Report on Corporate Governance and Ownership Structure of doValue S.p.A. Pursuant to Article 123 Bis of the TUF

Approved by the Board of Directors of 20 March 2024

INDEX

GLOSSARY 4
1. ISSUER PROFILE 7
2 INFORMATION ON OWNERSHIP (pursuant to Article 123-bis, paragraph 1, TUF) AS OF 31 DECEMBER
2023 11
a) Share capital structure (pursuant to Article 123-bis(1)(a) TUF) 11
(b) Restrictions on the transfer of securities (pursuant to Article 123-bis(1)(b) TUF) 12
(c) Significant shareholdings in the capital (pursuant to Article 123-bis(1)(c) TUF) 12
(d) Securities carrying special rights (pursuant to Article 123 bis (1)(d) TUF) 12
e) Employee shareholding: mechanism for exercising voting rights (pursuant to Art. 123 bis (1)(e) TUF) 12
f) Voting restrictions (pursuant to Art. 123 bis (1)(f) TUF) 12
g) Shareholder agreements known to doValue pursuant to Article 122 TUF (formerly Article 123- bis(1)(g) TUF) 12
h) Change of control clauses (pursuant to Article 123-bis, paragraph 1(h) of the Consolidated Law on Finance) and statutory provisions on takeover bids (pursuant to Article 104, paragraph 1-ter of the Consolidated Law on Finance) ) 13
i) Proxies to increase the share capital and authorisations to purchase treasury shares (pursuant to Art. 123-bis(1)(m) TUF ) 16
l) Management and coordination activities (pursuant to Article 2497 et seq. of the Civil Code) 16
3 COMPLIANCE (pursuant to Article 123-bis(2)(a) first part, TUF) 18
4 BOARD OF DIRECTORS 19
ROLE OF THE BOARD OF DIRECTORS 19 4.0
APPOINTMENT AND REPLACEMENT (pursuant to Article 123-bis(1)(l), first part, TUF) 21 4.1
4.2 COMPOSITION (pursuant to Article 123-bis(2)(d) and (d-bis), TUF) 24
4.3 OPERATION OF THE BOARD OF DIRECTORS (pursuant to Article 123-bis(2)(d) TUF) 32
ROLE OF THE CHAIRMAN OF THE BOARD OF DIRECTORS 34 4.4
EXECUTIVE DIRECTORS 36 4.5
INDEPENDENT DIRECTORS AND LEAD INDEPENDENT DIRECTORS 38 4.6
5 MANAGEMENT OF CORPORATE INFORMATION 40
Management of Privileged Information 40
Internal Dealing 41
6 INTERNAL BOARD COMMITTEES (pursuant to Article 123-bis, Section 2(d), TUF) 43
7 SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS - NOMINATION AND REMUNERATION
COMMITTEE 45
SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS 45
8 DIRECTORS' REMUNERATION - NOMINATION AND REMUNERATION COMMITTEE 48
2

DIRECTORS' REMUNERATION 48 8.0
9 INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - CONTROL AND RISK COMMITTEE 52
CHIEF EXECUTIVE OFFICER 70 9.0
CONTROL AND RISK COMMITTEE 72 9.1
9.2 HEAD OF THE INTERNAL AUDIT FUNCTION 78
9.2 HEAD OF THE INTERNAL AUDIT FUNCTION 78
9.3 ORGANISATIONAL MODEL pursuant to Legislative Decree 231/2001 81
9.4 AUDITING COMPANIES 82
9.5 MANAGER IN CHARGE OF PREPARING CORPORATE ACCOUNTING DOCUMENTS AND OTHER CORPORATE ROLES AND FUNCTIONS 82
9.6COORDINATION BETWEEN THE PARTIES INVOLVED IN THE INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM 84
10 DIRECTORS' INTERESTS AND RELATED PARTY TRANSACTIONS 86
11 BOARD OF AUDITORS87
11.1 APPOINTMENT AND REPLACEMENT 87
11.2 COMPOSITION AND OPERATION (pursuant to Article 123-bis, paragraph 2, letters d) and d bis), TUF) 89
12 SHAREHOLDER RELATIONS 92
13 ASSEMBLY 94
14 FURTHER CORPORATE GOVERNANCE PRACTICES (pursuant to Article 123-bis(2)(a), second part,
TUF) 97
15 CHANGES SINCE THE END OF THE REPORTING PERIOD 98
As of January 2024, the Company again qualified as an SME because the market capitalisation for the year 2023
(calculated in accordance with Article 2-ter(1) of the Regulation on Issuers) was below the threshold provided
for in Article 1(1)(w-quater(1) of the TUF. 98
16 REMARKS ON THE LETTER FROM THE CHAIRMAN OF THE CORPORATE GOVERNANCE
COMMITTEE 98
During the Board meeting of 12 January 2024, the Chairman of the doValue Board of Directors delivered and
illustrated to the Board members, also in their capacity as members of the Endoconsiliar Committees, as well as
to the Board of Statutory Auditors, the letter - dated 14 December 2023 - containing the "Recommendations of
the Corporate Governance Committee for 2024", addressed by the Chairman of the Corporate Governance
Committee to the Chairmen of the Boards of Directors of all Italian listed companies. 98
TABLES 100
TABLE 1: INFORMATION ON OWNERSHIP STRUCTURE AS AT 31/12/2023 100
TABLE 2: STRUCTURE OF THE BOARD OF DIRECTORS AT THE END OF THE FINANCIAL YEAR 102
TABLE 4: STRUCTURE OF THE BOARD OF AUDITORS AT THE END OF THE FINANCIAL YEAR 105

GLOSSARY

Adsolum: Adsolum Real Estate S.L., with registered office at Calle José Echegaray, 6 - Las Rosas - Madrid, share capital of EUR 100,000, registered in the Madrid Register of Companies, tax code B67826578 and VAT no. ES28065

Appointments and Remuneration Committee: the intra-committee with investigative, proposing and advisory functions on Appointments and Remuneration matters. availing itself of the power set forth in Recommendation 16 of the Corporate Governance Code.

Articles of Association: the current articles of association of doValue as published on the company's website on the date of approval of this document.

Auditing Company: EY S.p.A.

Avio: Avio S.à r.l., with registered office in Luxembourg, 26, Boulevard Royal, L-2449, tax code 97754310155 and VAT number LU28038434, registered in the Luxembourg Register of Companies under no. B195157.

Board of Directors: the Board of Directors of doValue.

Board of Statutory Auditors: the Board of Statutory Auditors of doValue.

CG Code/Corporate Governance Code: the code for listed companies approved in January 2020 by the Corporate Governance Committee and promoted by Borsa Italiana S.p.A., ABI, Ania, Assogestioni, Assonime and Confindustria, which replaced the Corporate Governance Code for listed companies.

CG/Corporate Governance Committee: the Italian Committee for Corporate Governance of Listed Companies, promoted not only by Borsa Italiana S.p.A., but also by ABI, Ania, Assogestioni, Assonime and Confindustria. Cod. Civ. / C.C.: the Italian Civil Code.

Consob Regulation on Issuers: the Regulation issued by Consob with Resolution No. 11971 of 1999 (as subsequently amended) on issuers.

CONSOB Related Parties Regulation: the Regulation issued by Consob with Resolution No. 17221 of 12 March 2010 (as subsequently amended) concerning related party transactions.

doData: doData S.r.l., with registered office in Rome, Via del Ghirlandaio 5, share capital EUR 100,000, enrolled in the Rome Register of Companies under no. RM-1345543, tax code and VAT no. 12034491006.

doNext (formerly Italfondiario S.p.A.), doNext S.p.A., with registered office in Rome, Lungotevere Flaminio 18, share capital EUR 4,000,000, enrolled in the Rome Register of Companies under no. RM-30794, tax code 00399750587, VAT number 00880671003.

doValue Cyprus Limited, formerly : Altamira Asset Management Cyprus Limited, with registered office at 1 Megalou Alexandrou Ave., 2235 Latsia, Nicosia, registered with the Cyprus Companies Register under No. HE 376434, VAT No. 10376434S.

doValue Greece Real Estate: doValue Greece Real Estate Services Single Member Société Anonyme with registered office at Kyprou & Archimidous 19-21, 18346 Moschato, Athens, VAT No: 801420067 GEMI

Registration: 156425101000

doValue Greece: doValue Greece Loans and Credits Claim Management S.A., with registered office at 27, Kyprou & Archimedous Str. 18346 Moschato (Greece), VAT No. 099755919, GEMI Registration No. 121602601000.

doValue Portugal: doValue Portugal Unip. Lda. (formerly Altamira Asset Management Portugal Unip. Lda), with registered office at Avenida da República 90, Piso 2, 1600-206 Lisbon, registered with the Companies' Register of Lisbon, VAT No. 514 323 736.

doValue Spain (formerly Altamira Asset Management S.A., with change of name as of 15 March 2023) doValue Spain Servicing S.L. with registered office at calle José Echegaray, 6 Las Rozas de Madrid, Madrid, share capital of EUR 937,500, registered with the Companies' Register of Madrid, tome 31469, folio 40, page M566434, tax code A86819596 and VAT registration number. ESA86819596.

doValue Special Projects Cyprus Limited , formerly doValue Cyprus Limited, with its registered office at 20 Costi Palama Aspelia Court, 1096 Nicosia, Cyprus, registered with the Companies' Register of Cyprus under No. HE 403669, tax code and VAT No. 10403669U.

doValue website: the Company's website available at www.doValue.it.

Endoconsiliar Committees: the Appointments and Remuneration Committee and the Risks, Related Party Transactions and Sustainability Committee, collectively understood. .

Financial year: the business year to which the report refers

Financial Year: the financial year to which this Report refers, between 1 January and 31 December 2023.

Fortress Group: Fortress and any company or entity directly or indirectly controlled by it, or subject to common control by it.

Fortress: Fortress Investment Group LLC, headquartered at 1209 Corporation Trust Center, Orange Street, 19801, Wilmington, Delaware, DE, United States.

Group / doValue Group: the doValue Group, as at 31.12.2023 on the basis of the consolidation perimeter, consisting of doValue as Parent Company, doNext, doData, doValue Spain , doValue Special Projects (Cyprus) Limited, doValue Portugal, doValue Greece, doValue Greece Real Estate, doValue Cyprus, Zarco, Adsolum Real Estate and Team 4 Collection and Consulting S.L.U

Implementing Regulation: EU Regulation No. 347/2016 for the implementation of MAR.

Internal Control System: the system of internal controls adopted by the Group.

Issuer / doValue / Company / Parent Company: doValue S.p.A., with registered office in Viale dell'Agricoltura, 7 - 37135 Verona share capital of Euro 41,280,000.00 fully paid-up, registered with the Verona Company Register, in the R.E.A. under no. VR/19260, tax code 00390840239 and VAT number 02659940239.

Listing: the listing of the Issuer's shares on the MTA, organised and managed by Borsa Italiana S.p.A, with trading commencing on 14 July 2017.

MAR: 'Market Abuse Regulation' - EU Regulation No. 596/2014 on market abuse.

MTA: the electronic share market (Mercato Telematico Azionario) organised and managed by Borsa Italiana on which doValue shares are also traded.

Remuneration Report: the report on the remuneration policy and compensation paid in 2023, prepared by the Company pursuant to Article 123-ter TUF and 84-quater Consob Regulation on Issuers.

Report: the report on corporate governance and ownership structure, which companies are required to prepare pursuant to Article 123 bis of the Consolidated Law on Finance.

Risk, Related-Party Transactions and Sustainability Committee: the endoconsulting Committee availing itself of the option set forth in Recommendation 16 of the Corporate Governance Code. with investigative, proposing and advisory functions on the subject of Risks and Related-Party Transactions to which, on 16 December 2021, the functions on the subject of sustainability were also assigned, in compliance with Recommendation 1 of the Corporate Governance Code

SoftBank: SoftBank Group Corporation with headquarters at 1-9-1 Higashi-Shinbashi, Minato-ku - Tokyo - Japan. TUF: Legislative Decree No. 58 of 24 February 1998, (the "Consolidated Law on Finance"), as updated from time to time

ZARCO: ZARCO STC S, with registered office at Avenida da República, nº 90, 2º, Freguesia de Alvalade, Lisbon, share capital of EUR 125,000, registered in the Lisbon Register of Companies, tax code 515886068

1. ISSUER PROFILE

doValue, which has been listed on the MTA of Borsa Italiana (now Euronext Milan) since 14 July 2017, is a servicing company (pursuant to Article 115 of the T.U.L.P.S. regulating the debt collection sector); since 3 June 2022, doValue's ordinary shares have been admitted to trading on the Euronext STAR Milan segment.

The Company has adopted the 'traditional' type of administration and control model, whose structure is centred on the presence of the Board of Directors and the Board of Statutory Auditors, as the body with control functions, both appointed by the Shareholders' Meeting. The Board of Directors also appoints a Managing Director.

The doValue Group offers, in Italy and abroad, to its clients, both Banks and Investors, credit portfolio management services doValue, Parent Company of the doValue Group (), represents the first operator in Southern Europe active in credit management and real estate services, mainly deriving from non-performing receivables, on behalf of banks and investors. The Group operates mainly in Italy, Spain, Portugal, Greece and Cyprus and provides integrated credit and real estate asset management services, with the objective of supporting banks and investors who own the assets in their value creation objectives.

The Group's main areas of activity are as follows:

servicing of performing and early arrears receivables,
UTP (unlikely-to-pay) credit servicing,
servicing of non-performing-loans (NPLs),
servicing of real estate assets,
other ancillary services to the servicing business.

For a profile on the issuer, see also www.doValue.it.

The Group also aims to achieve important synergies and its organisation provides for significant integration between subsidiaries and the parent company.

The unitary governance of the Group is guaranteed by the policy, governance and support role played by the Parent Company, as well as by the observance by all its member companies of a set of common principles underpinning corporate operations.

Below is the sociogram showing the issuer's main holdings:

		doValue

doNext (10%)		doData (ms) doValue (m) doValue (m) doValue (m) doValue (m) GREECE 15	GREECE RE 15	SPAIN

	CYPRUS	do Value (ms) do Value (ms) Adsolum (ms) Team 4 PORTUGAL	by Altamira	COLLECTION & CONSULTING

doValue holds 100% of the capital of the following companies belonging to the doValue Group:

doNext, a company specialised in master servicing and cash management activities, whose object is also the granting of loans pursuant to Article 106 of Legislative Decree No. 385/1993 (TUB);
doData, with the mission to provide business information and data quality management services specifically for non-performing loans;
doValue Spain, of which it holds 100% of the capital from 24 October 2023; a company incorporated under Spanish law, active in the credit management and recovery businessdoValue Greece Real Estate, a company incorporated under Greek law, active in the real estate sector.

doValue also directly controls the following companies active in the debt management and collection business:

doValue Special Projects Cyprus Limited in which it holds 94% of the capital ¹
doValue Greece, in which it holds 80 per cent of the capital² .

doValue indirectly controls the following companies, which are also active in credit management and debt collection:

• doValue Portugal, Altamira Cyprus, Adsolum Real Estate, Team 4 Collection and Consulting S.L.U through doValue Spain, Arpitan Capital S.L. through Adsolum Real Estate and Zarco through doValue Portugal.

On the aforementioned subsidiaries, doValue exercises management and coordination activities pursuant to Articles 2497 et seq. of the Civil Code.

doValue holds direct minority stakes in:

¹ The remaining 6% of the share capital is held by doValue Spain.

² The remaining 20% of the share capital is held by Eurobank S.A..

QUERO QUITAR S.A. for a share of 11.46 % of the capital, a Brazilian fintech company operating in the field of digital collections;
BidX1 Acquisitions Limited for a 17.70% stake in the capital, a UK company specialising in the promotion and execution of real estate transactions through real-time online auction processes.

Finally, doValue - through doNext - holds an indirect minority interest of 16% of the capital in Società Gestione Crediti Delta S.p.A. ('SGCD'), a company operating in the field of credit management and recovery in Italy.

Consistent with Principle I of the Corporate Governance Code, the Board of Directors exercises a fundamental role in guiding the Issuer with the aim of pursuing its sustainable success. In this regard, on 16 December 2021, the Board of Directors also assigned to the Risk and Related Party Transactions Committee the functions regarding sustainability, with the aim of receiving support from said Committee in the analysis of issues relevant to the pursuit of sustainable success understood as the generation of value in the long term for the benefit of shareholders, taking into account the interests of other stakeholders relevant to the Company. For a detailed analysis of the tasks and responsibilities of this committee, please refer to Section 9.2 of this Report.

doValue, as Issuer, falling within the public interest entities, submitted during the Year the Consolidated Statement on Non-Financial Information prepared in accordance with Legislative Decree 254/2016 for the financial year 2022 - which implements Directive 2014/95/EU - and the related Consob Implementing Regulation adopted by Resolution No. 20267 of 18 January 2018, approved by the Board of Directors on 23 March 2023.

doValue's Sustainability strategic guidelines are the result of a long journey started in 2016 by the Group, in cooperation with its Stakeholders.

doValue's focus on ESG issues is embodied in a strategy aimed at fostering financial inclusion and contributing to the sustainable development of the economic system.

Aware of the growing importance of ESG issues in the global economy and given the Group's strategic role in the sustainable development of the financial system, doValue is committed to integrating sustainability into its corporate strategy. In December 2021, the first Sustainability Plan and related Group Sustainability Policy was published, providing guiding principles for the social and environmental areas identified as priorities.

As of 31 December 2023, all targets set out in the 2021-23 Sustainability Plan have been met, confirming the Group's commitment to contribute to the achievement of the 17 Sustainable Development Goals (SDGs) identified in the United Nations 2030 Agenda.

During 2022-2023, dialogue with stakeholders was further developed to strengthen the relationship of trust built over time, expanding the categories of stakeholders involved in updating the Materiality analysis to identify the environmental, social and governance (ESG) priorities most relevant to the Group. doValue's operational excellence and concrete commitment to Sustainability is also demonstrated by the constant upgrades recognised by the main ESG Rating Agencies. At the following link the dedicated website page https://dovalue.it/it/esg/ratingesg .

For the remuneration of directors and the related sustainability measures on the internal control and risk

management system, see Sections 8 and 9.

doValue, as of January 2023, was not included in the list of issuers of listed 'SME' shares, as defined pursuant to Article 1(1)(w-quater.1) of the TUF and Article 2-ter of the Consob Regulation on Issuers, considering that its average market capitalisation during the year 2022 had exceeded the reference threshold of €500 million.

As of January 2024, the Company again qualified as an SME because the market capitalisation for the year 2023 (calculated in accordance with Article 2-ter, paragraph 1, of the Issuers' Regulation) was below the threshold stipulated in Article 1, paragraph 1, letter w-quater.1), of the Consolidated Law on Finance.

The Company's capitalisation as of 29.12.2023 was € 274.4 million, while turnover as of 31.12.2023 was approximately € 141 million.

This entails, among other things, raising the minimum threshold of relevant shareholdings, to be disclosed pursuant to Article 120 of the TUF, from 3% to 5% of the voting share capital.

doValue does not fall within the Corporate Governance Code's definition of a 'large company' nor within that of a 'concentrated ownership company'.

2 INFORMATION ON OWNERSHIP (pursuant to Article 123-bis, paragraph 1, TUF) AS OF 31 DECEMBER 2023

a) Share capital structure (pursuant to Article 123-bis(1)(a) TUF)

The share capital of doValue - which is better and more fully described in Table 1 at the end of this Report - is entirely composed of ordinary shares, traded on the MTA of Borsa Italiana, now Euronext Milan. By order of Borsa Italiana No. 8858 of 25 May 2022, the ordinary shares of doValue, as of 3 June 2022, were admitted to trading on the Euronext STAR Milan segment of the Euronext Milan market. As of 31 December 2023, doValue's share capital amounted to Euro 41,280,000.00 (fully subscribed and paid up), divided into 80,000,000 shares - indivisible and registered - with no indication of nominal value and has not changed as of the date of this Report.

Indirect participation holder	Shareholders	Number of shares	Share held	N. Shares overall	Total share held
Softbank Group Corp.	AVIO S.a.r.l. (*) Other investors related to Softbank Group Corp.	20.040.000 2.574.211	25,05% 3,22%	22.614.211	28,27%
Bain Capital Credit Member, LLC	Sankaty European Investments S.à r.l. (**)	10.863.638	13,58%	10.863.638	13,58%
	Jupiter Asset Management Ltd (***)	5.237.481	6,55%	5.237.481	6,55%
Schroders Plc	Schroder Investment Management Limited (****)	3.923.651	4,90%	3.923.651	4,90%
	Global Alpha Capital Management Ltd. (*)	3.861.053	4,83%	3.861.053	4,83%
	doValue (Own shares)	1.494.630	1,87%	1.494.630	1,87
	Other Shareholders	32.024.948	40,0%	32.024.948	40,0%
	TOTAL	80.000.000	100,00%	80.000.000	100,00%

(*) Shareholders attributable to Softbank Group Corp. as disclosed on 15 December 2021

(**) Shareholders attributable to Bain Capital Credit Member LLC, as reported on 13 July 2021

(***) Holder shareholder, as per communication Mod120A of 16 June 2021

(****) Shareholders attributable to Schroders PLC, as set out in Notice Form 120A dated 7 November 2023

(*****) Holder shareholder, as resulting from communication Mod120A of 9 June 2023

The capitalisation of the Company is affected by fluctuations in market values and, considering the value of the Company's shares in the year 2023, the following dynamics can be observed:

DATA	SHARE VALUE	CAPITALISATION
Closing value 3 January 2023	€ 7,27	€ 581.600.000,00
Closing value 29 December 2023	€ 3,43	€ 274.400.000,00

There are currently no employee share ownership systems in doValue that exclude the direct exercise of voting rights. With regard to treasury shares, please refer to paragraph i) below in this chapter.

