMUNERATION COMMITTEE

9. REMUNERATION OF DIRECTORS

10. CONTROL, RISK AND CORPORATE GOVERNANCE COMMITTEE

A) Composition and functioning

B) Functions assigned to the Control, Risk and Corporate Governance Committee

C) Activities performed in 2018

11. INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM

- Main characteristics of existing risk management and internal control systems in respect of the financial reporting process

- Guidelines and assessment of the adequacy, efficacy and effective functioning of the Internal Control and Risk Management System

11.1 Director responsible for the Internal Control and Risk Management System

- Activities performed in 2018

11.2 Head of Group Internal Audit

11.3 Organisational, Management and Control Model, Legislative Decree 231/2001

Ethics Officer

11.4 Independent Auditors

11.5 Manager responsible for financial reporting

11.6 Coordination of individuals involved in the Internal Control and Risk Management System

In particular:

12. DIRECTORS' INTERESTS AND RELATED PARTY TRANSACTIONS

12.1 Committee of Independent Directors with responsibility for Related-Party Transactions

- Directors' interests

13. ELECTION OF STATUTORY AUDITORS

14. COMPOSITION AND FUNCTIONING OF THE BOARD OF STATUTORY AUDITORS

14.1 Procedure for reporting to the Board of Statutory Auditors

15. INVESTOR RELATIONS

16. GENERAL MEETINGS

17. CONSIDERATIONS OF THE CHAIRMAN OF THE CORPORATE GOVERNANCE COMMITTEE ON THE LETTER OF 21 DECEMBER 2018

TABLE 1 - INFORMATION ON THE OWNERSHIP STRUCTURE OF ATLANTIA

TABLE 2: STRUCTURE OF ATLANTIA SpA'S BOARD OF DIRECTORS AND BOARD COMMITTEES

on 30 January 2019

Annexe A

Fabio Cerchiai

Giovanni Castellucci

Carla Angela

Carlo Bertazzo

Bernardo Bertoldi

Gianni Coda

Elisabetta De Bernardi di Valserra

Massimo Lapucci

**LIST OF OTHER POSITIONS HELD BY THE DIRECTORS IN OTHER COMPANIES LISTED ON ITALIAN AND INTERNATIONAL REGULATED MARKETS, AND IN LARGE FINANCIAL, BANKING AND INSURANCE COMPANIES (*)**