(b) Restrictions on the transfer of securities (pursuant to Article 123-bis(1)(b) TUF)

There are no restrictions on the transfer of shares, as shares are transferable according to the law.

(c) Significant shareholdings in the capital (pursuant to Article 123-bis(1)(c) TUF)

According to the notifications received by doValue, as at 31 December 2023 there were five 'Persons' who owned, even indirectly, more than 3% of the share capital, specifically

(i) SoftBank, which indirectly holds 28.27 per cent of the share capital of doValue (unchanged since the end of 2022);
(ii) Bain Capital Credit Member, LLC, which indirectly holds 13.58% of the share capital of doValue (unchanged since end-2022).
(iii) Jupiter Asset Management Limited, which indirectly holds 6.55% of the share capital of doValue (unchanged from end-2022);
(iv) Schroder Investment Management Limited, which directly holds 4.90% of the share capital of doValue
(v) Global Alpha Capital Management Ltd, which directly holds 4.83% of the share capital of doValue (down from 5.31% at the end of 2022).

As of the date of approval of this Report, no further communications had been received from shareholders that altered the picture presented here (see paragraph 15).

(d) Securities carrying special rights (pursuant to Article 123 bis (1)(d) TUF)

There are no securities conferring special rights of control over doValue.

e) Employee shareholding: mechanism for exercising voting rights (pursuant to Art. 123 bis (1)(e) TUF)

Employee share ownership systems exist in doValue. For an overview, please refer to the Company's Remuneration Policy; employees holding shares in the Company exercise their rights as shareholders in the same way as other shareholders.

f) Voting restrictions (pursuant to Art. 123 bis (1)(f) TUF)

There are no restrictions on voting rights with respect to the Issuer's shares, or any mechanisms that could constitute potential restrictions.

g) Shareholder agreements known to doValue pursuant to Article 122 TUF (formerly Article 123-bis(1)(g) TUF)

The following is an excerpt from the shareholders' agreement pursuant to Article 122 of Legislative Decree No. 58/1998 (the "TUF") and Article 129 of Consob Regulation No. 11971/1999 (the "Issuers' Regulation").

On June 13, 2023, the shareholders Avio S.à r.l. and Sankaty European Investments S.à r.l. entered into a shareholders' agreement relating to doValue S.p.A, concerning the terms and conditions of the collaboration between the Parties for (i) submitting to the Board of Directors of the Company the candidacy of a new director proposed by Sankaty through co-optation, following the resignation of a director of the Company elected from the list of candidates presented by Avio, and (ii) for the potential cooperation between the Parties aimed at drawing up and if necessary, submit a joint list of candidates for the appointment of the new board of directors and the new board of statutory auditors to the first shareholders' meeting of the Company following the date of signing of the Shareholders' Agreement, which will be called for the appointment of the entire board of directors and/or board of statutory auditors of the Company.

The Shareholders' Agreement shall cease to have any effectiveness and effect on the earlier of the following dates: (i) the date corresponding to the 30th calendar day prior to the expiration of the deadline for the submission of the Joint Lists pursuant to the Company's articles of association without the Parties having agreed on the composition of the Joint Lists for the Appointment Shareholders' Meeting or (ii) the conclusion of the Appointment Shareholders' Meeting,

If the Shareholders' Agreement expires on the date referred to in (i) above without the Parties having submitted Joint Lists for the Appointment Meeting, each Party is free to submit its own lists of candidates.

Key information on the relevant provisions of the Shareholders' Agreement pursuant to Article 130 of the Regulation on Issuers was made available to the public as of 14 June 2023 on the company's website and at the authorised storage mechanism "eMarket STORAGE". A copy of the extract of the shareholders' agreement, pursuant to Article 129 of the Issuers' Regulation, was published in the daily newspaper "Il Sole 24 Ore" on 15 June 2023.

h) Change of control clauses (pursuant to Article 123-bis, paragraph 1(h) of the Consolidated Law on Finance) and statutory provisions on takeover bids (pursuant to Article 104, paragraph 1-ter of the Consolidated Law on Finance) )

This section sets out contracts that include change of control clauses (pursuant to Article 123-bis(1)(h) of the Consolidated Law on Finance), in force as at 31 December 2022:

The servicing contract between UniCredit and doValue (UniCredit MSA) gives the UniCredit Group companies participating in the contract the right to withdraw, in whole or in part, from the contract, without the payment of any penalty, upon the occurrence of certain events (which will therefore constitute just cause for revocation pursuant to Article 1725 of the Italian Civil Code), including the possibility that one or both of the first two, or both of the first two, major competitors of UniCredit operating in Italy and/or Germany ("Main Competitors") may directly or indirectly hold the majority of the shares of UniCredit operating in Italy and/or Germany ("Main Competitors").) among which the possibility that one of the first two, or both of the first two, main competitors of UniCredit operating in Italy and/or Germany ("Main Competitors") come to hold, directly or indirectly, the absolute majority of the voting shares of the Servicer or the right to appoint the majority of the directors.
The servicing agreements entered into between doValue and the securitisation vehicles Romeo SPV Srl and

Mercuzio Securitization Srl (assignees of the portfolio previously held by doValue) provide for, among the events entitling the SPV to terminate the agreement, the cases in which the Fortress Group ceases to a) hold, in aggregate, a stake of at least 51% in the share capital of doValue; or b) have the right, directly or indirectly, to appoint the majority of the members of the board of directors of doValue .

The servicing agreements related to the following securitisation vehicles (Prisma SPV, BCC NPLs, Belgirate Securitisation S.r.l., Relais SPV, Ortles 21 S.r.l., Luzzati POP NPLs 2021 S.r.l., Luzzatti POP NPLs 2023 S.r.l., Olympia SPV S.r.l. Itaca SPV S.r.l., Stresa Securitisation S.r.l, doRes Securitisation S.r.l.) in which doValue and/or Italfondiario (now doNext) act, as the case may be, as servicer, or special servicer or master servicer and/or provider of administrative services, contemplate as a cause for revocation of the appointment the case in which the servicer transfers all, or a significant part, of its activities relating to the services under the contract to a company that is not part of the group of the servicer or eliminates the structure responsible for the administration and collection of the receivables, without the prior consent of the issuer, if such circumstances, individually or in combination, could reasonably impair the proper performance by the Servicer of its obligations under the contract.
The servicing contracts signed between AMCO Asset Management Company S.p.A. and, respectively, Italfondiario (now doNext) (UTP perimeter) and doValue (NPL perimeter), as Servicer, include a "Change of Control" clause that contemplates "any event that alternatively (i) results in a substantial change in the ownership structure of the Servicer, (ii) results in the transfer of control to a company that is not part of the corporate group to which the Servicer belongs or a relevant part, of its company or corporate group, (iii) eliminates the structure in charge of credit administration and recovery activities", which would entitle AMCO, if it considers it detrimental, to automatically declare the respective contracts terminated, pursuant to and for the purposes of Article 1456 of the Italian Civil Code. Civil Code.
The terms and conditions governing the senior secured bonds issued in the year 2020 and the year 2021, respectively, by doValue provide for:
- (i) a third party becomes the owner, directly or indirectly, of more than 50% of the total voting rights of doValue's voting shares;
- (ii) there is a sale, lease, transfer or any other dispositive act of all or a significant part of the assets of doValue and its subsidiaries;

the right of each bondholder to require the Company to purchase all or part of the relevant bonds held at a purchase price equal to 101% of the nominal amount of such bonds, plus accrued and unpaid interest up to the date of purchase (not earlier than 10 and not later than 60 days after the change of control has been communicated to the bondholders and the trustee by the company, which must be done within 60 days of such event); unless doValue exercises its right to repay the bonds in full in accordance with the terms of the regulations.

The servicing agreement (Project Solar) entered into between doValue Hellas and the four Greek Systemic Banks provides for a termination condition in favour of the latter in the event that Fortress ceases to hold

(directly or indirectly) at least 10% of the issued and outstanding shares of doValue or if the majority of the directors of doValue cease to be elected by Fortress or if either doValue or doValue Hellas is reorganised in a manner that constitutes one or both of the above. In July 2021, doValue Hellas was merged by incorporation into doValue Greece and, in this context, the 4 Greek Systemic Banks waived the exercise of their right of withdrawal.

The servicing agreement (Project Icon) entered into between Eagle Issuer DAC (an entity controlled by Bain) and doValue Greece, provides for a unilateral termination right in favour of Eagle in the event of a change of control, direct or indirect, of the servicer, defined as the occurrence of any of the following events: (i) a change, direct or indirect, in the person who holds or controls 50.01% or more of the equity interests in the servicer; (ii) a change, direct or indirect, in the person who holds or controls 50.01% or more of the voting rights of the servicer; and/or (iii) a change, direct or indirect, in the person who holds or controls the right to appoint all, or a majority of, the members of the board of directors or the members of the management body of the servicer.
The servicing agreement (Project Neptune) entered into between Poseidon Financial Investor DAC (entity controlled by Fortress) and doValue Greece, as servicer, provides for a unilateral termination right in favour of Poseidon in the event of a change of control, direct or indirect, of the servicer, defined as the occurrence of one of the following events: (i) the servicer ceases to be a subsidiary of doValue Sp.A. or (ii) the servicer continues to be a subsidiary of doValue S.p.A, but the latter company becomes a subsidiary of one or more entities not related to Fortress Investment Group LLC.
In the Heliopolis 1 Servicing Agreement, between Gramilton Designated Activity Company and doValue Greece, dated 20 October 2023, the Customer has the right to terminate the SLA by written notice to the Servicer if the latter undergoes a change of control, changes its legal form or transfers all or part of its servicing activities to a third party. A change of control means, with reference to the Servicer, the case in which (i) the Servicer ceases to be a subsidiary of doValue S.p.A., or (ii) the case in which the Servicer remains a subsidiary of doValue S.p.A. but doValue S.p.A. is controlled by one or more entities that are not affiliates of Fortress Investment LLC.
In the Servicing Souq Agreement, between Intrum Hellas Designated Activity Company and doValue Greece, dated as of February 17, 2023, any change of control, defined as (a) a merger or consolidation of any Party in which the shareholders of any Party, immediately prior to the consummation of such transaction, own, in the aggregate, less than 50% of the total combined voting power of all classes of capital stock of the surviving entity normally entitled to vote in the election of directors of the surviving entity and even if the management of any Party does not change; (b) the sale by a Party of all or substantially all of the Party's assets in a single transaction or a series of related transactions entitles the Client to terminate the SLA without any revocation fee or penalty at any time during the Servicing Period, upon at least one (1) month's prior written notice to the Servicer, or more at the Client's option, followed by an Exit Period of three (3) months, provided that all parties (other than the Servicer) involved (including the successor Servicer) are able to comply with the Servicer's Exit Deliverables at that point in time, in accordance with the provisions of Schedule 7 (Exit Plan Principles) and

the Exit Plan;

Pursuant to the Sky Servicing Agreement entered into on 16 June 2023, the Client shall, at any time, have the right to terminate the agreement, with immediate effect, by delivery to doValue Cyprus of a notice of termination stating a termination date, inter alia, in the event of a merger or reorganisation of doValue Cyprus without doValue Cyprus being the surviving entity and materially and adversely affecting doValue Cyprus in the performance of its obligations under the agreement.

The Articles of Association of the Company do not provide for any exceptions to the provisions on the passivity rule set forth in Article 104, Sections 1 and 1-bis, of the Consolidated Law on Finance, nor do they provide for the application of the neutralisation rules set forth in Article 104-bis, Sections 2 and 3, of the Consolidated Law on Finance.

i) Proxies to increase the share capital and authorisations to purchase treasury shares (pursuant to Art. 123-bis(1)(m) TUF )

On 26 May 2020, the Shareholders' Meeting granted the Board of Directors the power to increase the share capital, in one or more tranches and, in any case, in divisible form, with the exclusion of option rights pursuant to Articles 2443 and 2441, paragraph 4, second sentence, of the Italian Civil Code, i.e. by payment and in cash, through the issue, also in several tranches, of a number of ordinary shares not exceeding 10% of the total number of doValue shares outstanding at the date of any exercise of the power (Article 5).

The Shareholders' Meeting held on 27 April 2023 revoked the authorisation to purchase and dispose of treasury shares granted to the Company's Board of Directors by resolution of 28 April 2022.

At the same time, with 99.579% of the votes (equal to 77.178% of the total share capital), it granted the Company's Board of Directors a new authorisation to purchase treasury shares in one or more transactions, substantially under the same terms and conditions as those set forth in the previous shareholders' resolution of 28 April 2022, as indicated in the resolution proposal approved by the Board of Directors on 23 March 2023 and illustrated in the report available on the company's website www.dovalue.it under the section "Governance - Shareholders' Meeting 27 April 2023".

In accordance with the applicable regulations and in a manner that ensures equal treatment of shareholders, the resolution concerns the purchase, in one or more transactions, of up to 8,000,000 ordinary shares of the company, equal to 10% of the total, for a period of 18 months from the shareholders' approval.

doValue held 1,494,630 treasury shares or 1.87% of the share capital as of 31 December 2023. The 2023 purchases were made in implementation of the shareholders' resolution of 27 April 2023, in compliance with the prescribed processes.

l) Management and coordination activities (pursuant to Article 2497 et seq. of the Civil Code)

The Issuer is not subject to management and coordination activities pursuant to Article 2497 et seq. of the Italian Civil Code.

Therefore, the determination of doValue's strategic and management guidelines and, more generally, the Company's entire activity are the result of the free self-determination of the corporate bodies. As to any further:

information required by Article 123-bis, paragraph 1, letter i), of the Consolidated Law on Financial Intermediation, concerning 'agreements between the company and the directors [...] which provide for indemnities in the event of resignation or dismissal without just cause or if their employment ceases following a takeover bid', please refer to the Section of this Report dedicated to the remuneration of directors;
information required by Article 123-bis, paragraph 1, letter l), of the Consolidated Law on Financial Intermediation, concerning "the rules applicable to the appointment and replacement of directors [...] as well as to the amendment of the Articles of Association, if different from the laws and regulations applicable by way of supplementary provisions", please refer to the Section of this Report dedicated to the Board of Directors.

Report on Corporate Governance and Ownership Structure - Financial Year 2023 Courtesy translation

3 COMPLIANCE (pursuant to Article 123-bis(2)(a) first part, TUF)

doValue adopted the traditional governance model, which is not affected by non-Italian legal provisions.

doValue adhered to the Corporate Governance Code on 25 February 2021.

In this Report, doValue intends to illustrate in detail how the Corporate Governance Code has been applied by the Company, also highlighting the principles that have been adhered to.

The corporate governance practices adopted by the Company are explained later in this Report and more information on doValue's corporate governance structure is available on the www.dovalue.it website

Report on Corporate Governance and Ownership Structure - Financial Year 2023 Courtesy translation

4 BOARD OF DIRECTORS

4.0 ROLE OF THE BOARD OF DIRECTORS

In accordance with current regulations for companies with shares listed on regulated markets and in adherence to the recommendations of the Corporate Governance Code, the Board of Directors plays a central role in the governance model of the Company and the Group.

Consistent with Principle III of the Corporate Governance Code and pursuant to Article 17 of the Bylaws, the Board of Directors is vested with all powers for the ordinary and extraordinary administration of the Company, with the exception of those reserved by law or by the Bylaws to the Shareholders' Meeting, and has the authority to perform all acts it deems appropriate to carry out the activities constituting the corporate purpose and instrumental to it.

The Board of Directors also has exclusive competence for resolutions concerning:

the appointment and dismissal of the Chief Executive Officer as well as the Manager in charge of preparing the company's financial reports;
such adjustments to the Articles of Association as may be necessary to ensure their compliance with the regulatory provisions applicable from time to time;
the merger by incorporation of companies in the cases provided for in Articles 2505 and 2505 bis of the Civil Code;
demerger in the cases provided for in Article 2506 ter of the Civil Code;
the reduction of capital in the event of withdrawal of a shareholder;
an indication of which persons, in addition to those indicated in the articles of association, have the power to represent the company;
the establishment or suppression in Italy and abroad of branch offices with permanent representation;
the transfer of the registered office within the national territory.

Over the years, the Board of Directors, also through the Endoconsiliar Committees for their respective areas of activity, has assessed and supervised, to the extent of its competence, the adequacy of the organisational, administrative and accounting structure, with particular reference to the internal control and risk management system; this activity has been carried out through the competent corporate functions, which have regularly reported on the matter to the Board of Directors.

With regard to the assessment of the adequacy of the organisational, administrative and accounting structure of strategically important subsidiaries, with particular reference to the internal control and risk management system (Recommendation 1. c), the initiative was implemented in 2023 in line with the objectives of implementing more uniform operating and control standards at Group level.

The Board of Directors directs the Group, bearing in mind the recommendations of the Corporate Governance Code and national and international best practices when analysing relevant issues of social and environmental value for shareholders and all other stakeholders; in particular, with regard to sustainability, the Board examines

and approves

the content of the Group's Consolidated Non-Financial Statement pursuant to Legislative Decree 254/2016 (the "Consolidated Non-Financial Statement") of the Group, including the materiality analysis and related stakeholder engagement activities;
the Sustainability Plan guidelines and the Company's policies on human rights, business ethics and integrity, diversity and inclusion, as well as the policies for integrating environmental, social and governance issues into the business model, and the initiatives undertaken by the Company to address climate change issues and related reporting;
in the area of risk governance and the system of internal controls of the Company and its subsidiaries, and in the area of sustainability, initiatives and activities aimed at creating shared value for all stakeholders and spreading a culture of sustainability in all countries where the Group is present;
profit and non-profit strategy, as well as the company's sustainable finance initiatives.

Pursuant to the Corporate Governance Code, consistent with the provisions of the Articles of Association and its own Rules of Procedure, the Board of Directors, inter alia:

a) consistent with Recommendation 1 letter c), defines the nature and level of risk compatible with the Company's strategic objectives, including in its assessments all risks that may be relevant to the medium- to long-term sustainability of its business;
b) consistent with Recommendations 1 letters a) and b) approve the general policy as well as the adoption and amendment of the Group's consolidated industrial, strategic and financial plans, periodically monitoring their implementation and the performance of the Group as a whole;
c) in accordance with Recommendation 1 letter d), second part, decides on the Company's strategic guidelines and verifies their implementation on an ongoing basis, evaluating the adequacy of the organisational, administrative and accounting structure as well as the Group's overall system of internal controls (see Section 9 for further details);
d) consistent with Recommendation 1 letter e), deliberates on transactions of the Company and its subsidiaries that have a significant strategic, economic, capital or financial importance for the Issuer, establishing the general criteria for identifying significant transactions;
e) establishes the criteria for the coordination and management of Group companies;
f) verifies, inter alia, the consistency of the remuneration and incentive systems with the Company's corporate objectives and values, in order to attract, retain and motivate people with the professional qualities required to manage the Company successfully;
g) appoints and revokes, after consulting the Board of Statutory Auditors, the Head of Internal Audit, the AML Manager and the Executive in Charge;
h) appoints and revokes the Head of the Internal Control Department as well as the heads of structures reporting directly to the Chief Executive Officer, the Data Protection Officer, and the Supervisory Board pursuant to Legislative Decree no. 231/01 and, for the latter, establishing their remuneration; defines the criteria for

identifying the most significant transactions to be submitted to the Risk, Related Party Transactions and Sustainability Committee for prior examination and deliberates on transactions with related parties and pursuant to the procedures adopted in this regard and establishes the thresholds in terms of economic value.

Consistently with Recommendation 1 letter f), the Board of Directors has for some time now adopted, in compliance with the legal provisions in force pro tempore, specific procedural provisions aimed at ensuring the highest level of fairness, accuracy and timeliness in the process of managing and disclosing corporate information, with particular reference to inside information, as well as the widest transparency and accessibility in favour of the market (for further details, see Section 5).

In addition, the Board of Directors, in compliance with Recommendation 3 of the Corporate Governance Code, adopted the policy for managing dialogue with stakeholders in order to foster the creation of sustainable value in the medium to long term and the definition of the strategy that inspires the company's operations, (see Section 12 for details).

4.1 APPOINTMENT AND REPLACEMENT (pursuant to Article 123-bis(1)(l), first part, TUF)

In compliance with the legal and regulatory provisions applicable to listed companies, Article 13 of the Articles of Association, as amended by the Extraordinary Shareholders' Meeting held on 27 April 2023, establishes that the Board of Directors shall be appointed by the Shareholders' Meeting on the basis of lists submitted by the shareholders or by the Board of Directors and in which the candidates, listed in a number not exceeding 11, are matched with a progressive number.

In addition to the list that may be submitted by the Board of Directors, only shareholders who, alone or together with others, own a shareholding in the share capital with voting rights of not less than 2.5%, this being lower than that determined by Consob pursuant to the regulations in force³ may submit lists for the appointment of Directors.

Ownership of the minimum share required for the submission of lists is determined by taking into account the shares registered in favour of the individual shareholder, or several shareholders jointly, on the day on which the lists are filed with the Company, not counting subsequent transfers of shares.

Each shareholder may submit or participate in the submission of only one list and each candidate may only appear on one list, under penalty of ineligibility.

Each list that expresses a number of candidates equal to or greater than three must be composed of candidates belonging to both genders, so as to ensure that at least two-fifths of the members of the Board are made up of the least represented gender

The list of the Board of Directors, if submitted, must be deposited at the Company's registered office no later than the 30th day prior to the date of the Shareholders' Meeting and subjected to the advertising formalities required by the regulations in force.

³ For the 2024 Shareholders' Meeting season, in which the topics to be submitted to the Shareholders' Meeting include the appointment of the new corporate bodies, the minimum quota for the submission of lists stipulated by the Executive Determination of the Head of the Corporate Governance Division No. 92 issued on 31 January 2024 is 4.5%.

The lists submitted by shareholders must, under penalty of forfeiture, be filed at the registered office no later than the twenty-fifth day prior to the date of the Shareholders' Meeting and shall be made available to the public at the registered office, on doValue's website and in any other manner provided for by applicable regulations, at least twentyone days prior to the date of the Shareholders' Meeting.

The lists submitted must also be accompanied by any additional documentation required by the regulations in force,

(a) information on the identity of the shareholders who have submitted the lists, with an indication of the percentage of the total shareholding held, it being understood that the certification proving the ownership of such shareholding may be produced within the deadline for publication of the lists by the Company.

(b) a declaration by the shareholders other than those who hold, even jointly, a controlling interest or a relative majority interest, certifying the absence of relations of affiliation, as defined by the regulations in force

(c) exhaustive information on the personal and professional characteristics of the candidates with an indication of their eligibility to qualify as Independent Directors, as well as a declaration by the same candidates that they meet the requirements provided for by the laws and regulations in force at the time and by the Articles of Association, including those of honourableness and, where applicable, independence, and their acceptance of the candidacy and of the office, if elected;

(d) any other or different declarations, information and/or documents provided for by the laws and regulations in force at the time.

Lists for which the above stipulations are not observed shall be deemed not to have been submitted.

Each person entitled to vote may only vote for one list, and the vote of each member shall relate to the list and, consequently, to all the candidates named therein, without the possibility of variations, additions or exclusions.

According to the provisions of the Articles of Association, the election of the Board of Directors takes place at the end of the vote as follows:

The election of the Board of Directors takes place according to the following provisions:

(A) if only one list is submitted, all members of the Board of Directors shall be taken from that list;

(B) if two or more lists are submitted:

(i) all the directors to be elected except 3 (three) shall be taken from the list that came first in terms of number of votes (the "Majority List"), in the sequential order in which they are indicated on the list;

(ii) from the list that came second by number of votes (the 'First Minority List'), the candidate indicated with the first number shall be drawn;

(iii) the candidate indicated therein by the first number shall be drawn from each of the other lists that obtained, respectively, the third and fourth largest number of votes (the "Other Lists"), provided that each of said other lists has obtained a number of votes exceeding 5% of the share capital and is not connected in any way, not even indirectly, with the Majority List, the First Minority List and/or with any Other List. It is understood that if a list other than the Majority List is connected to another list, the candidate drawn from the list that obtained the highest number of votes shall be appointed;

(iv) in the event that two or more lists have obtained the same number of validly cast votes at the Shareholders'

Meeting, the one submitted by the shareholders with the largest shareholding shall prevail;

(v) in the event that the Majority List does not include a sufficient number of candidates to ensure that the number of directors to be elected pursuant to point (i) above is reached, all the candidates listed therein shall be drawn from that list, in the sequential order in which they are listed; after having drawn the other directors from the First Minority List and from the Other Lists, pursuant to points (ii) and (iii) above, the remaining directors, for the positions not covered by the Majority List, shall be drawn from the First Minority List until that list has sufficient capacity. In the event of insufficient capacity, the remaining directors are drawn, in the same manner, from the Other Lists, depending on the number of votes and the capacity of those lists. Lastly, if the total number of candidates included in the lists submitted, both majority and minority, is less than the number of Directors to be elected, the remaining Directors are elected by resolution passed by the Shareholders' Meeting by relative majority, ensuring compliance with the principles of independence and gender balance prescribed by the laws and regulations in force at the time. In the event of a tie between several candidates, a ballot shall be held between them by means of a further vote by the Shareholders' Meeting;

(vi) the selection of candidates in the lists shall be made in sequential order except as provided for in paragraphs 8 and 17(B)(v) above;

(C) it is understood that, (a) if only one Other List is submitted, one Director shall be drawn from the First Minority List and from the Other List, and the third Director shall be drawn from the Majority List; (b) if no other Lists are submitted, one Director shall be drawn from the First Minority List and two additional Directors shall be drawn from the Majority List; (c) if the lists other than the Majority List are not sufficient, the Directors still to be elected shall be drawn from the Majority List;

(D) if no list has been submitted or if only one list has been submitted and that list does not obtain a relative majority of the votes represented at the Shareholders' Meeting, the Shareholders' Meeting shall resolve in the manner set forth in paragraph B (v) above;

(E) in the event that the necessary minimum number of Independent Directors and/or Directors belonging to the less represented gender is not elected, the Directors of the First Minority List and, in the absence of suitable candidates, of the Other Lists (taking into consideration first of all the one that obtained the highest number of votes) marked with the highest sequential number and lacking the requirements in question shall be replaced by the subsequent candidates having the required requisite or requisites belonging, respectively, to the First Minority List and, in the absence of suitable replacements, to the Other Lists;

(F) if, even if the replacement criteria set forth in paragraph (E) above are applied, no suitable substitutes are found, the candidate belonging to the Other List with the lowest number of votes, if any, shall be replaced by the first nonelected candidate with the missing requisite belonging to the Majority List; if also in this case no suitable substitutes are found, the Shareholders' Meeting shall resolve by relative majority vote;

(G) The list voting procedure described in this paragraph applies only in case of the appointment of the entire Board of Directors. If the entire Board of Directors is not to be renewed, or if it is to be supplemented pursuant to paragraph 2, or if it is not possible for any reason to appoint the Board of Directors in the manner set forth in this paragraph, the

Shareholders' Meeting shall resolve in the manner set forth in paragraph B (v) above.

In the event of the termination of office, for whatever reason, of one or more directors, they shall be replaced in the following manner:

(i) In the event of the termination of office, for any reason whatsoever, of one or more directors, and provided that the majority of directors is still made up of directors appointed by the Shareholders' Meeting, the Board of Directors shall appoint a replacement by co-optation pursuant to Article 2386 of the Italian Civil Code, provided that the replacement director meets the requirements of gender balance and the minimum number of Independent Directors. If the Shareholders' Meeting is required by law to appoint the directors necessary to complete the Board of Directors following termination of office, the replacement shall be made by decision of the Ordinary Shareholders' Meeting, which shall resolve with a relative majority of the votes represented at the Shareholders' Meeting, without any constraints on the choice among the members of the lists submitted at the time.
(iii) The above replacements shall, in any event, be made in compliance with the provisions of the Articles of Association concerning gender balance and the minimum number of Independent Directors.
(iv) Directors appointed by the Shareholders' Meeting to replace members who have ceased to hold office expire at the same time as those in office at the time of their appointment.

Lastly, whenever, for any cause or reason, the majority of the Directors appointed by the Shareholders' Meeting ceases to hold office, the entire Board of Directors shall be deemed to have ceased to hold office and the Directors remaining in office must convene the Shareholders' Meeting to appoint a new Board of Directors in accordance with the above procedure.

With regard to information on the role of the Board of Directors and endoconsiliar committees in the processes of self-assessment, appointment and succession of directors, please refer to the contents of Section 7 below.

4.2 COMPOSITION (pursuant to Article 123-bis(2)(d) and (d-bis), TUF)

The Board of Directors currently in office was appointed by the Shareholders' Meeting on 29 April 2021, which set the number at 10 members and set its term of office to expire on the date of the Shareholders' Meeting convened to approve the financial statements for the financial year 2023. The Shareholders' Meeting of 28 April 2022 confirmed in office the Director already co-opted during the meeting of 4 August 2021, Prof. Cristina Finocchi Mahne, who will remain in office until the expiry of the current Board . On 27 April 2023, following the resignation of CEO Andrea Mangoni, the Board of Directors co-opted Manuela Franchi as Director and CEO. Furthermore, following the resignation of Director Emanuela Da Rin on 14 June 2023, the Board of Directors co-opted Elena Lieskovska on 15 June 2023.

In the Board currently in office, as also verified by the Appointments and Remuneration Committee, there are several members with the appropriate professionalism and skills for the tasks entrusted to them, deemed necessary to ensure an adequate internal dialectic as well as an adequate number of independent members pursuant to the Corporate Governance Code.

At its meeting of 4 June 2021, the Board of Directors, having obtained the unanimous opinion of the Appointments and Remuneration Committee, identified the quantitative and qualitative criteria for assessing the materiality of the relationships referred to in Recommendation No. 7, letters c) and d) of the Corporate Governance Code. With reference to direct relationships, the Company considers significant those that have generated consideration, when considered on an annual basis, in excess of Euro 50,000.00 and that at the same time represent at least 30% of the director's annual income.

With reference to indirect relationships, the Company considers significant those that have generated a consideration of at least 10 % of the annual turnover of the company or entity of which the director has control or is a director, or of the professional firm or consulting company of which he is a partner.

On 14 March 2024, the Board of Directors assessed the continuing existence of the independence requirements, according to the quantitative and qualitative criteria identified by the Company, for the Chairman Giovanni Castellaneta and the Directors Nunzio Guglielmino, Giovanni Battista Dagnino, Marella Idi Maria Villa and Cristina Finocchi Mahne. On 11 May 2023, the Board also ascertained that Director Roberta Neri met the independence requirements set forth in Article 148, paragraph 3, of Legislative Decree 58/1998 (Consolidated Law on Finance) and Article 2 of the Corporate Governance Code; on 15 June 2023, Director Elena Lieskovska was also ascertained to meet the independence requirements set forth in Article 148, paragraph 3, of Legislative Decree 58/1998 (Consolidated Law on Finance) . The Board of Statutory Auditors verified the correct application of the criteria and procedures adopted by the Board of Directors, supported by the Appointments and Remuneration Committee, for the purposes of the aforesaid assessment, and both outcomes (Board assessments and Board verification) were disclosed to the market.

The Company is therefore largely in line with the Code's requirement that there should be at least two independent directors other than the Chairman.

doValue's Board of Directors in office at the date of this report is composed of the following ten members, all of whom have the professionalism and skills appropriate to the tasks entrusted to them:

•	President	Giovanni Castellaneta
•	Managing Director	Manuela Franchi
•	Independent Director	Giovanni Battista Dagnino
•	Non-executive Director	Francesco Colasanti
•	Independent Director	Cristina Finocchi Mahne
•	Independent Director	Nunzio Guglielmino
•	Independent Director ex art. 148 TUF	Elena Lieskovska
•	Independent Director	Roberta Neri
•	Non-executive Director	Giuseppe Ranieri
•	Independent director	Marella Idi Maria Villa

The current composition of the Board of Directors ensures gender balance, in compliance with the statutory and regulatory provisions applicable at the time of appointment (pursuant to Article 147-ter, paragraph 1-ter of the

Consolidated Law on Finance and in accordance with the provisions of Law No. 160 of 27 December 2019).

For each Director, a brief curriculum vitae is given below, and further relevant information is provided in Table 2 at the end of this Report.

Giovanni Castellaneta has been Chairman of the Board of Directors of doValue S.p.A. since 2015, a company formerly known as doBank SpA.

Born in Gravina in Puglia (BA) on 11/09/1942, he graduated in Law at La Sapienza University in Rome. He was Head of the Press Service and Spokesman of the Ministry of Foreign Affairs, Representative of the Italian Government for reconstruction in Albania and Permanent Observer of Italy to the Organisation of American States. He was Ambassador of Italy to Iran, Australia and some Pacific Ocean States, the United States of America and the Bahamas. From 2001 to 2005 he was Diplomatic Advisor to the Prime Minister and his personal representative for the G7/G8 Summits.

He has also served in other countries, including Somalia, Portugal, France and Switzerland/UN, and worked for FAO in Rome and the European Commission in Brussels.

From 2002 to 2012, he held the position of Board Member of Leonardo/Finmeccanica and Vice-Chairman of the Group of the same name. From 2010 to 2016 he was Chairman of the Board of Directors of SACE, and from 2012 to 2017 he served as Chairman of doNext S.p.A. (formerly Italfondiario S.p.A.).

From 2013 until June 2018, he was Chairman of Torre SGR S.p.A. and from 2014 to 2018 he was Chairman of Milanosesto S.p.A..

At doValue S.p.A., he also served as a member of the Risk and Related Party Transactions Committee and is a member of the Nomination and Remuneration Committee.

He has been a director of Exprivia S.p.A. since 2020 and of Vantea Smart Spa since 2021.

He has been Secretary General of the Adriatic Ionian Initiative (IAI) since June 2017.

He is a Knight of the Grand Cross of the Italian Republic and Officer of the Legion of Honour of the French Republic.

Manuela Franchi has more than 20 years of experience in financial services, leading several strategically important business areas in various institutions. Manuela spent 16 years of her career in investment banking, mainly Goldman Sachs and Bank of America Merrill Lynch. Her main responsibilities were the origination and execution of international M&A, IPOs, equity and debt issuances, with a predominance in the telecommunications, media and infrastructure sectors. In 2016, Manuela joined doBank as head of M&A, business development in relation to new servicing deals in Italy and abroad (including the creation of doValue Hellas) and finance, structuring all financing of doValue's M&A deals and leading the successful completion of the IPO process in 2017. In addition, she led doValue's investor dialogue, both in equity and debt, from its inception. Later, Manuela led the acquisition of FPS in Greece from Eurobank (now doValue Greece) and Altamira in Spain, Portugal and Cyprus (now doValue Spain) and minority stakes in start-ups such as BidX1 and Quero Quitar. Since 2020, she has been General Manager of doValue, in charge of all business functions of the Group and its subsidiaries,

including CFO, IR, M&A, People, Transformation, Organisation, Enterprise Risk Management and Chief Operating Officer (IT, Operations, DWH, Procurement) with the aim of achieving synergies and a higher level of integration between countries (Italy, Spain, Greece, Portugal, Cyprus).

From 29 April to 2 August 2023, she was Group CEO ad interim, a position confirmed on 3 August by unanimous decision of the Board of Directors.

Francesco Colasanti was born in Frosinone on 29/12/1975 and graduated in economics from LUISS Guido Carli University in Rome.

Since 2001 he has been working at Fortress Investment Group where he currently holds the role of Managing Director CO-Head Credit Europe and Co-Head of the Fortress European NPL Business. Since 2023 following his appointment as CO-Head of Fortress Credit Europe, Francesco Colasanti focuses on the development of the Fortress Group in Spain, Greece, Portugal, France, the Netherlands and other European countries.

He has been involved in Fortress Group's major investment processes in the NPL and Private Equity sector in Europe. Among the most important transactions, in 2015 he participated in the acquisition of UCCMB (Unicredit Credit Management Bank listed on the Milan Stock Exchange in 2017, now doValue). In 2005 he participated in the acquisition of IGC (Intesa Group's Intesa Gestione Crediti Servicer) and a portfolio of financial assets with GBV amounting to EUR 13 billion from Intesa SanPaolo; from 2001 to 2024 he managed the acquisitions in Italy of NPL portfolios for approximately EUR 57 billion of GBV. In the Greek market since 2019, it has been involved in the acquisition of significant financial assets sold by Alpha Bank and National Bank of Greece for a nominal value of more than 12 billion.

Since 2015, he has been a member of the Board of Directors of doValue S.p.A. (formerly doBank S.p.A.), where he also serves as a member of the Nomination and Remuneration Committee.

From 2000 to 2001 he worked at PricewaterhouseCoopers in the audit and transaction support team.

Giovanni Battista Dagnino was born in Pully (Switzerland) on 25 April 1966. He graduated from Bocconi University in Milan and holds a PhD in Business Economics; he is registered in the Register of Auditors of the Ministry of Economy and Finance. He is Full Professor of Economics and Business Management at the LUMSA University, Palermo branch, where he teaches "Corporate Governance & Sustainable Leadership", "Digital Strategy & Marketing", "Sustainable Platform and Social Media Management " and "Theorizing Digital Strategies" in the PhD in Mediterranean Studies. History, Law and Economics. At LUMSA in Rome he also teaches the module "Corporate Strategy and Sustainability" in the Master in Sustainable Development Goals, and "Corporate Governance" and "Big Data & Digital Transformation" in the Executive MBA of which he is codirector since 2022. He is also Faculty Member of the European Institute for Advanced Studies in Management, Academic Member of the European Corporate Governance Institute, Fellow of the Strategic Planning Society and Friend of the Strategic Management Society.

He previously held the position of Full Professor at the University of Catania from 2006 to 2018, teaching from

2004 to 2018 "Management of Financial and Insurance Companies" and from 2008 to 2018 "Corporate Strategy" in the Master's degree courses in "Corporate Finance" and in "Corporate Management"; he has also held visiting positions in authoritative international business schools. He is the author of over two hundred and twenty publications with international and national circulation on corporate governance,

entrepreneurship and business strategy. He has developed operational managerial experience in companies operating in the LPG-Liquid Petroleum Gas downstream and in the real estate sector. Former member of the Young Entrepreneurs Group of Confindustria Palermo,

of which he was Councillor/Treasurer and member of the National Commission 'EuroMediterranean Area' in Confindustria Rome.

Since 2018, he has been an independent Director of doValue S.p.A., where he held the positions of Chairman of the Risk and Related Party Transactions Committee and member of the Appointments Committee; he is currently a member of the Risk, Related Party Transactions and Sustainability Committee.

Cristina Finocchi Mahne graduated in Economics from La Sapienza University of Rome, received her MBA from Luiss Business School and obtained further specialisations in finance, financial communication and management skills in London and Los Angeles.

She has more than 20 years of experience as a C-suite executive/advisory board member of listed banking groups/management consulting companies. Since 2010 he sits on the Boards of Directors of FTSE/STAR/AIM Italia and NYSE listed companies (sectors: energy, industrial/infrastructure, banking/financial, consumer discretionary, media/IT/communication, telco towers), with a consolidated experience in regulated sectors. He has been proactively involved in ESG sustainability since 1999.

She is currently an Independent Director of listed companies (Maire Tecnimont, where he also holds the position of Lead Independent Director, and Italian Design Brands (IDB), where he also holds the position of Chairman of the Control, Risk and Sustainability Committee) and of unlisted companies.

She has been an adjunct lecturer in economic-financial and ESG sustainability subjects for over 10 years: currently at the Faculty of Banking, Finance and Insurance Sciences, Università Cattolica del Sacro Cuore and Luiss Business School Milan; previously at the Faculty of Economics, University of Rome La Sapienza and Luiss Business School Rome.

She is a member of the Global Advisory Board of Fordham Gabelli Business School NY and the London Advisory Board of Fordham University NY, USA.

She is a member of the Scientific Committee of CSEA (Centro Studi Economia Applicata) Università Cattolica del Sacro Cuore Milano and of the Vatican Foundation Centesimus Annus. She is Co-Chairman Italy and member of the Global Visionary Awards Committee of WCD (WomenCorporateDirectors), a global foundation that promotes best practices in corporate governance and ESG sustainability in Boards.

A speaker at national and international conferences, she is the author of publications and articles on ESG economic-financial and sustainability issues.

Nunzio Guglielmino, born in Rome on 14 January 1946, graduated in Law and Political Science from the University of Rome. From 1980 to 1984, he was an official at the Ministry of the Treasury and from 1984 to 1993 he served as Economic and Monetary Affairs Advisor at the Permanent Representation of Italy in Brussels, actively participating in meetings of the Council of Finance Ministers of the European Union (ECOFIN) and contributing to the drafting of the Maastricht Treaty as a member of the delegation appointed by the Italian Government. From 1993 to 1995, he worked at the Ministry of Economy and Finance and, in 1996, he was appointed Director General at the Treasury Department of the Ministry of Economy and Finance. From 1993 to 2000 he was on the Board of Directors of the European Investment Bank and from 2000 to 2015 he was Deputy Governor of the Council of Europe Development Bank (CEB). He has been Deputy Chairman of Poste Italiane and Director in Cassa Depositi e Prestiti and Alitalia and other public and private companies. He held from October 2016 to 30 June 2018 the position of Expert for advisory activities for the examination and in-depth study of EU law issues at the Presidency of the Council of Ministers.

Since 2015, he has been an independent Board Member of doValue S.p.A., where he chairs the Nomination and Remuneration Committee and was a member of the Risk and Related Party Transactions Committee.

From June 2021 to April 2023, he was an independent Director of doNext S.p.A., where he also served as Chairman of the Board of Directors.

Since 2019, he has been teaching History and Global Relations at LUISS in Rome.

Currently Adjunct Professor at the Faculty of Political Science.

Elena Lieskovska, is a Partner in the Special Situations division of Bain Capital in London and focuses on the Financial Services sector.

Previously, she was a Partner at Varde Partners from 2008 to 2022, focusing on investments in the Financial Services sector in Europe and the insurance industry.

She previously worked at Lehman Brothers, Alvarez & Marsal and Goldman Sachs.

She holds an M.B.A. from Harvard Business School and a Bachelor.of Science. from Louisiana State University. Since June 2023, she has been an independent Board Member pursuant to Article 148 T.U.F. of doValue S.p.A., where she currently also serves as a member of the Nomination and Remuneration Committee.

Roberta Neri, born in Rome, graduated with honours in Economics and Commerce at the University of Rome La Sapienza. She is qualified as a chartered accountant and is enrolled in the Register of Auditors.

She started his career in Italsiel S.p.A. - Società Italiana Sistemi Informativi Elettronici, S.p.A.; since 1999 he has held positions of primary responsibility in ACEA S.p.A., first dealing with budget, control and strategic planning, then becoming Head of Planning and later Chief Financial Officer. In 2009 he founded Manesa Srl (now Byom Srl), working as Managing Director until 2015 on investment activities and technical/financial advisory services to financial and industrial investors for structured transactions in the Energy and Infrastructure sectors. He is

currently a partner and board member at Byom.

From 2015 until May 2020, she was CEO of ENAV, where she managed the company's IPO process on the Italian Stock Exchange.

From March 2015 to September 2015, she was also a member of the Board of Directors and a member of the Related Party and Control, Risk and Corporate Governance Committees of Autostrade Meridionali SpA. From April 2015 to April 2017, she was a member of the Board of Directors of Acea SpA, Chairman of the Control and Risk Committee and member of the Related Party Transactions Committee and the Nomination and Remuneration Committee.

From January 2018 to December 2019, she was President of A6, the alliance of "European Air Navigation Service Providers". From 2017 to 2020, she was a member of the Board of Directors of Cementir Holding S.p.A. and a member of the Board of Directors of Aireon LLP.

Since September 2018 she is, first Industrial Advisor and then in October 2020 Operating Partner of Asterion, a Spanish fund specialised in infrastructure investments in Europe in the transport, telecommunications, energy and other utilities sectors. Since July 2020 he has been a member of the Advisory Board of Equita Group, Italy's leading independent investment bank.

From October 2020 to April 2023, she was Chairman of the Board of Directors of MPS Leasing&Factoring.

Since November 2020, she has been a member of the Board of Directors of Sorgenia S.p.A., a position he previously held from 2015 to 2018.

Since 2021, following the acquisition through VTO (Voluntary Tender Offer) by the Asterion Fund, she has been Chairman of the Board of Directors of Retelit.

Since 2021, she has been a member of the Board of Directors of doValue S.p.A. and a member of the Risk, Related Party Transactions and Sustainability Committee.

Since December 2022, following the acquisition by the Asterion Fund, she has been Chairman of the Board of Directors of Irideos.

As of 1 February 2024, she is a non-executive director on the board of Ryanair Holdings

Giuseppe Ranieri, born in Rome on 19 February 1974, graduated in Economics at the University of Rome "La Sapienza", since 2013 he has been at Fortress Investment Group where he is Managing Director. From 1998 to 1999 he worked as an analyst in Nusa SIM S.p.A. and then, from 2000 to 2005, as a Manager in PricewaterhouseCoopers-Transaction Services. From 2005 to 2009 he worked at Morgan Stanley Real Estate Fund and Prelios S.p.A., and from 2009 to 2012 at First Atlantic Real Estate NPL S.p.A. (now Frontis S.p.A.). He has been a member of the Board of Directors of doValue S.p.A. since 2016.

Marella Idi Maria Villa, Born in Milan on 23 October 1977, she graduated in Law at the Università Cattolica del Sacro Cuore in Milan and qualified as a lawyer in 2006 in Milan.

Over the last 20 years, she has worked with leading domestic and foreign law firms, providing assistance in the

areas of Banking & Finance, Capital Markets and Mergers and Acquisitions, and advising listed companies in particular with reference to Consob regulations (T.U.F. and Issuers' Regulations), the Bank of Italy and Borsa Italiana instructions.

She has also gained experience in debt restructuring of listed companies with banks and their subsequent recapitalisation, advising on real estate investment funds and extraordinary corporate transactions (acquisitions, mergers and business disposals).

In the banking area, she has dealt with numerous corporate finance, acquisition and leveraged finance, real estate and project finance transactions; in the area of structured finance, she has assisted investors, arrangers, originators and issuers in securitisation and loan sales transactions and in the issuance of listed bonds.

In 2023, she took on the role of Legal Counsel Finance and Capital Market at Gate Group, a leading Swiss global group in airline catering, in-flight retail and hospitality services, at the group's headquarters in Zurich. Since 5 December 2023, she has been appointed as a member of the Board of Directors of Gategroup Finance (Luxembourg) SA.

Since 2019, she has been an independent Board Member of doValue S.p.A., where she currently also serves as a member of the Nomination and Remuneration Committee.

Diversity criteria and policies in Board composition and organisation

The achievement of all targets defined in the Sustainability Plan confirms doValue's commitment to contribute to the achievement of the 17 Sustainable Development Goals (SDGs) identified by the United Nations 2030 Agenda. doValue considers it fundamental to spread and strengthen a culture of inclusion and non-discrimination. Within the pillar of the Sustainability Plan, Attention to People, activities dedicated to the valorisation of diversity and awareness and education campaigns on D&I have been promoted and a Group Diversity & Inclusion Policy has been defined, which aims to promote a corporate culture oriented towards overcoming all forms of discrimination and historical and cultural prejudice, making the workplace an inclusive environment where all types of diversity can find space and generate value.

Furthermore, since 2021, the Diversity & Inclusion Council has been established at Group level with the objective of promoting initiatives aimed at strengthening and spreading diversity and inclusion, which are fundamental elements of its corporate culture and at the core of its value system and which can be summarised in two principles (i) creating a work environment that leverages diversity and fosters an inclusive culture to support individual and organisational growth and (ii) appreciating diversity by promoting a respectful environment in which everyone can express their authenticity, particularly in relation to the issues of Gender, Disability, Generation and Multi-culturality.

The overall workforce of the Group companies includes 58% female personnel; within the Group Functions structures of the parent company doValue that carry out management, coordination and control activities, for their respective areas of competence - female personnel account for 49%; in the roles of responsibility of the same, it is 37%.

Maximum number of offices held in other companies

Without prejudice to compliance with the limits on the number of offices that the members of the administrative body may hold pursuant to the law and regulations, the general criteria relating to the maximum number of offices of administration and control in other companies listed on regulated markets, whether Italian or foreign, deemed compatible with an effective performance of the office at doValue have been adopted for the financial year 2023, also taking into account the participation of directors in the Endoconsiliar Committees, as defined in the policy approved by the Board of Directors.

In particular, the policy governing the maximum number of offices that doValue directors may hold provides that:

executive directors, in addition to the office held in doValue, may not hold the office of executive director in other companies, Italian or foreign, listed on regulated markets, Italian or foreign, and may not hold the office of nonexecutive director or effective member of the control body in more than one other company, Italian or foreign, listed on regulated markets, Italian or foreign;
non-executive directors, in addition to the office held in doValue, may not hold the office of executive or nonexecutive director or effective member of the control body in more than 4 other companies, Italian or foreign, listed on regulated markets, Italian or foreign.

Directors are obliged to inform the Company about their appointments in other companies and entities.

In Table 2 at the end of this Report, and referred to in point 4.2 above, evidence is provided, in accordance with the provisions of the Corporate Governance Code, of the number of directorships and audit appointments that current doValue directors have disclosed they hold in other companies.

The current composition of the Board of Directors meets the general criteria as verified on 4 June 2021, 4 August 2021, 3 May 2022, 27 April 2023 and 15 June 2023

4.3 OPERATION OF THE BOARD OF DIRECTORS (pursuant to Article 123-bis(2)(d) TUF)

The Board of Directors has defined rules and procedures for its own functioning by means of special Regulations approved in the updated version on 13 May 2021, published on the Company's website.

The Chairman is responsible for scheduling the Board of Directors' items on the agenda of the various meetings. The Chairman also ensures that, during the meetings, the Board of Directors devotes the necessary time to the topics to be discussed and encourages the directors to provide their valuable contribution, functional to a constructive debate. In order to ensure that all Board members can schedule their attendance at Board meetings, the Chairman establishes, on a case-by-case basis, in agreement with the CEO, the expected duration of each Board meeting, indicating for each item on the agenda the time scheduled for discussion and debate. The Chairman manages the board meetings in order to ensure, as far as possible, that the scheduled times are respected.

Article 16 of the Articles of Association provides that the Board of Directors shall be convened, including by means of telecommunications, at the Company's registered office or elsewhere, either in Italy or abroad, at intervals of not more than three months and, in any case, whenever the Chairman deems it necessary, or when it is requested by the Chief Executive Officer or at least two directors.

The Board of Directors may also be convened at the initiative of the Board of Auditors.

Notice of the meeting must be sent to all Directors and Statutory Auditors at least three (3) days before the date set for the meeting. In case of urgency, the Board may be convened 24 (twenty-four) hours before the meeting.

Pursuant to Article 16, Section 4, of the Articles of Association, in the absence of a convocation, the Board of Directors is validly constituted when the majority of the Directors and Statutory Auditors in office, including in any case the director appointed from the minority list, are present and all persons entitled to attend have been informed in advance of the meeting.

The Articles of Association also allow the participants in the Board of Directors' meeting to intervene remotely, through the use of telecommunication systems (including audio/video links), provided that each of the participants can be identified by all the others and that each is able to intervene in real time during the discussion of the topics examined, as well as to receive, transmit and view documents.

In order to allow for adequately informed and conscious participation by all directors and, in this way, enable them to express their opinion on the matters to be deliberated, the Rules of Procedure of the Board of Directors provide that the notice of call must contain the agenda of the items to be discussed and that the following must be made available to directors and statutory auditors at least 2 days prior to the board meeting or, in the case of an urgent call, at least the day before the meeting, the appropriate supporting documentation and related information in a manner that guarantees confidentiality and timeliness of the call.

The planned timetable was also met in 2023.

In any case, should it not be possible to meet the above deadlines due to the availability of the documentation, the President shall ensure that timely and adequate investigations are carried out during the council sessions.

The documentation is made available on a special IT platform, which guarantees the security and confidentiality of the data and information provided (with dedicated and exclusive access via personal, encrypted userid and password). This platform enables the digitisation of Board of Directors and Committee meetings, making it possible on the one hand to make the documentation available in the days preceding the meeting in an organic and secure manner and on the other hand to be able to consult the documentation on a computerised medium during the meeting itself, pursuing the objective of completely overcoming the paper printing of all documents pertaining to meetings and archiving the documentation itself.

Also in 2023, the documentation was normally made available, both for Board of Directors' meetings and for the Intra-Board Committees, in compliance with the established deadlines. In this regard, the current Rules of Procedure of the Board of Directors establish the deadline for making available the documentation supporting the decisions to be taken, containing any proposals for resolutions and information suitable in qualitative-quantitative terms to support the work of the Board, at least two days before the date set for the meeting or, in the event of an emergency call, at least the day before the meeting itself, unless a justified exception is made by the Chairman. In the case of transactions with more stringent timeframes, such as participation in tenders, acquisition of mandates, M&A transactions, the documentation was adequately presented to the Board, also with the participation of the managers involved from time to time, with the possibility of ample discussion and comparison.

For Board meetings to be valid, the presence of the majority of its members in office is required; resolutions are passed by majority vote, excluding abstentions. In this regard, it should be noted that, with regard to the Financial Year and in compliance with Recommendation 11 of the Corporate Governance Code, the Chairman of the Board of Directors has been diligent not only in ensuring that the documentation relating to the various items on the agenda of the various board meetings was available to the directors and auditors within the timeframe indicated above, but also that the same documentation, in a substantially regular manner, was available even earlier. Minutes are taken at each meeting, submitted for approval at the first subsequent Board meeting, transcribed in the special company book and signed by the Chairman and Secretary.

In order to provide corporate officers with adequate support on issues of particular importance, specific pre-consiliar meetings were held, which covered the following topics:

analysis of the main features of a securitisation transaction of loans and non-performing loans for servicing purposes;
Market analysis and growth possibilities.

During 2023, the Board of Directors held 23 meetings (of which 12 outside the approved calendar and 2 convened on an urgent basis), each lasting an average of about 3 hours, including through the use of telecommunication media, however provided for by the Articles of Association.

For more information on the availability of time provided by each director, please refer to Table 2 at the end of this Report. The meetings that some directors were unable to attend, for the most part, related to meetings held outside the approved calendar.

For the financial year 2024, 14 meetings have been scheduled, 5 of which have already been held as of the date of this Report.

4.4 ROLE OF THE CHAIRMAN OF THE BOARD OF DIRECTORS

In adherence to Principle X of the Corporate Governance Code, the President promotes the effective functioning of the corporate governance system by guaranteeing the balance of powers between the Company's decision-making bodies, and also plays a role in driving and coordinating the Board of Directors in the pursuit of the Company's interests.

In the course of the Year, the President of the Council, in adherence to Recommendation 12, took care:

the suitability of the pre-Board briefing, as well as the additional information provided during Board meetings, to enable directors to act in an informed manner in the performance of their role; the coordination of the activity of the Endoconsiliar Committees with the activity of the Board;
in agreement with the chief executive officer, the attendance at board meetings of the executives of the Company and the other Group companies, the heads of the corporate functions competent according to the subject matter, to provide the appropriate in-depth analysis of the items on the agenda. In particular, the meetings were attended by the persons responsible from time to time for the subject matter, including the General Manager Corporate Functions, the Chief Financial Officer, the Executive in Charge, the Chief

Group Control Officer and the Head of Internal Audit, the Investor Relator, the Head of the M&A function, the Country Managers of the Regions. These individuals were present at the Board meetings only for the discussion of their respective items and left the meeting following the Board's resolution. During 2023, the Chairman regularly invited the General Counsel to attend, who attended almost all Board meetings; the General Manager Corporate Functions and the Chief Financial Officer actively participated by presenting, among other things, the quarterly and annual Financial Reports and the budget;

The Chairman also ensures that the heads of the relevant corporate functions and any managers interested in the items on the agenda are available to attend meetings when requested.
the participation of the members of the administration and control bodies in initiatives aimed at providing them with an adequate knowledge of the business sectors in which the Company operates, of corporate dynamics and their evolution also with a view to the sustainable success of the Company itself, as well as of the principles of proper risk management and the regulatory and self-regulatory framework of reference.

Based on Recommendation 22 of the Corporate Governance Code, in view of the renewal of the Board of Directors, the Board of Directors conducted a self-assessment on 21 December 2023. In particular, the Chairman, with the support of the Appointments and Remuneration Committee, oversaw the adequacy and transparency of the selfassessment process (for more information, see section 7 of the Report)

The Chairman also ensured, in accordance with the provisions of the Engagement Policy, issued in 2021 in adherence to Recommendation 3 of the Corporate Governance Code, that the Board was informed, by the first useful meeting, on the development and significant contents of the dialogue held with shareholders.

The Chairman ensures the most appropriate management of the timing of Board meetings, favouring the optimisation of the debate and graduating the extent of the discussion according to the relevance of the items on the agenda; with this in mind, where necessary, he also promotes any pre-meeting exchanges between Directors, both executive and non-executive, and the Presidency, for an informal preliminary examination of the main issues to be addressed by the Board.

Secretary of the Council

For the organisation of its activities, the Council is supported by a Secretary, whom it appoints on the proposal of the President, who may also be chosen from outside the members themselves. In the event of the absence of the appointed secretary, the Council appoints the person who is to replace him/her.

As stipulated in the doValue Board of Directors Regulation, the Secretary must possess adequate requirements of professionalism, experience and independence of judgement. In particular, the Secretary must:

(a) hold a master's degree in economic-legal subjects;

b) having served for at least three years as secretary to the board of directors in listed issuers or in mediumsized or large companies; and/or

(c) have at least three years' experience in law firms specialising in corporate law and corporate governance issues, or have held for the same period senior management positions in legal/corporate departments of listed issuers or medium-sized or large companies.

During the 2023 financial year, the Secretary supported the activities of the Chairman of the Board (particularly in relation to the aspects indicated in Recommendation 12 of the Code) and provided impartial assistance and advice to the Board on any aspect relevant to the proper functioning of the corporate governance system (Recommendation 18). In particular, it provided support in the preparation of Board and Shareholders' meetings, in the preparation of related resolutions, in ensuring the adequacy, completeness and clarity of information flows to the Board, in communication with the Directors, in organising board inductions

The Secretary also assists the Managing Director in his relations with the Board and provides assistance to the Board on any aspect relevant to the proper functioning of the corporate governance system.

The secretary coordinates the secretariat of the committees and supports their work, draws up the minutes of each meeting and signs them together with the president; he also takes care of the preservation of the minutes and the company books.

4.5 EXECUTIVE DIRECTORS

Managing Director

Pursuant to Article 15 of the Articles of Association, the Board of Directors of doValue appointed on 29 April 2021 confirmed on the same date Mr. Andrea Mangoni as Chief Executive Officer of the Company. Until 27 April 2023, Andrea Mangoni held this office and following his resignation, the Board of Directors appointed Manuela Franchi as interim CEO on the same date, who was confirmed in the role on 3 August 2023.

With a view to continuing to ensure the orderly and proper performance of the company's activities, both current and prospective, on 21 December 2023 the Board of Directors updated the operating powers previously assigned to the CEO.

The categories of deeds, the performance of which has been delegated to Dr. Manuela Franchi, (a list of which can be found at the Verona Companies' Register, where the relevant resolution was filed and registered and to which explicit reference is made) are determined in the following mannerThe categories of actions, the performance of which was delegated to Dr. Manuela Franchi (a list of which is available at the Verona Companies' Register, where the relevant resolution was filed and registered and to which explicit reference is made) are determined analytically and clearly and precisely articulated, including the indication of quantitative and value limits and any exercise modalities; this is also in order to allow the Board of Directors to accurately assess and accurately verify the correct performance as well as the possible exercise of its directive and avocation powers. In any case, operations reserved by law and/or regulation to the competence of the Board of Directors are excluded from the powers of the Managing Director. The Managing Director is therefore directly responsible for the management of the Company.

The Managing Director is entrusted with management tasks, i.e. the implementation of the policies decided by the Board of Directors.

The CEO at a glance:

supervises the management of the Company and the Group in compliance with the general, planning and strategic guidelines determined by the competent Corporate Bodies - promoting the unity of the Company's management and the management and coordination of the Group;
manages and coordinates the activities of the operational structures having functions of strategic importance and control, in compliance with the resolutions taken from time to time by the Board of Directors;
exercises all powers attributed to it in accordance with the law and the internal regulations in force from time to time;
defines the operational and executive structure of the Company and ensures that the organisational, administrative and accounting aspects, as well as the overall system of internal controls are appropriate to the nature and size of the Company;
supervises the functionality of the internal control and risk management system from the start of trading of the Company's shares on the MTA;
It provides for the management of the Company's holdings.
makes expenditure decisions (meaning both opex and capex) within the limits of the powers vested in it and in compliance with the overall annual expenditure budget approved by the Board of Directors (unless otherwise provided for). In particular:
- decides on expenses and investments necessary for the management of the Company within the limit of € 5 million per individual purchase. For consultancy contracts, the limit is € 2 million per individual contract.
- may also take justified expenditure decisions beyond the limits of the approved annual budget up to a maximum annual amount of 5% of budgeted operating costs

This is without prejudice to the fact that the Managing Director is the legal representative of the Company, pursuant to the Articles of Association.

Consistently with the provisions dictated by the Corporate Governance Code, doValue's Board of Directors has also assigned the Chief Executive Officer the role of director in charge of supervising the functions of the internal control and risk management system, also taking into account his previous experience in ERM. Topic illustrated in detail in point 9.1 below

Chairman of the Board of Directors

The Chairman of the Board of Directors has not been delegated management powers and, consequently, does not hold any executive role.

The Chairman has no specific role in the elaboration of corporate strategies and is qualified as an Independent Director.

Information to the Council by the councillors/delegated bodies

Pursuant to Article 15 of the Articles of Association, the Chief Executive Officer reported to the Board of Directors and the Board of Statutory Auditors, at least quarterly and in the manner established by the Board of Directors, on the

activities performed in exercising the powers delegated to him, reporting, inter alia, on the general performance of operations and its foreseeable evolution, as well as on the most significant economic, financial and equity transactions carried out by the Company and its subsidiaries.

Other executive directors

Aside from the Chief Executive Officer, at the date of approval of this Report, there are no other Directors with management powers or who can be considered executive.

4.6 INDEPENDENT DIRECTORS AND LEAD INDEPENDENT DIRECTORS

Independent directors

The Chairman of the Board of Directors, Giovanni Castellaneta, the directors Nunzio Guglielmino, Giovanni Battista Dagnino, Cristina Finocchi Mahne, Roberta Neri and Marella Idi Maria Villa are Independent Directors pursuant to both Article 148 of the Consolidated Law on Finance (applicable to directors pursuant to Article 147-ter, paragraph 4, of the Consolidated Law on Finance) and Article 2 of the Corporate Governance Code. Elena Lieskovska is an Independent Director pursuant to Article 148 of the Consolidated Law on Finance.

At the time of the filing of the lists for the appointments made at the Shareholders' Meeting of 29 April 2021, Ambassador Giovanni Castellaneta was indicated as a candidate for the position of Chairman of the Board of Directors and assessed as independent at the Board meeting of 4 June 2021, as none of the circumstances compromising, or appearing to compromise, independence specified in Article 7 of the Corporate Governance Code had arisen.

The Board of Directors has deemed the number and expertise of directors qualified as independent to be adequate for the Company's needs and the functioning of the Board itself, as well as the constitution of the relevant committees. With regard to the recommendations of the Corporate Governance Committee, as well as the indications of the Code, concerning the assessment of the significance of the relationships under examination (any commercial, financial or professional relationships) and the ex-ante definition of quantitative and/or qualitative reference criteria for such assessment, without prejudice to its own discretion in assessing the specific situation taking into account the best interests of the Company, the significance of the relationship and its suitability to affect the independence of the Director the Board has predefined, at the beginning of its mandate, the aforementioned quantitative and qualitative criteria for assessing the significance of the circumstances relevant under the Code for the purposes of assessing the independence of directors, distinguishing the cases in which the commercial, financial or professional relationship is 'direct' from those in which it is 'indirect' (e.g. through subsidiaries or companies of which it is an executive director, or as a partner of a professional firm or consulting company).

With reference to direct relationships, it considered significant those that generated a consideration, when taken together on an annual basis, exceeding a certain amount and at the same time representing at least a certain percentage of the director's annual income.

On the other hand, with reference to indirect relationships, it considered significant those that generated a consideration at least equal to a certain percentage of the annual turnover of the company or entity of which the director has control or is a director, or of the professional firm or consulting firm of which he is a partner. It is therefore noted,

with regard to the recommendations made by the Corporate Governance Committee, that the aforementioned assessment of independence by the Board of Directors did not result in any cases of disapplication or deviation from the criteria of independence defined by the Code

On 23 February 2023, 11 May 2023 and 15 June 2023, the Board verified and ascertained that the directors met the independence requirements, the results of which were disclosed to the market by means of a press release.

The Board of Directors, with the support of some of the Company's corporate functions, carried out an internal audit within the Group aimed at identifying the possible existence of pacts, appointments, relations and/or constraints on the directors (even indirectly, through the persons indicated in the declaration issued for the purposes of the relevant information for Related Parties), and such as to configure conditions that could prevent them from meeting the independence requirement.

The Chief Executive Officer Manuela Franchi, the Directors Francesco Colasanti, and Giuseppe Ranieri are not independent directors - neither pursuant to the TUF nor the Corporate Governance Code.

The Board of Statutory Auditors therefore verified the correct application of the assessment criteria and procedures adopted by the Board of Directors to evaluate the independence of its members.

It should be noted that the independent directors met, in the absence of the other directors, on 13 January 2023 and 9 November 2023, addressing, inter alia, issues related to the governance system, including the Group's organisational structure, making proposals and recommendations to the Board of Directors.

During 2024, they also met on 6 March.

The meetings were essentially coordinated by Councillor Prof. Giovanni Battista Dagnino

Lead Independent Director

As none of the prerequisites identified by the Corporate Governance Code (Recommendation 13) apply, the Board of Directors did not appoint any Independent Director as lead independent director.

5 MANAGEMENT OF CORPORATE INFORMATION

The current regulatory system (TUF; M.A.R. and Enforcement Regulations; Consob Issuers' Regulations) and the Corporate Governance Code (Article 1, paragraph 1(f)), in defining the role of the administrative body, places on the latter, in order to ensure the proper management of corporate information, the task of adopting a procedure for the internal management and external disclosure of documents and information concerning the company, with particular reference to inside information.

In compliance with these provisions, therefore, the Board of Directors - on the initiative and proposal of the Chairman and the Chief Executive Officer - identified and defined the processes and procedures for the internal management, as well as the related external communication, of information and documents concerning the Company, and this also with reference to inside information.

Management of Privileged Information

doValue, in compliance with the laws and regulations applicable to listed companies on the subject of market abuse as well as the recommendations and/or indications, also of an interpretative nature, addressed - at a national and European level - to listed companies, has adopted the Group policy for the internal management and external communication of privileged information and for record-keeping (the "Insider Policy") and has set up the Register of persons with access to privileged information ("Insider Register") pursuant to the MAR and other reference regulations applicable from time to time.

This Insider Policy was updated during 2021 and approved by the Board of Directors on 25 January 2022 and is available on the Company's website in the Governance section.

The Insider Policy illustrates in particular (i) the process of identification, management and treatment of Important and Privileged Information (as defined below) concerning the Company, and (ii) the procedures to be observed for the communication, both inside and outside the company, of documents and information concerning doValue and its subsidiaries, considered as Privileged Information; (iii) impart, pursuant to Article 114, paragraph 2 of the TUF, the necessary provisions to ensure that the subsidiaries of doValue provide, in a timely manner, all information necessary to fulfil the disclosure obligations provided for by law.

The proper disclosure of inside information therefore allows the market and investors to be protected by ensuring that they have adequate knowledge of the events concerning the issuer on which to base their investment decisions.

The rationale of the obligation to disclose inside information in accordance with a predetermined manner is to be found in the objective of not allowing the disclosure of inside information:

abuse or attempt to abuse inside information;
recommending or inducing others to abuse inside information; or

• communicating inside information to others outside the normal exercise of their employment, profession, function or office, preventing certain persons or categories of persons from using information not known to the public to carry out speculative transactions on the markets to the detriment of investors, who are not aware of such information.

The Insider Register is maintained by the Compliance & Global DPO Function - reporting to the General Counsel in an electronic format, conforming to the templates set out in the Execution Regulation in order to ensure that at all times

the confidentiality of the information contained therein, ensuring that access to the list is permitted only to clearly identified persons;
the accuracy of the information contained therein;
access and retrieval of previous versions of the Register.

Already since 2018, following the issuance by Consob of the Guidelines on the Management of Privileged Information, doValue has, furthermore, established the Register of Relevant Information ("RIL Register") considering it appropriate to trace the individual pieces of information that could potentially, at a later stage, take on a privileged nature, also providing for their relative monitoring. At the same time, the mapping of Relevant Information, i.e. the list of the Types of Relevant Information within which, or in relation to which, it is most reasonable to expect that specific Relevant Information and/or Inside Information may arise, has been carried out and constantly updated. In the course of 2022 following the issuance of Commission Executive Regulation (EU) 2022/1210 of 13 July 2022 laying down technical implementing rules for the application of Regulation (EU) No. 596/2014 of the European Parliament and of the Council, a gap analysis was carried out to ensure the formal alignment of the lists of persons with access to information.

Internal Dealing

In compliance with the applicable regulatory provisions on market abuse referred to in the opening (TUF; M.A.R. and Enforcement Regulations; Consob Issuers' Regulations), the Company has adopted the "Internal Dealing" policy (hereinafter, the "ID Policy"), aimed at regulating the execution of information and conduct obligations towards the Company and the market, relating to transactions carried out, also through third parties, on the Company's shares and financial instruments, as well as on related financial instruments by persons performing administrative, control or management functions and/or relevant persons and/or persons closely related to them.

The Policy ID was updated during 2022, following doValue's entry into the Star Segment. The updated document, which was approved by the Board of Directors on 28 September 2022, is available on the Company's website in the "Governance" section.

The ID Policy regulates, with binding effect, the disclosure and conduct obligations towards the Company and the market, relating to Relevant Operations (as defined below) carried out, also through third parties, by MAR Relevant Persons and/or by RE Relevant Persons and/or their Close Associates, identified in absolute compliance with the provisions of the MAR Regulation and the Consob Issuers' Regulation.

The ID Policy also establishes that "Relevant Operations" are all operations concerning Shares and/or derivative instruments and/or other financial instruments linked to them, carried out on their own account, also through third parties, by MAR Relevant Persons by their Close Associates (as provided for by the regulations and transposed in the Policy). The Company, through the Person Responsible, draws up a list of MAR Relevant Persons, RE Relevant Persons and Closely Linked Persons (the "Internal Dealing List"), verifying on an annual basis the need to proceed with amendments, corrections and/or additions to the List itself.

The Policy ID also illustrates the sanctions and specifies that, in addition to the sanctions provided for by the laws and regulations in force on insider trading and market manipulation, in the event of violation of the provisions of the Policy ID, doValue will proceed against those responsible for violations of the provisions of the Policy ID, adopting the measures provided for by the applicable legislation. In addition, the Policy ID points out that the violation of the provisions contained therein may constitute a serious damage for the company, also in terms of image, with important economic and financial consequences. Policy ID also states that, if the violation is committed by an employee, this may constitute a disciplinary offence and, in the most serious cases, may result in dismissal.

6 INTERNAL BOARD COMMITTEES (pursuant to Article 123-bis, Section 2(d), TUF)

Article 21 of the Articles of Association empowers the Board of Directors to set up committees from among its members, determining the number of their members.

Pursuant to Principle XI and Recommendation 16 of the Code, the Board of Directors established the Nomination and Remuneration Committee and the Risk, Related Party Transactions and Sustainability Committee, both with proposing, advisory and coordinating functions.

In setting up the two Endoconsiliar Committees, the Board of Directors took into account its own composition as well as the number and availability of independent and non-executive directors; it therefore opted for a composition of the Endoconsiliar Committees made up of members who are for the most part independent, among whom the Chairman was identified, in compliance with the conditions set forth in the Corporate Governance Code. The Board determined the composition of the Committees by adopting criteria aimed at avoiding an excessive concentration of positions.

The members of the Endoconsiliar Committees possess the necessary skills and experience to handle the tasks and roles assigned to the committees.

The Board of Directors did not reserve any of the functions that the Code attributes to the Committees (Recommendation 16).

Each of the Endoconsiliar Committees has its own Operating Rules, approved by the Board of Directors and made available on the company's website, which include, inter alia, provisions governing coordination and mutual reporting mechanisms between the various corporate bodies.

The members of the Committees, and for information all members of the Board of Directors, are informed of the date of each meeting and the agenda thereof by e-mail sent by the technical secretary, at least three days in advance. The Committees receive periodically, according to predefined methods and timing, the documentation and information relevant to the conscious fulfilment of their assigned responsibilities.

Access to acts and documents of the Committees are subject to the same rules of preservation and access as those of the Board of Directors. Committee members, participants and guests at meetings are bound to confidentiality with regard to all news and information acquired in the performance of their duties. They shall not disclose confidential news or information to unauthorised persons and shall refrain from using confidential information for purposes other than the performance of the Committee's functions.

The meetings of all the Endoconsiliar Committees are duly minuted and their respective chairmen report on the topics discussed at the first useful meeting of the Board of Directors, at which they present their opinions supporting the Board's assessments (Recommendation 17 of the Corporate Governance Code). Members of the Endoconsiliar Committees are granted access to all information that, in the opinion of their members, is deemed necessary for the performance of their duties (Recommendation 11). The Endoconsiliar Committees may make use of external consultants, the cost of which is borne by the Company, within the limits of the budget approved by the Board of Directors and made available to each Committee.

Additional committees

In view of the termination of the Chief Executive Officer in April 2023 and in implementation of the current

Contingency Succession Plan (the 'Plan'), the Transition Process Committee was established as a contingent organisational unit to follow all aspects related to the activation of the Plan and the transition. This Committee mainly coordinated the identification and support phase in the installation of the interim CEO, as well as the initiatives of the subsequent phase of the process for the selection of the new CEO to be finally identified.

The members of the Committee were identified from among members of the Nomination and Remuneration Committee and Board members with expertise in specific aspects impacting the transition process.

The Chairman of the Board of Directors Amb. Giovanni Castellaneta, the Chairman of the Appointments and Remuneration Committee Prof. Nunzio Guglielmino, as well as directors Dr. Francesco Colasanti, lawyer Marella Idi Maria Villa and Dr. Elena Lieskovska.

Following the definitive appointment of Dr. Manuela Franchi as Chief Executive Officer in August 2023, the Transition Process Committee ceased its responsibilities.

7 SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS - NOMINATION AND REMUNERATION COMMITTEE

SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS

In accordance with Recommendation 22 of the Corporate Governance Code, the Board of Directors shall periodically, upon the Chairman's proposal and, in any case, at least every three years, in view of the renewal of the body, carry out an assessment of its composition and functioning (so-called "board review") in the manner provided for by the laws and regulations in force at the time, verifying, in particular, the functioning of the Board itself and its Committees, as well as their size and composition, also taking into account the provisions of the law and regulations in force at the time. "In particular, it shall verify the functioning of the Board itself and its Committees, as well as their size and composition, also taking into account elements such as the professional characteristics, experience, including managerial experience, and gender of its members, as well as their seniority in office; all in accordance with the provisions of the policy on the matter and composition of the Group's corporate bodies in force from time to time, as approved by the Board.

The last self-assessment carried out was that relating to the 2023 financial year, which ended in November 2023, conducted by doValue's Corporate Affairs staff as support to the Bodies in implementing the internal process and, without making use of the work of external consultants, through the completion of a special questionnaire and direct interviews with the Directors and members of the Endoconsiliar Committees on the effectiveness size, composition and functioning of the Board with the aim of carrying out a structured review of the effectiveness of the doValue Board from an operational point of view and to identify, where necessary, areas for improvement, in order to better perform the role of guidance and control of a complex and constantly evolving reality.

This initiative became even more timely, in view of the renewal of the Board of Directors scheduled for 2024 and the preparation of the "Guideline on the qualitative and quantitative composition of the new Board of Directors deemed optimal" , which takes due account of the results of the self-assessment.

The self-assessment process conducted revealed a high level of satisfaction among directors with regard to the effective functioning of the Board of Directors and the Endoconsiliar Committees, the centrality of the figure of the Chief Executive Officer, and the effective conduct of board business, facilitated by constant information and documentary support.

Some areas for improvement have been identified:

Improve the diversity of age groups and seniority within the Board of Directors to be appointed
Making the Board's work more effective with clearer medium- and long-term objectives
Fostering greater orientation of the Board of Directors towards strategic direction and medium- to longterm sustainability, through the understanding and management of related risks
Providing for a greater flow of information to the Board of Directors regarding the succession plans of key managers
Developing relations between Board members and management beyond the collegial formalities of the Board and Committees

Even more effective management of board meetings by the chairman, with more appropriate work schedules
Improving the debate within the Board of Directors in the presence of an effective and effective contribution from all Board members, within a transparent comparison
Operate effective systematic monitoring of the status of implementation of resolutions passed by the Council
Promote a reflection on the committee structure and in particular on a rationalisation (reduction from the current one) of the number of members of the Nomination and Remuneration Committee
Do not overlook the need for extreme confidentiality on the part of councillors with regard to information, documents and board debates

Furthermore, in adherence to Principle XIII, the Board ensures that the process of nomination and succession of directors is transparent and functional to achieve the optimal composition of the board.

In particular, as provided for by Recommendation 23 of the Corporate Governance Code, on 22 February 2024 the Board of Directors, whose term of office expires with the approval of the 2023 financial statements, in view of its renewal, approved the document entitled "Orientation on the qualitative and quantitative composition of the new Board of Directors deemed optimal" taking into account the results of its self-assessment; this orientation was published on the Company's website www.dovalue.it on 23 February 2024 well in advance of the publication of the notice of call of the Shareholders' Meeting relating to the renewal of the Board. The publication took place 21 days in advance, which is longer than the average period recorded for listed companies adhering to the Corporate Governance Code during 2023.

In addition, in compliance with Recommendation 23, the notice of call of the Shareholders' Meeting shall provide that those who submit a list containing a number of candidates exceeding half of the members to be elected must provide adequate information, in the documentation submitted for the filing of the list, on the compliance of the list with the orientation expressed by the Board of Directors and indicate their candidate for the office of Chairman of the Board of Directors.

It should also be noted that voluntarily adhering to Recommendation 24 of the Corporate Governance Code, on 23 February 2023 the Board of Directors approved the update of the "Contingency Succession Plan", which meets the provisions of the Recommendation in question and provides for a specific procedure concerning the actions to be taken in the event of sudden events that prevent the CEO, during his term of office, from exercising his functions, in order to ensure the regular management of company operations .

Although the new Corporate Governance Code recommends its adoption only for large companies (which does not include doValue), the Company approved the 'Contingency Succession Plan' in line with best practice and in adherence to the findings of the self-assessment process.

The Contingency Succession Plan for the management of the CEO's sudden impediment, identifies the corporate bodies involved, objectives, timeframe and tools. It also contains a description of the process by which the bodies will be called upon to implement it, including the Appointments and Remuneration Committee.

The Contingency Succession Plan approved by the Board of Directors provides a detailed list of the causes triggering the process: circumstances related to the sudden occurrence of causes and elements that prevent the holder of the role of Chief Executive Officer of the doValue Group, either permanently or temporarily (in any case more than 30 days), from exercising the prerogatives of his role and ensuring the correct and full functioning of the Group's activities. The main activities and related processes, to be carried out both immediately and when the impediment persists, are then set out.

The Contingency Succession Plan is to be updated every 12 months, with particular reference to the triggers, candidate profiles, procedures and tools used.

On 23 February 2023, the Board of Directors resolved to update the Contingency Succession Plan by identifying the direct reports who could take on the role of interim CEO, as well as planning to launch a market mapping exercise to identify potential candidates to quickly take on the role of CEO in the event of the sudden impediment of the Group CEO.

Finally, consistent with Recommendation 24, the Company's Board of Directors has also acknowledged the existence of an internal process, led by the Group HR function, to ensure the monitoring and updating of succession plans for senior positions reporting directly to the Group CEO. The succession risk for these positions, measured as the level of position coverage, is analysed in order to identify potential gaps and actions to be implemented.

The process is designed to ascertain for each top position the number of internal candidates that can be included in the succession plans, and in what time frame (interim 0 to 1 year, short-term 1 to 3 years, and medium-term 3 to 5 years).

8 DIRECTORS' REMUNERATION - NOMINATION AND REMUNERATION COMMITTEE

8.0 DIRECTORS' REMUNERATION

With regard to the information to be provided in this Report, please refer to the relevant parts of the Remuneration Report published pursuant to Article 123 ter of the Consolidated Law on Finance.

8.1. NOMINATION AND REMUNERATION COMMITTEE

Composition and functioning of the committee (pursuant to Art. 123-bis(2)(d) TUF)

The Nomination and Remuneration Committee, established on 13 May 2021 and integrated on 15 June 2023, consists of five non-executive directors, three of whom are independent.

The current components are:

Nunzio Guglielmino - Chairman (Independent)

Giovanni Castellaneta - Member (Independent)

Marella Idi Maria Villa - Member (Independent)

Francesco Colasanti - Member.

Elena Lieskovska - Member

The members of the Committee have the expertise and experience in financial matters or remuneration policies, deemed appropriate by the Board at the time of appointment (Recommendation 26).

The Appointments and Remuneration Committee is governed by a specific Regulation - updated by the Board of Directors on 15 July 2021 - published on the doValue website, at https://www.doValue.it/it/governance/comitatiendoconsiliari - which determines its powers and regulates its functioning. The Appointments and Remuneration Committee is provided with specific and adequate resources to perform its functions and may make use of external experts, involving, where necessary, the competent corporate functions.

The work of the Committee is coordinated by the Chairman and the meetings are duly recorded in minutes; the Chairman provides information on the topics discussed at the first useful meeting of the Board of Directors, at which he presents the opinions expressed in support of the Board's assessments.

In adherence to Recommendation 26 of the Corporate Governance Code, Article 6 of the aforementioned Regulation stipulates that no director takes part in Committee meetings in which proposals concerning his or her remuneration are formulated.

In carrying out its tasks, the Committee takes into account the objective of preventing the decision-making processes of the Board of Directors from being dominated by a single person or by groups of persons who could be detrimental to the Company.

The Committee identifies the information flows that must be addressed to it for the proper exercise of its functions and may access corporate information relevant to the exercise thereof. The Committee also has sufficient financial resources to guarantee its operational independence and may make use of external experts.

With regard to the internal control system, the Committee also cooperates with the Risk, Related Party Transactions and Sustainability Committee in order to identify the head of the Internal Audit function and the Anti-Money Laundering

Officer to be appointed by the Board of Directors, after consulting the Company's Board of Auditors.

The Nomination and Remuneration Committee met 19 times during 2023 and the average duration of the meetings was about forty-five minutes.

During 2023, the Committee carried out its activities and collaborated with the Board of Directors; at the invitation of the Chairman, some Company executives attended the meetings, informing the CEO, in relation to the discussion of specific items on the agenda. All the members of the Board of Statutory Auditors took part in the meetings and work of the Committees.

Committee functions

The Appointments and Remuneration Committee has the task of assisting the Board of Directors with investigative, proposal-making and advisory functions in the following areas:

On the composition and appointment of its members:

(a) assists the Board in the self-assessment process of corporate bodies;
(b) participates in the definition, ex ante, of the qualitative and quantitative composition of the Board of Directors and its Committees considered optimal in relation to the governance objectives identified by sector regulations. In this context, the Committee: (a) formulates opinions to the Board of Directors regarding its size and composition; (b) makes recommendations regarding the professional figures whose presence within the Board of Directors is deemed appropriate by virtue of the characteristics of professionalism and possible independence of each candidate; (c) makes recommendations, pursuant to the Corporate Governance Code, regarding the maximum number of directorships or auditor positions that a director may hold, such that it can be considered compatible with an effective performance of the office of director of the Company, taking into account the participation of directors in the Board's internal committees. To this end, it identifies general criteria differentiated according to the commitment connected to each role (of executive, non-executive or independent director), also in relation to the nature and size of the companies in which the offices are held, as well as the performance of the office within group companies;
(c) provides support in the assessment of any problematic cases relating to director appointments made by virtue of the authorisation - general and prior - by the Company's shareholders' meeting of the waiver of the noncompetition clause in Article 2390 of the Civil Code;
(d) proposes to the Board of Directors candidates for the office of director in cases of co-optation, expressing its opinion on the suitability of the candidates that, based on the analysis carried out in advance, the Board of Directors has identified to hold the offices, also with the formulation of specific proposals where independent directors need to be replaced;
(e) advises the Board of Directors on resolutions concerning the possible replacement of members of internal committees of the Board of Directors that become necessary during the Committee's term of office;
(f) support for the possible submission of a list by the outgoing governing body to be implemented in a manner that ensures its transparent formation and presentation;
(g) with reference to the need to ensure an adequate degree of diversification in the collective composition of the

Board of Directors, determination of a target in terms of the share of the least represented gender and preparation of a plan to increase this share to the target set;

(h) provides the Board of Directors with support in the ex-post evaluation of the consistency between the actual composition and the composition defined ex-ante as optimal, as well as in verifying the existence of the regulatory and statutory requirements for directors and auditors;
(i) supports the Board of Directors in preparing, updating and implementing any succession plan for the Chief Executive Officer and other executive directors.
(j) It also collaborates with the Risk, Related Party Transactions and Sustainability Committee in order to identify the head of the Internal Audit function and the Anti-Money Laundering Officer to be appointed by the Board of Directors, after consulting the Company's Board of Auditors.

On remuneration and incentive systems

a) it supports the Board of Directors in drawing up the policy for the remuneration of directors, members of the control body and top management that is functional to the pursuit of the company's sustainable success and that takes into account the need to retain and motivate people with the competence and professionalism required by the role held in the company.
b) submits proposals or opinions to the Board of Directors concerning the setting of performance objectives related to the variable component of such remuneration with regard to the remuneration of executive directors and other directors holding particular offices; monitoring the decisions taken on this matter by the Board of Directors
c) monitors the concrete application of the remuneration policy, in particular, the actual achievement of performance targets;
d) carries out a periodic assessment of the overall adequacy and consistency of the policy for the remuneration of directors and top management to which the incentive plans are linked, and of the other conditions set for the payment of remuneration;
e) periodically evaluates the adequacy, overall consistency and concrete application of the remuneration policy for directors and top management, also making use of the information provided by the Chief Executive Officer of the Company; formulates proposals to the Board of Directors on the matter;
f) directly supervises the correct application of the rules on the remuneration of the heads of corporate functions with specific tasks in the area of internal control and risk management, in close liaison with the Company's Board of Statutory Auditors (the 'Board of Statutory Auditors');
g) It prepares the documentation to be submitted to the Board of Directors for the relevant decisions (including the remuneration report pursuant to Article 123-ter of Legislative Decree No. 58 of 24 February 1998 (Consolidated Law on Finance), in compliance with the deadlines for its submission to the Company's Shareholders' Meeting);

h) contributes, involving the competent corporate functions, to the definition of the remuneration and incentive policies of the Company and its subsidiaries - and of its Associates, if applicable - and their periodic evaluation.

The Nomination and Remuneration Committee assessed and supported the Board of Directors on

Issuance of an opinion for the appointment of two Directors to supplement the Board;
Annual assessment of the independence requirements of corporate officers;
proposals to the Board of Directors regarding the selection process of the new Group CEO issuing the opinion for the proposed economic and contractual framework for the Group CEO
Update of the perimeter of DIRS and remuneration of certain DIRS in relation to the positions held;
Remuneration policy 2023 (Policy 2023 and implementation/accountability 2022)
issuing of opinion for the definition of the Managing Director's contract ;
Implementation of the Long-Term Incentive Plan 2023 2025;
Calculation of variable remuneration 2022 of CEO and DIRS, including deferred component
MBO 2023: CEO and DIRS targets
Bonus Pool 2022 and 2023
Drafting of the Plan for Self-Assessment, Fulfilment and Timing in view of the renewal of the Board of Directors in April 2024 and evaluation of the Report on the outcome of the 2023 Self-Assessment of the Board of Directors and Endoconsiliar Committees of doValue S.P.A;

The Nomination and Remuneration Committee established the calendar of its meetings for the year 2024 by scheduling 13 meetings (of which four have already been held).

9 INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - CONTROL AND RISK COMMITTEE

The Group, in line with the regulations applicable to it and the best reference practices, has adopted an Internal Control System aimed at constantly monitoring the main risks associated with the Group's activities, in order to ensure sound and prudent business management consistent with the defined strategic objectives (Principle XIX of the Corporate Governance Code).

The Group's Internal Control System therefore consists of the set of rules, procedures and organisational structures aimed at the effective and efficient identification, measurement, management and monitoring of the main risks, in order to contribute to the sustainable success of the company (Principle XVIII of the Corporate Governance Code) as well as to ensure the reliability, accuracy and timeliness of financial reporting.

Its functioning is based on control bodies and functions, information flows and methods of involvement between the parties involved and Group governance mechanisms. In particular, the Group has structured its organisational model of internal controls by pursuing the need to ensure integration and coordination between the players in the Internal Control System, in compliance with the principles of integration, proportionality and cost-effectiveness.

Over the past few years, the revision activities of the internal control system have been aimed at accompanying the organisational evolution and international growth of the Group. In previous reports, the impacts on the system of internal controls deriving from the reorganisations prepared, on the one hand, to take into account the changed regulatory context of reference for the Group in Italy following the transformation of the banking parent company into a credit management company authorised pursuant to art. 115 TULPS and the related dissolution of the pre-existing Banking Group, and, on the other hand, to support the reorganisation of activities in homogeneous geographical areas and their transversal coordination (e.g. in the definition and implementation of business development strategies and in the management of corporate processes) as well as the alignment with the Group's strategic objectives through the establishment of Group functions dedicated to this purpose.

In this context and with specific reference to the structure of the functions that contribute to the functioning of the internal control and risk management system, the main interventions carried out over time concerned the establishment of the following Group functions responsible for guaranteeing the transversal coordination of local control activities in the areas within their competence:

• Group Control Office, reporting hierarchically to the Parent Company's Board of Directors, responsible for coordinating at Group level, for the areas within its competence, the control activities aimed at guaranteeing a constant and independent assessment of the overall internal control and risk management system, reporting periodically to the Corporate Bodies, as well as ensuring the adoption of homogeneous methodological approaches and operating models by the Group's Internal Audit and Anti-Money Laundering functions in compliance with the requirements of independence and autonomy provided for by local regulations;

Group Internal Audit, reporting hierarchically to the Chief Group Control Officer, responsible for defining a common methodology for the execution of internal audit activities, common tools for the performance of controls, common reporting to the Bodies and Management of the various components of the Group and for ensuring their adoption by the various local Internal Audit functions that functionally report to it;
Group AML, reporting hierarchically to the Chief Group Control Officer, responsible for issuing Group guidelines and policies on money laundering risk prevention, developing a common methodological approach to money laundering risk management and common reporting to the Bodies and Management of the various Group components, supervising their adoption by the various AML functions established locally that report functionally to it;
Compliance & Global DPO, reporting hierarchically to the Group General Counsel, responsible for developing a uniform compliance framework at Group level in order to ensure compliance with perimeter regulations (e.g. Market Abuse, Related Parties, Consob Regulations, Anti-Corruption, Privacy) through the definition of common guidelines and policies, regulatory monitoring and implementation of the actions necessary to ensure compliance with applicable regulations as well as the introduction of specific intragroup information flows. In the area of data protection, the Global DPO defines the Group's organisational model and a common framework of DPO controls, and is mainly responsible for coordinating data protection activities, receiving information flows from local DPOs and, consequently, reporting to the doValue Board of Directors.
Group Administration & Internal Control for Financial Report, reporting hierarchically to the Group Finance Function, within which the Internal Control for Financial Report structure is responsible for supporting the Manager in charge ex. L.262/2005 in the fulfilment of its responsibilities with reference to the issuer and all the Group companies included in the consolidation;
Group Enterprise Risk Management, reporting hierarchically to the General Manager Corporate Functions, with the task of coordinating the management of strategic, operational, reputational, legal and financial risks to which the Group is exposed by defining the relevant guidelines and identifying the criteria for monitoring the aforesaid risks, using for this purpose suitable methodological approaches, procedures and tools and ensuring the appropriate reporting to the Corporate Bodies.

With respect to the aforementioned set-up, as from September 2023, the mission of the Group Internal Audit Function was revised to flank the methodological coordination and reporting components with the centralised execution of audit activities in the Information Technology area on the entire doValue Group perimeter. To this end, the Group IT Audit unit was set up to report directly to the Group Internal Audit Manager. This development became necessary in order to ensure more effective coverage of the risks associated with the Group's application, infrastructural and IT security components, consistent with the strategic evolution of the operating model for the management of the latter, which, starting from 2022, is characterised by a process of progressive centralisation with the establishment of dedicated Group IT functions. The new unit operates in close coordination with the local Internal Audit Functions in identifying IT risk coverage priorities and in performing all those control activities that require specialised IT skills (participation

Report on Corporate Governance and Ownership Structure - Financial Year 2023 Courtesy translation

in local audit assignments, support in monitoring IT issues, etc.).

Net of the aforementioned organisational changes introduced in recent years and aimed at strengthening the coordination at Group level of control activities and the effectiveness of the tools available to the corporate bodies to perform their duties of supervising the overall system of internal controls and risk management, in the context of the doValue Group this system continues to be structured as follows

The primary responsibility for completeness, adequacy, functionality and reliability lies with the governing bodies, and in particular with the Board of Directors, which is responsible for the strategic planning, management, evaluation and monitoring of the overall Internal Control System, supported in this by the Risk, Related Party Transactions and Sustainability Committee. In this context, the Chief Executive Officer, by virtue of a specific delegation of authority granted by the Board of Directors, oversees the functioning of the internal control and risk management system, pursuant to Borsa Italiana's Corporate Governance Code. On the other hand, it is the task of the Board of Statutory Auditors to supervise the completeness, adequacy and functionality of the Internal Control System, ascertaining the adequacy of the corporate functions involved, the proper performance of their tasks and their adequate coordination, as well as promoting any corrective measures;
third level controls are aimed at periodically assessing the completeness, functionality, adequacy and reliability in terms of efficiency and effectiveness of the Internal Control System in relation to the nature and intensity of the risks of business needs, also identifying any violations of the organisational measures adopted by the Group. Within the framework of the Internal Control and Risk Management System outlined, the Internal Audit Functions set up at the Parent Company and the main subsidiaries (i.e. doValue Spain, doValue Greece and doValue Cyprus) are assigned the direct management of internal audit activities, with a view to third level control and in accordance with the principles and methodological standards defined at Group level, without prejudice to the powers and responsibilities of the respective Corporate Bodies.
second level controls are aimed at ensuring the proper implementation of the risk management process, verifying compliance with the limits assigned to the various operational functions, controlling the consistency of the operations of the individual production areas with the assigned risk-return objectives, as well as guaranteeing the compliance of company operations with regulations, including self-regulatory ones. The organisational structure and the perimeters of competence of the functions within the Group that are in charge of overseeing the aforesaid areas are directly influenced by the structure of the business processes implemented in the various realities that make up the Group and by the nature and relevance of the risks associated with them, as well as by the presence of specific regulatory requirements on risk governance.
first-level controls are aimed at ensuring the proper conduct of operations and are the responsibility of the corporate functions in charge of business/operational activities, which are called upon, as part of day-to-day operations, to identify, measure, monitor and mitigate risks arising from ordinary business activities in accordance with the risk management process and applicable internal procedures.

Board of Directors and Risk, Related Party Transactions and Sustainability Committee

In line with Principle XIX of the Corporate Governance Code, the guidelines of the Internal Control and Risk Management System are defined by the Board of Directors of the Parent Company in line with the strategic guidelines and risk propensity established by it. In this way, the Board ensures that the main risks are correctly identified, measured and adequately monitored, also taking into account their evolution and interaction.

During the examination of the doValue Group's 2021-2024 business plan, approved on 25 January 2022, the Parent Company's Board of Directors, therefore, positively assessed its medium-long term sustainability also in terms of the consistency of the assumptions underlying its preparation with the nature and levels of risk defined as compatible with the Group's strategic objectives, in accordance with Recommendation 1, letter c, of the Corporate Governance Code. The ongoing maintenance of these sustainability conditions is then monitored by the Board when assessing and approving the annual budget and draft annual financial statements in which the implementation of said industrial plan is manifested. In this regard, on 12 January 2024, the Board examined and approved the Group's annual budget for 2024.

Furthermore, in accordance with Principle XX of the Corporate Governance Code, the Board defines the principles concerning the coordination and information flows between the various parties involved in the internal control and risk management system, in order to maximise the efficiency of the system itself, reduce duplication of activities and ensure the effective performance of the tasks of the control body. This role takes the form of examining and approving the Internal Control System Regulations prepared with the contribution of all the players involved.

The Board of Directors evaluates and makes decisions on the internal control system and risk management with the support of the Risk, Related Party Transactions and Sustainability Committee. In implementing this prerogative, the Board of Directors of doValue, also on the basis of the favourable opinion issued by the Risk, Related Party Transactions and Sustainability Committee, approves the Regulation of the Internal Control System and any subsequent updates aimed at incorporating significant changes in its structure. In this context, the current version of the Regulation of the Internal Control System of the doValue Group in Italy, aimed at reflecting all the organisational changes related to the revision of the structure of the local control functions, following the introduction of the new Group organisation, as well as their impact on the reporting lines and the structure of information flows, was approved by the Board of Directors of doValue on 13 July 2022. To complete the governance framework of the overall internal control system, a further Regulation is currently being drafted to govern the operation of the internal control system on the perimeter of the entire doValue Group, including both the Group functions located in the Parent Company and the foreign subsidiaries.

Within the scope of its competences, the Board of Directors approves the establishment of the corporate control functions, their tasks and responsibilities, the methods of coordination and cooperation, the information flows between them and between them and the corporate bodies, appointing and revoking their heads, after consulting the Board of Statutory Auditors, on the proposal of the Risk, Related Party Transactions and Sustainability Committee, which in turn is advised by the Appointments and Remuneration Committee. To this end, the Board examines and approves,

Report on Corporate Governance and Ownership Structure - Financial Year 2023 Courtesy translation

after hearing the opinion of the Risk, Related Party Transactions and Sustainability Committee, updates to the regulations of the corporate control functions aimed at reflecting the impact of any organisational changes that have occurred on the structure and missions of these Functions.

The Board has also instructed the Chief Executive Officer to implement the guidelines defined by the Board through the design, management and monitoring of the Internal Control and Risk Management System. In this context, the Board ensures that the corporate control functions are independent and have access to all Group activities and any information relevant to the performance of their duties.

The Board of Directors periodically verifies that the organisational structure as well as the resources of the corporate control functions are qualitatively and quantitatively adequate and consistent with the Group's strategic guidelines, and defines any organisational and personnel adjustments to the Internal Audit function.

Consistent with Recommendation 33 lett. a) of the Corporate Governance Code, in order to annually assess the adequacy, effectiveness and efficiency of the Internal Control and Risk Management System, the Board of Directors, with the support of the Risk, Related Party Transactions and Sustainability Committee at its meeting of 23 March 2023, examined the reports of the heads of corporate control functions and the report of the Manager in Charge of Preparation of the Company's Financial Reports, in compliance with accounting principles and the requirements of homogeneity dictated by the preparation of the consolidated financial statements, as well as any additional information useful for monitoring corporate risks produced by the competent structures and/or the auditing company. At the end of this analysis, the Board expressed its assessment of adequacy, also on the basis of the constant monitoring carried out during the year on the timely adoption of appropriate corrective measures in the face of critical issues that emerged from the activities carried out by the corporate control functions.

In the same context, the Board of Directors approves the guidelines of the Internal Audit function, supervising their implementation, and annually approves, in line with Recommendation 33 letter c) of the Corporate Governance Code, the audit plan, after consulting the Board of Statutory Auditors and the Chief Executive Officer. In implementation of this prerogative on 23 March 2023, the doValue Board of Directors, also based on the favourable opinion issued by the Risk, Related Party Transactions and Sustainability Committee, approved the doValue Group Audit Plan 2022. Subsequently, on 21 December 2023, the same Board examined, with the support of the Risks, Related Party Transactions and Sustainability Committee, an update to this Plan, aimed at reflecting the impacts on the activities of the Functions established at the parent company doValue and the subsidiaries doValue Spain and doValue Greece arising from a temporary reduction in available resources or the need to replace certain tasks initially planned with other activities assessed as higher priority during the year. These changes, previously examined and approved by the respective Boards of Directors, were accompanied by a confirmation of the capacity of the audit activities carried out to adequately cover the main risks to which the Group is exposed.

Last but not least, the Board of Directors promotes the dissemination of a corporate culture of internal controls that enhances the corporate control functions, so that all corporate personnel are aware of the role attributed to them. To this end, the Board of Directors approved a Code of Ethics, annexed to the Organisational and Management Model

Report on Corporate Governance and Ownership Structure - Financial Year 2023 Courtesy translation

pursuant to Legislative Decree No. 231/2001, which formalises the principles that the members of corporate bodies and employees are required to comply with in the performance of their assigned duties.

Board of Auditors

The Board of Statutory Auditors monitors the completeness, adequacy and functionality of the Internal Control System as well as of the risk management and control processes, verifying the adequacy of the corporate functions involved, the proper performance of their tasks and their adequate coordination, as well as promoting any corrective actions for the shortcomings and irregularities detected.

For the same purpose, the Board of Statutory Auditors, availing itself of the company's control functions, carries out checks to ensure the regularity and legitimacy of management, participating, inter alia, in the work of the Board of Directors.

The Board of Statutory Auditors of the Parent Company operates in close relation with the corresponding bodies of the companies controlled by it and is also responsible for informing the Supervisory Authorities without delay of all acts or facts of which it becomes aware in the course of its activities, which may constitute an irregularity in the management of the Group.

According to the governance model adopted by the Group, the Parent Company's Board of Statutory Auditors is also assigned the functions of supervisory body pursuant to Legislative Decree 231/2001.

Corporate Control Functions

Following the completion of the reorganisation of the Group's internal control system carried out over the past few years, doValue's corporate control functions include the Internal Audit and Anti-Money Laundering functions reporting directly to the Internal Control Department, the Financial Reporting Officer pursuant to Law 262/05, and the Compliance & DPO, with specific reference to the role of Data Protection Officer. These functions are separate from each other and hierarchically independent of the corporate functions that perform the activities subject to their controls.

In the context of the Group's reorganisation, in some cases the establishment of Group Functions, such as the Group Internal Audit and Group AML Functions within the Group Control Office structure or the Compliance and Global DPO Function within the General Counsel Structure, had the purpose of guaranteeing the definition and implementation of common operational, methodological and reporting standards, leaving the respective local functions fully responsible for the execution of the control activities for which they are responsible. In other cases, such as the Financial Reporting Manager, this reorganisation has led to the centralisation, within the Group Function (i.e. Group Administration & Internal Control for Financial Reports), of the ultimate responsibility for governing the control process, which, to this end, avails itself of the support of local contact persons for the execution of controls within its competence. More recently, the establishment within the Group Internal Audit Department of a unit dedicated to the execution of IT audit activities throughout the Group's perimeter was also the result of the need to guarantee more effective coverage of the risks connected with the management of IT systems through the

centralisation of internal audit activities in these areas.

Internal Controls Department

The Internal Controls Department ensures the co-ordination at unitary level of risk governance - consistently with the strategic development lines of the parent company - and guarantees an ongoing summary and prospective evaluation of the adequacy of the controls implemented in the corporate processes and systems on the doValue Group's perimeter in Italy.

The Head of the Internal Control Department is appointed by the Parent Company's Board of Directors, to which he reports both hierarchically and functionally in order to ensure his full independence. As from the date of the establishment of this Department, which took place together with the Bank of Italy's approval of the application to waive the banking licence, the role of Head is held by Mr. Paolo Poncetta, who previously held the position of Head of the Internal Audit Function.

In order to pursue the objective of integrating the Internal Control System and ensure its proper functioning, the Internal Control Department, in coordination with the Group Control Office, applies a methodological approach capable of expressing a summary assessment of the internal control system through an analysis of the risks inherent in the company's activities and the corresponding organisational and control measures.

With a view to ensuring the centralised supervision and coordination of control activities as well as the planning and execution of audits, in addition to providing guidelines for risk management, the Internal Audit Function and the Anti-Money Laundering Function are placed under the direct control of the Head of the Control Department, and are designed to oversee respectively

the adequacy, functionality, reliability and conformity of the company's business and support processes and the adequacy of the organisational, administrative and accounting structure;
the risk of money laundering and terrorist financing.

The Head of the Internal Control Department also acts as Secretary of the Internal Control System Coordination Committee.

Internal Audit Function

In the context of the centralised organisational model adopted by the Group in Italy, the Internal Audit function established at the Parent Company performs the role of internal audit function on behalf of both the Parent Company and the Italian subsidiaries and ensures a constant, independent and objective assessment of the overall internal control system, so that its purpose is guaranteed and the improvement of the organisation's effectiveness and efficiency is pursued.

In particular, the function is in charge of ensuring, with a view to third level controls, including through on-site checks, a surveillance action on the regular performance of the Parent Company's and subsidiaries' operations and processes with the aim of preventing or detecting the occurrence of anomalous and risky behaviours or situations. It also assesses the completeness, adequacy, functionality and reliability of the organisational structure and other components of the

internal control system, the risk management process and other corporate processes. As part of its verification activities, the function also assesses the effectiveness of the procedural and control framework put in place to safeguard the accuracy, reliability and timeliness of financial reporting, including the verification activities carried out by the Manager in Charge of Preparation of Financial Reports, their outcomes and the methodology used by him. The function therefore brings to the attention of the corporate bodies the results of the activity performed and possible improvements, to the risk management process, the instruments for measuring and controlling them and the internal organisational measures in force.

As part of the reorganisation process of doValue's internal control system following the debanking process, the Department's responsibilities were also extended to the performance of checks on the compliance of corporate processes of a legal or regulatory nature (e.g. market abuse, privacy, usury, complaints, health and safety in the workplace, etc.), pertaining to the Group's non-supervised companies in Italy, with the external reference legislation applicable from time to time.

As of September 2023, the Function will make use of the operational support and technical expertise of the Group IT Audit unit, set up within the Group Internal Audit Function, for the performance of IT audit activities.

The Function communicates directly to the structures concerned the results of the checks and assessments carried out. In any case, a connection is ensured between it and the Chief Executive Officer of the Parent Company through adequate information flows and the Management Committee for the Coordination of the Internal Control System, which has the task of addressing, in a coordinated and structured manner, issues relating to the proper functioning of the Internal Control System and the related remedial plans, as well as those relating to risk management and monitoring. The Function also has direct access to the Board of Auditors and communicates with it without restrictions or intermediation.

In general terms, the function works to ensure support for top management in promoting and disseminating an adequate and solid control culture within the Group.

From an organisational point of view, the Internal Audit Function is permanent and independent and has the authority, resources and expertise necessary to perform the tasks assigned to it.

The Internal Audit Function is in fact equipped with adequate personnel, in terms of number and technical-professional skills, who are the recipients of continuous training programmes. Moreover, it has economic resources that can be activated autonomously, including the use of external consultants.

The Internal Audit Function has free access to all activities - including outsourced activities - to all Group company premises, both at central offices and at peripheral structures, to internal rules and procedures, information systems, management data and any other data, as well as freedom to conduct interviews with personnel, both of the Parent Company and of the subsidiaries, unless otherwise provided for by law.

In line with its mission and without compromising its independence, the Internal Audit function participates, where required, in an advisory role in corporate working groups on project issues (e.g. new products, channels, systems, processes, etc.), also in order to contribute to the correct design of the control system. Finally, it sees to the adoption

of initiatives aimed at facilitating the coordination and exchange of information with the other corporate control functions in order to ensure a unified and integrated vision of the internal control system.

Within the context of the overall doValue Group, Internal Audit Functions are also established at the main foreign subsidiaries (i.e. doValue Spain, doValue Greece and doValue Cyprus). These functions comply with all the requirements mentioned above with reference to the function of the parent company doValue; their unitary coordination, including the same parent company function, is ensured through functional reporting lines to the Group Internal Audit Function, which is responsible for supervising the punctual application of the common methodological principles adopted.

Anti-Money Laundering Function

Although in the context of a centralised governance model of the regulatory and methodological framework aimed at the prevention of money laundering, in line with the dictates of the Fifth Community Directive on the subject, the organisational model adopted by the doValue Group envisages the presence of AML Functions at the Parent Company and at the other subsidiaries subject to the sector regulations issued by the respective national supervisory authorities. In this context, therefore, the Group AML Function located at the parent company, with the support of the doValue Anti-Money Laundering Function, is responsible for defining common standards for the management of money laundering risk at the level of the entire Group, as well as for supervising and monitoring the consistent adoption of these standards by its various components.

The following is a more detailed illustration of this organisational and governance model in which doValue's Anti-Money Laundering Function is embedded.

Strategic decisions at Group level concerning the management of the risk of money laundering and terrorist financing are referred to the Corporate Bodies of the Parent Company. The corporate bodies of the other companies belonging to the Group are each responsible, according to their competencies, for the implementation within their own company of the money laundering and terrorist financing risk management strategies and policies defined by the Parent Company.

The Group AML Function and doValue's Anti-Money Laundering Function identify, in coordination with the Anti-Money Laundering Functions located at the subsidiaries, the organisational solutions suitable for ensuring compliance with the applicable provisions in relation to the various areas of operations and supervise so that risk management takes into account all the elements of evaluation and measurement in the possession of the individual companies.

They also ensure that procedures at Italian subsidiaries and Group companies based in non-EU countries are aligned with Group standards and allow information to be shared internally. In this regard, a Group AML Policy was issued in the last quarter of 2021, which, following the approval of the Parent Company's Board of Directors, after hearing the opinion of the Risk, Related Party Transactions and Sustainability Committee, was implemented by the Boards of Directors of all the subsidiaries in various capacities subject to AML regulations.

The doValue Anti-Money Laundering Function, although organisationally placed under the Internal Control

Department, functionally reports to the Chief Executive Officer of the parent company and to the Group AML Function and has direct access to the Board of Directors and the Board of Auditors. It therefore constitutes a permanent and independent structure that has the authority, resources and skills necessary to perform its tasks. The Head is appointed by the Parent Company's Board of Directors, after consulting the Board of Statutory Auditors, after verifying that the latter meets the regulatory requirements.

The Function verifies on an ongoing basis that the company's procedures are consistent with the objective of preventing and countering the violation of anti-money laundering rules. To this end, the Function ensures:

identify the applicable standards and assess their impact on internal processes and procedures;
collaborating in the identification of the system of internal controls and procedures aimed at preventing and combating money laundering and terrorist financing risks;
verify on an ongoing basis the adequacy of the money laundering risk management process and the suitability of the system of internal controls and procedures, and propose organisational and procedural changes to ensure that money laundering risks are adequately controlled;
performing second-level checks and defining appropriate corrective actions to be put in place for the mitigation of the risk of money laundering and terrorist financing;
carrying out advisory, assistance and support activities for operational structures;
collaborating in the definition of money laundering risk governance policies and the various stages of the money laundering risk management process;
conduct , in liaison with the other corporate functions concerned and the Anti-Money Laundering Functions set up in the other Italian and foreign subsidiaries, the annual self-assessment exercise of the money laundering risks to which the recipient is exposed;
verify the reliability of the information system for the fulfilment of customer due diligence, data retention and suspicious transaction reporting obligations;
maintaining, in liaison with the other corporate functions responsible for training, the preparation of an adequate training plan, aimed at achieving continuous staff training;
-immediately informing the corporate bodies of significant violations or deficiencies encountered in the performance of their duties, as well as preparing regular information flows to the corporate bodies and top management;
manage relations with the FIU, the MEF and the Supervisory Authorities.
The Anti-Money Laundering Function performs the following activities with regard to customer due diligence:
Defining the requirements for tools supporting due diligence and customer profiling processes;
support in enhanced verification activities concerning the opening of a new relationship, the execution of an occasional transaction or the maintenance of an existing relationship, according to defined rules;
verification of the enhanced verification process conducted by line structures and its outcomes.

With reference to the reporting of suspicious transactions, the Anti-Money Laundering Function, also through the

Delegate for the Assessment and Transmission of Suspicious Transaction Reports ("SOS Delegate"), carries out the following activities:

advising operational structures on the fulfilment of obligations relating to the preparation of suspicious transaction reports and the possible abstention from carrying out transactions;
Assessment of suspicious transaction reports and transmission to the FIU of reports found to be wellfounded;
communication, in the defined organisational manner, of the outcome of its assessment to the head of the dependency that gave rise to the report;
dialogue with the FIU and management of any requests for further investigation received from the competent authorities, including the judicial authorities.

The responsibility and duties of the Function are assigned to the Anti-Money Laundering Manager, a role held in 2023, together with that of Head of the Group AML Function, by Ms. Elisa Francesconi, who meets the following requirements:

is placed in an appropriate hierarchical-functional position; in particular, it reports functionally to the Chief Executive Officer of the Parent Company;
is independent, authoritative and appropriately professional;
does not have direct responsibility for operational areas subject to control, nor is he hierarchically subordinate to the heads of those areas;
reports directly to the corporate bodies; in particular, the Head of the Anti-Money Laundering Function has direct access to the Board of Directors and the Board of Statutory Auditors of doValue and communicates with them without restrictions or intermediation.

The Anti-Money Laundering Officer is also assigned the role of SOS Delegate for doValue pursuant to Article 36, paragraph 6, of Legislative Decree 231/2007, by virtue of a specific delegation of authority from the Board of Directors. The role and responsibilities of the SOS Delegate have been suitably formalised and communicated to all the structures concerned.

Function Compliance & Global DPO / Compliance & DPO

*****

As part of the Internal Control System, Compliance & Global DPO reports hierarchically to the Group's General Counsel and is responsible for the proper control of the Group's non-compliance risk as well as for coordinating the local compliance units located in the Group's various legal entities.

It is the task of the Compliance & Global DPO to define the Group's compliance framework through the following activities:

monitoring of external regulations applicable to its various components;
advising and supporting operational and business structures in evaluating the actions necessary to ensure ongoing compliance with the requirements in force at the time;

supporting staff training to ensure the dissemination of a corporate culture based on the principles of honesty, fairness and respect for company rules;
provision of adequate information flows, in relation to the activities carried out in the area of noncompliance risk management.

The structure also ensures all activities aimed at guaranteeing the correct application of certain regulations deriving from Consob regulations, applicable to the Parent Company as an issuer of shares listed on the electronic share market organised and managed by Borsa Italiana S.p.A., ensuring centralised management of the main obligations deriving from the same regulations (such as, for example, the management of transactions with related parties and the management of privileged information).

Finally, within the Compliance & Global DPO, the responsibility for which is assigned to Ms Isabella Ferri, the following 'control headmasters' within the meaning of the SNI are identified:

Group Data Protection Officer (DPO);
Compliance function for the prevention of corruption.

The implementation of the compliance framework within the company is ensured by the local Compliance & DPO structure, reporting directly to the Head of Legal, which is responsible for managing the risk of non-compliance for the perimeter of regulations applicable to doValue.

Within the Compliance & DPO structure, there is the local data protection officer who acts as DPO Local, as well as the anti-corruption officer who provides operational support to the Group Compliance Function for anti-corruption risk management in doValue.

* * *

The respective data protection and anti-corruption frameworks are explained below.

The Group's current data protection framework, reflected in the Group Data Protection Policy, approved by the doValue Board of Directors on 17.12.2020, regulates:

the Group's privacy organisational model and the tasks and responsibilities attributed to it with regard to the management of personal data of data subjects, especially with a view to integrating subsidiaries into the framework;
personal data management model through which the requirements of the GDPR are outlined for proper governance of personal data processing within the Group;
Group-wide common DPO control framework reflected in the Group DPO Regulation approved by the doValue Board of Directors on 17.12.2020.

In the area of oversight roles, with particular reference to the role of the DPO, the Group's privacy organisational model provides for the appointment of a Global DPO operating at the parent company (doValue S.p.A.) while, at the level of individual local legal entities, the appointment of a Local DPO is envisaged (where the regulatory requirements are met).

Within doValue's Internal Control System, the figure of the DPO is framed as a third-level control function. Within this scope, in fact, the roles and responsibilities of the Internal Audit and the DPO are defined as follows: i) as for the

DPO, it has the task of carrying out independent monitoring of the level of risk for the rights and freedoms of the persons concerned; ii) as for the Internal Audit Function, it has the task of carrying out overall monitoring of the risks to which the company processes are exposed in relation to data protection. These functions interact and report directly with the Company's Board of Directors.

In accordance with the principle of accountability, the assessment of the need to appoint the Local DPO pursuant to Article 37 GDPR is the responsibility of the legal entity itself, after sharing the relevant assessments with the Global DPO, who may provide an opinion on the matter to support the company, the Data Controller, in the decision.

In order to ensure that the DPO is easily accessible locally, each company, after assessing the existence of the prerequisites set forth in Article 37 GDPR regarding the mandatory designation of a DPO, appoints a Local DPO. Currently, doValue's DPO is located within the Local Compliance & DPO function and reports hierarchically to the Legal function and functionally to the Board of Directors representing the Data Controller.

By virtue of specific intragroup outsourcing agreements, the DPO of doValue holds this role also for the other Italian legal entities of the Group (doNext and doData), consistently with the privacy organisational model adopted by the Group, which provides for the possibility of outsourcing the role of DPO both within the Group and to third parties. In the event of outsourcing, a Data Protection Correspondent will be appointed at the company, an optional figure to support the local DPO in the operational management of data protection issues.

The Local DPO independently fulfils all the obligations set forth in Article 39 of the GDPR. In addition, the Local DPO must perform his or her duties within the local unit of reference, taking into account the guidelines provided by the Gobal DPO, who must be constantly updated on processing activities carried out locally.

In particular, the Local DPO performs the following activities:

informing and advising the data controller/data manager as well as the employees carrying out the processing about the obligations under local data protection legislation;
supervise compliance with the requirements of the European Regulation and other European and national laws on the protection of personal data, as well as with this Regulation and internal regulations on the processing of personal data, including the assignment of responsibilities, awareness and training of personnel involved in processing and related control activities. To this end, it prepares an annual plan of control activities that it submits to the Company's Board of Directors, after sharing it with the Global DPO (the DPO Local Plan);
Provide an opinion on and evaluate processing activities that have an impact on the rights and freedoms of Data Subjects. In addition, recommend and assist in carrying out a data protection impact assessment for activities that present a high risk for the rights and freedoms of Data Subjects;
supporting the People function in training staff on data protection issues;
cooperating and acting as a contact for the supervisory authority in matters related to the processing of personal data within the subsidiary;
to act as a contact for Data Subjects on all matters concerning the processing of their personal data and the exercise of their rights;

in the event of a personal data breach, pursuant to Article 33 GDPR, assist the Data Controller, who must report the incident to the supervisory authority within 72 hours of becoming aware of it;
Prepare reports on the surveillance activities carried out, functional to the management of the risk for the rights and freedoms of the Interested Parties, for all corporate governance and control bodies (Board of Directors, Supervisory Board);
provide a report to the Global DPO on the findings of monitoring activities carried out locally, on any local data breaches or data subject complaints that could have a material impact on the Group, or on any inspections by the Data Protection Authority;
supervise the implementation of Group policies and regulations.

On the other hand, the DPO Global mainly has the task of coordinating data protection activities and receiving information flows from local DPOs regarding monitoring activities carried out locally, local data breaches or complaints from data subjects, inspections by local authorities and consequently reporting to the doValue Board of Directors. Limited to any processing carried out at corporate level, the Global DPO also performs tasks of monitoring processing activities, acting as a focal point for authorities and stakeholders involved in data processing activities, and providing information and advice.

The Head of Compliance & Global DPO, Ms. Isabella Ferri, takes over the role of Global and Local DPO of doValue as of 17.12.2020.

As Global DPO, he is placed within the Compliance & Global DPO function and reports hierarchically to the General Counsel and functionally to the Board of Directors representing the Data Controller.

As DPO Local of doValue, he is placed within the Country Compliance & DPO function and reports hierarchically to the Head of Legal and functionally to the Board of Directors, which represents the Data Controller; he has a coordinating information flow to the DPO Global.

It should also be noted that doValue's Global and Local DPO has adequate professional qualifications; he/she has no direct responsibility for operational areas subject to control, nor is he/she hierarchically subordinate to the heads of those areas.

The DPO Local of doValue is also outsourced the role of DPO Local of the Italian subsidiaries (Italfondiario and doData), consistently with the privacy organisational model adopted, which provides for the possibility under Article 37(2) of the GDPR to appoint a single DPO 'provided that he/she is easily accessible from each establishment'.

Conversely, foreign subsidiaries have appointed an independent Local DPO to be easily accessible from their local offices.

Formally, each legal entity (as data controller) has formalised the appointment of the DPO by resolution of the Board of Directors (or other equivalent administrative body) of each company.

* * *

The Group's anti-corruption framework finds expression in the Policy for the Prevention of Corruption of doValue S.p.A. and the Group, approved, in its second draft, by the Board of Directors of doValue S.p.A. on 21/08122023, which defines the System for the Prevention of Corruption adopted by doValue for the purpose of mitigating and

managing the risk of corruption of the Group.

doValue S.p.A. on 02 November 2022 obtained a certificate from Bureau Veritas Italia S.p.A. stating that the organisation's Management System was assessed and found to be compliant with the requirements of the ISO 37001:16 management system standard.

Obtaining certification was the culmination of a journey that began in 2021 with a project to revise the Group's anticorruption framework, following the evolution of the Group's corporate/organisational model, the extension of its geographical scope and with respect to the applicable reference legislation.

In October 2023, the Iso 37001 Certification was confirmed after the annual maintenance audit.

doValue's ISO 37001 System described in the Policy, , is detailed within an internal procedure - Procedure for the Implementation of the Management System for the Prevention of Corruption in Accordance with the ISO 37001:2016 Standard - recently updated by the Managing Director on 21 December 2023, the purpose of which is to

defining the operating procedures for the proper implementation of the Corruption Risk Management System in business processes, pursuant to the ISO 37001 Standard and consistent with the aforementioned Policy (the 'Management System');
Identify Roles and Responsibilities of the main structures involved in the management of the System and risks through dedicated controls, as well as the system of related information flows.

The document is currently applicable only to doValue (Legal Entity subject to certification), however, Subsidiaries are also involved, which, as 'Business Associates' under ISO 37001, contribute to the implementation and maintenance of the System. To this end, specific information flows and control activities of the Subsidiaries are identified.

The Management System consists of:

· Internal and External Organisational Context;
· Scope of application;
· Risk Assessment;
· Planning and execution of controls;
· Information Flows;
· Review.

The Anti-Corruption Control System, consistent with the Group's Internal Control System ('ICS'), consists of three lines of defence:

first-level controls carried out by the operational structures and ensured through internal procedures or IT systems; this also includes the Due Diligence described below;
second-level controls carried out by the Compliance function for the prevention of corruption aimed at ensuring the adequacy of the Management System, mainly through the coordination of Risk Assessments, consultancy support in the definition of regulatory and control safeguards, as well as through specific Due Diligence controls, i.e. through the monitoring of flows pursuant to Law 262/2005 and Legislative Decree 231/01 based on the financial and non-financial controls listed below;
third-level controls performed by Internal Audit on the basis of a three-year planning cycle and risk-based

prioritisation, aimed at verifying the adequacy of the internal control system.

The following new controls are introduced in the above-mentioned System of Controls:

Due Diligence: Due diligence activities are aimed at gathering information in relation to parties (including internal) with whom the Group intends to do business/operates, to verify their reputation and to ensure their compliance with the principles set out in the Corruption Prevention Policy and this document. Due diligence, as a first level control, is conducted for all those relationships and operations whose corruption risk is above the low level. doValue applies the Due Diligence process, in respect of:
- Subsidiaries;
- Clients;
- Suppliers of goods or services;
- External Professionals;
- Human Resources.
Financial controls: The process is aimed at verifying whether the organisation's current processes for managing and recording financial transactions are carried out in an accurate, complete and timely manner. All in full compliance with potential corruption prevention risks. These are second and third level controls.
Non-financial controls: The controls are aimed at verifying compliance with the ISO 37001 Standard of nonfinancial processes related to procurement, contracting, and operational and commercial aspects. These are second and third level controls.

The ISO 37001:16 standard also provides for a Management System Review, aimed at annually reassessing the adequacy and effectiveness of the System, as well as new opportunities for improvement and/or mitigation actions to address any general deficiencies related to the elements of the System.

The Review was approved by the Board of Directors on 23 March 2023 and was drawn up on the basis of the evidence gathered and processed by the Compliance Function for the prevention of corruption and by the Top Management (identified in the Chief Executive Officer pursuant to the Policy) within the scope of their responsibilities, formalised respectively in the following documents:

Compliance Function Review > A document in which the Compliance Function, on the basis of the controls performed, assesses whether the System is adequate to effectively manage the corruption risks to which the organisation is subject and is implemented effectively.
Top Management Review > A document in which top management (identified as the CEO) analyses the System to ensure its continuing suitability, adequacy and effectiveness.
Governing Body Review > A document in which the Governing Body (i.e. the Board of Directors) acknowledges the evidence of the Compliance Function and Top Management Review and approves the annual programme of activities aimed at ensuring the maintenance of certification and strengthening the corruption risk management measures.

In December 2023, a new project was completed, which included, among other activities, the integration of the doValue 231 Risk Assessment Framework with the Anti-Corruption Risk Assessment Framework; as well as the

evolution of the control system and implementation of Key Anti-Corruption Risk Indicators, according to synergy and rationalisation logics;

Other Corporate Functions with Control Tasks

As already illustrated in the introduction to this chapter, the structure of the additional functions in charge of managing and monitoring the main corporate risks within the overall doValue Group is directly influenced by the structure of the business processes implemented in the various entities that comprise it and by the nature and relevance of the risks associated with them, as well as by the presence of specific regulatory requirements on risk governance.

In the context of the Parent Company, the O.U. Compliance & DPO and the Enterprise Risk Management Function fall within the perimeter of the Corporate Functions involved in the management of the system of internal controls to monitor specific regulatory/risk areas. In fact, the Operational Risk Management O.U., previously responsible for managing and monitoring local operational risks, was incorporated into the latter Group Function.

O.U. Enterprise Risk Management

On 4 July 2022, the Enterprise Risk Management Function (hereinafter also referred to as 'ERM') was established, whose mission is to ensure integrated risk management across the Group, acting as a facilitator of business growth and development through the identification, measurement and management of potential risks that may affect the Group.

The Enterprise Risk Management function reports at Group level to the 'Group Organisation & Enterprise Risk Management' area, which in turn reports directly to the General Manager Corporate Functions.

As part of the establishment of ERM at Group level, it was decided to merge the former Operational Risk Management unit existing in Italy into ERM, thus ensuring synergies in terms of both processes and activities and related results.

At the same time and in order to guarantee constant and adequate supervision at Country Italy level, the organisational position of Focal Point for Risk Management activities was established within the Operations Department, which guarantees, also through the collaboration and operational support of the Group's ERM function, the constant monitoring and proactive management of risks connected to business and support processes and their possible impact in terms of provisions and losses with a specific focus on Country Italy.

From the perspective of ERM's key organisational responsibilities, they are listed and described below:

to ensure a risk-informed approach, i.e. to provide information to doValue's management and Board of Directors in order to support the decision-making process, based not only on expected performance but also on the underlying risk profile
ensure integrated monitoring for potentially applicable risk categories at Group level, in line with the second level control model
defining a common Group-wide framework for identifying, assessing, measuring and monitoring risks, linking strategies, policies, processes and operational mechanisms and receiving information flows from local 'Risk Management' functions and other functions where necessary and consistent with 'first-level risk ownership

identify and assess the risks associated with the group's main initiatives and identify potential events that may affect the group-wide business
ensure Group-wide monitoring, analysis and reporting on risk evolution, related mitigation actions, the overall risk profile and compliance with predefined risk tolerance thresholds
define and carry out the group risk assessment, in order to ensure the identification of the group's risk profile
support the evaluation of strategic options (e.g. investments, new markets, new products/services, new partnerships, etc.)
support the monitoring of risk provisions in the Group-wide financial statements in cooperation with Group Finance and Group Legal

Listed below are the four risk categories that have been identified for the doValue Group and whose analysis and consequent monitoring was initiated during 2022. The ERM function produces a Tableau de Bord every quarter, which is discussed and shared with Top Management, the Board of Statutory Auditors and the Risk Committee and, on a half-yearly basis, with the Board of Directors.

External risks consist of those external elements that may affect the achievement of strategic objectives due to political, economic, social, technological, environmental and legal (external) changes. They are beyond the Group's control and can have an adverse effect on the Group's business and assets. The objective of risk management is to monitor these risks and seek to mitigate the impact if they occur.
Strategic risks are characteristic of the business sector and/or are closely linked to doValue's strategic decisions. In this case the objective is to monitor the objectives and the evolution of the Business Plan, through close interaction with both Top Management and the functions of Group Investor Relator and Group Finance
Financial risks are risks related to the availability of capital, credit and liquidity management and/or related to the volatility of the main market variables; for this type of risk, risk management activities are aimed at measuring and monitoring the risk, in line with the limits and any mitigation actions defined and identified in partnership with Group Finance.
Operational, legal and reputational risks include risks generated by the inadequacy or malfunctioning of internal processes and systems, as well as 'errors' attributable to human activity in the performance of processes. The objective is to seek to mitigate the potential impact and/or likelihood, from a cost/benefit perspective in line with the thresholds defined for each risk subject to monitoring and reporting. As regards operational risk, the risks identified are Transactional and Process Risk, Conduct Risk, External Fraud, ICT Risk, Outsourcing, and Supplier Risk.

Finally, a system of information flows from the Group and Local functions has been implemented, relating to all risk categories, which are merged in order to create an overview of the risks monitored at Group level.

9.0 CHIEF EXECUTIVE OFFICER

Without prejudice to the competence of the Board of Directors in relation to the establishment of the corporate control functions and the definition of the relative roles and responsibilities, the Board of Directors of doValue, in accordance with Recommendation 32 letter b) of the Corporate Governance Code, has entrusted the Chief Executive Officer in office until 28 April 2023, Dr. Andrea Mangoni, and the Chief Executive Officer Dr. Manuela Franchi in office since 29 April 2023, with the function of supervising the functionality of the internal control and risk management system, assigning him the role of director in charge of supervising the internal control and risk management system, and assigning him the role of director in charge of supervising the functionality of the internal control and risk management system. Andrea Mangoni and to the Chief Executive Officer Dr. Manuela Franchi in office as from 29 April 2023 the role of director in charge of supervising the functions of the internal control and risk management system, assigning him the following main responsibilities, in line with the provisions of Recommendation 34 of the Corporate Governance Code:

take care of the identification of the main corporate risks, taking into account the characteristics of the activities carried out by the Issuer and its subsidiaries, and submit them periodically to the examination of the Board of Directors;
implement the strategic guidelines defined by the Board of Directors, overseeing the design, implementation and management of the Internal Control and Risk Management System and constantly verifying its adequacy and effectiveness;
adapt the Internal Control System to the dynamics of the operating conditions and the legislative and regulatory landscape;
entrusting the Internal Audit Function with the performance of checks on specific operational areas and on compliance with internal rules and procedures in the execution of corporate transactions, simultaneously notifying the Chairman of the Board of Directors, the Chairman of the Risk, Related Party Transactions and Sustainability Committee and the Chairman of the Board of Statutory Auditors;

• promptly report to the Risk, Related Party Transactions and Sustainability Committee on problems and critical issues that have emerged in the course of its activities or of which it has otherwise become aware, so that the Committee can take the appropriate initiatives.

In the performance of his function, the Chief Executive Officer is assisted by the Management Committee for the Coordination of the Internal Control System, of which he is Chairman, and which is attended, as permanent members, by the head of the Internal Control Department, the heads of the control and other corporate functions with control duties and, as invited guests, the heads of other business or support functions who, from time to time, are called upon to discuss specific issues. Within the aforesaid committee, issues concerning the proper functioning of the Internal Control System and related remedial plans, as well as those relating to risk management and monitoring, are addressed in a coordinated and structured manner.

Also by participating in this committee and analysing the relevant information flows, the Chief Executive Officer acquires the information necessary to

ensure the alignment of the organisation and the Internal Control System with the principles and requirements of the regulations in force;
Continuously verify the effective management of overall corporate risks and the adequacy, effectiveness and efficiency of related controls;
formulating proposals aimed at supplementing the annual plans of the corporate control functions, also by requesting verification activities on specific operational or risk areas, as well as supervising their actual implementation during the year.

In fulfilment of his mandate and consistent with the aforementioned Recommendation 34 of the Corporate Governance Code, the Chief Executive Officer, therefore:

ensures the effective management of risks in their various components, drawing up appropriate policies and procedures to be observed within the Company, ensuring that the necessary corrective actions are taken in the event of violations, and outlining information flows aimed at guaranteeing that the competent corporate bodies are fully aware of how risks are managed;
implements the initiatives necessary to continuously ensure the completeness, adequacy, functionality and reliability of the system of internal controls and brings the results of the checks carried out to the attention of the Risk, Related Party Transactions and Sustainability Committee and the Board of Directors, preparing and implementing the necessary corrective or adjustment measures in the event of deficiencies or anomalies emerging, as well as following changes in the legislative or regulatory framework or the introduction of new activities, services and relevant processes;
ensures the Risk, Related-Party Transactions and Sustainability Committee and the Board of Directors an effective and constant dialectical comparison, also by availing itself of the cooperation of the corporate structures that report to it as the top of the internal structure, in order to allow it to verify over time the choices and decisions taken by it on the subject of the internal control and risk management system.

During 2023, based on information flows received from the various control functions, the Chief Executive Officer analysed and discussed the following main issues:

main findings of the audit activities carried out in 2022 and reported in the annual reports of the corporate control functions;
risk assessments underlying the preparation of the Group's internal control system audit plans for 2023;
state of progress of the verification activities planned in 2023 and any changes to be made to these plans, main critical issues that emerged from these verifications as well as from the quarterly monitoring activities of the action plans aimed at resolving outstanding issues.

9.1 CONTROL AND RISK COMMITTEE

Composition and functioning of the control and risk committee (pursuant to Article 123-bis(2)(d) TUF)

As of the date of this report, the Risk, Related Party Transactions and Sustainability Committee was composed of the non-executive directors:

Cristina Finocchi Mahne - President (independent);

Giovanni Battista Dagnino - Member (independent);

Roberta Neri - Member (independent).

The composition of the Committee was confirmed following the Board resolution of 3 May 2022, following the appointment of Prof. Cristina Finocchi Mahne, co-opted on 4 August 2021, by the Shareholders' Meeting held on 28 April 2022.

The three members of the Committee, all independent, were found to have extensive experience and knowledge in the areas of risk management, financial services and sustainability (ESG) and social responsibility. In line with the indications of the new Code, the Committee as a whole has expertise in the sectors in which the Company operates, deemed adequate by the Board of Directors and the Appointments and Remuneration Committee.

In cases of related party transactions submitted to the Committee, it met in the composition of independents as provided for by the Consob 'Related Party Transaction Regulation', as well as by the specific Group Policy.

The Committee was assigned specific functions in the area of sustainability and was renamed the Risk, Related Party Transactions and Sustainability Committee.

The Committee is governed by a special Regulation - updated on 16 December 2021 and published on the doValue website at https://www.doValue.it/it/governance/comitati-endoconsiliari - which determines its powers and regulates its operation.

The Committee has specific and adequate resources to perform its functions and may make use of external experts, involving, where necessary, the competent corporate functions.

The Risk, Related Party Transactions and Sustainability Committee met 12 times in 2023 and the average duration of the meetings, all of which were duly minuted, was approximately 2 hours and 30 minutes.

During 2023, the Committee carried out its activities and collaborated with the Board of Directors; at the invitation of the Chairman, also informing the Chief Executive Officer, some executives of the Company attended the meetings, in

relation to specific items on the agenda. All the members of the Board of Statutory Auditors normally took part in the meetings and work of the Committee.

The Risk, Related-Party Transactions and Sustainability Committee set the schedule of its meetings for the year 2024, scheduling 11 meetings (of which 6 have already been held).

Functions assigned to the Audit and Risk Committee

The Risk, Related Party Transactions and Sustainability Committee, in fulfilling its functions as a proposing body, supports the Board of Directors in matters of risks and the internal control system, remuneration and incentives, conflicts of interest, related party transactions and sustainability. In particular:

A) RISKS AND THE SYSTEM OF INTERNAL CONTROLS

With regard to risks and the internal control system in accordance with the provisions of the Corporate Governance Code, the Committee:

a) It supports the Board of Directors in evaluations and decisions relating to the internal control and risk management system and the approval of periodic financial and non-financial reports;
b) examines in advance the activity programmes (including the audit plan) and periodic reports prepared at consolidated level by the Corporate Functions with specific tasks in the area of internal control and risk management, addressed to the Board of Directors;
c) assesses, having consulted the Manager in charge of preparing the Company's financial reports, the statutory auditor and the Board of Statutory Auditors of the Company, the homogeneity and correct use of the accounting principles for the preparation of the Company's consolidated and statutory financial statements;
d) expresses its opinion to the Board of Directors in this respect:
- proposals concerning the appointment, revocation and, consistently with corporate policies, the definition of the fixed and variable remuneration structure of the Internal Audit Manager, as well as the adequacy of the resources assigned to the latter for the performance of his duties;
- the definition of the guidelines of the internal control and risk management system, consistent with the company's strategies, so that the main risks pertaining to the company and its subsidiaries are correctly identified, as well as adequately measured, managed and monitored, and the determination of the degree of compatibility of these risks with a management of the company consistent with the identified strategic objectives;
- assessing, at least once a year, the adequacy of the internal control and risk management system with respect to the characteristics of the business and the risk profile assumed, as well as its effectiveness;
- approval, at least once a year, of the work plan prepared by the Head of Internal Audit, after consulting the Board of Statutory Auditors and the Managing Director;
- the assignment of the supervisory functions pursuant to Article 6(1)(b) of Legislative Decree No. 231/2001 to the Board of Statutory Auditors or to a specially constituted body;
- a description, within the report on corporate governance, of the main features of the internal control and risk management system and of the methods of coordination between the subjects involved in it,

indicating the models and national and international best practices of reference, expressing its assessment on the adequacy of the same and the choices made regarding the composition of the supervisory body;

the assessment, in consultation with the Board of Auditors, of the results set out by the statutory auditor in the letter of suggestions, if any, and in the additional report addressed to the Board of Auditors;
the appointment and dismissal of not only the Head of Internal Audit, but also the Head of AML and the Head of Internal Controls to be appointed by the Board of Directors, after consulting the Company's Board of Auditors;
assessing the appropriateness of adopting measures to ensure the effectiveness and impartial judgement of the other corporate functions - in addition to Internal Audit and AML - involved in controls (such as the risk management and legal and non-compliance risk monitoring functions), verifying that they are endowed with adequate professionalism and resources;
e) expresses opinions on specific aspects relating to the identification of the main corporate risks, including in its assessments all risks that may be relevant in view of sustainability in the medium to long term;
f) examines the periodic reports, concerning the evaluation of the internal control and risk management system, and those of particular relevance prepared by the Internal Audit function;
g) monitors the autonomy, adequacy, effectiveness and efficiency of the Internal Audit function;
h) requests the Internal Audit function, where it deems it necessary or appropriate, to carry out targeted audits on specific operational areas and/or processes and activities, simultaneously notifying the Chairman of the Board of Auditors;
i) reports to the Board of Directors, at least every six months, on the occasion of the approval of the annual and semi-annual financial report, on the activities carried out as well as on the adequacy of the internal control and risk management system;
j) supports the Board of Directors' assessments and decisions relating to the management of risks arising from prejudicial facts of which the Board of Directors has become aware, by means of an appropriate preliminary activity;
k) assesses the suitability of periodic financial and non-financial information to fairly represent the company's business model, strategies, the impact of its activities and the performance achieved;
l) examines the content of periodic non-financial information relevant to the internal control and risk management system so that it is correctly identified, as well as adequately measured, managed and monitored;
m) assesses and advises the Board of Directors on the economic and financial sustainability and soundness of the bonus pool allocated in the budget and/or revised during the year.
B) SUSTAINABILITY

The Committee performs investigative, propositional and advisory functions vis-à-vis the Board of Directors

with regard to the sustainability of corporate policies and its dynamics of interaction with all stakeholders. In particular:

a) monitors the alignment of the corporate governance system with legal provisions, the Recommendations of the Corporate Governance Code and national and international best practices in the analysis of issues relevant to the generation, in the long term, of economic - financial value and social and environmental value for shareholders and all other stakeholders, making proposals to the Board of Directors;
b) promotes the dissemination of a culture of sustainability to all its stakeholders: employees, shareholders, customers and suppliers;
c) examines the guidelines of the sustainability plan and the Company's policies on human rights, business ethics and integrity, diversity and inclusion, as well as the policies for integrating environmental, social and governance issues into the business model, and the initiatives undertaken by the Company to address climate change issues and related reporting;
d) examines and supervises the guidelines, objectives, and consequent processes, of sustainability and the sustainability reporting submitted annually to the Board of Directors, i.e. the non-financial disclosure pursuant to Legislative Decree 254/2016 (the "Consolidated Non-Financial Statement") of the Group, including the materiality analysis and related stakeholder engagement activities, assessing its completeness and reliability, based on the requirements of Legislative Decree 254/2016;
e) supports the Board of Directors' assessments and decisions regarding the approval of disclosures on risks, generated or suffered, related to socio-environmental issues arising from the company's activities, services or business relationships, including supply chains and subcontracting, as required by Legislative Decree 254/2016;
f) expresses, at the request of the Board of Directors or the Managing Director, opinions on sustainability issues;
g) examines the company's for-profit and non-profit strategy and sustainable finance initiatives;
h) It oversees the evolution of sustainability also in the light of new regulations and international principles on the subject, monitoring the Company's positioning with respect to the financial markets on sustainability issues, with particular reference to the Company's position in ESG indices, as well as international environmental, social and governance initiatives and the Company's participation in them, aimed at consolidating its reputation on the international front;
i) reports to the Board of Directors, at least every six months, on the occasion of the approval of the annual and half-yearly financial report, on its sustainability activities.

C) TRANSACTIONS WITH RELATED PARTIES

With regard to the management of transactions with related parties, within the limits of the role attributed to it by the reference regulatory provisions, the Committee supports the Board of Directors of doValue and the Group's subsidiaries, in the evaluation and management of Transactions with related parties, expressing its prior

opinion on internal procedures as well as (where required by internal regulations) on the approval of specific Transactions, in order to ensure their compliance with the Consob Related Party Transaction Regulation. In particular, the Committee, by way of example:

a) issues prior, reasoned and binding opinions, for the purpose of the Board of Directors' resolution, on the overall suitability of the Policy and procedures on the management of related party transactions contemplated therein, as well as subsequent updates, to achieve the objectives set forth in the Consob Related Party Transaction Regulation;
b) is involved, collectively or through one of its independent members, possibly delegated, already in the negotiation and preliminary investigation stages of certain transactions (in particular, Significant Transactions) of the Parent Company and Subsidiaries, through the receipt of a complete and timely information flow and with the power to request information and make observations to the delegated bodies and the persons in charge of conducting the negotiations and preliminary investigation;
c) issues, where provided for, reasoned prior opinions on the transactions of the Parent Company and Subsidiaries on the interest in the execution of such transactions as well as on the appropriateness and substantive fairness of the related conditions;
d) expresses its opinion, on the basis of the information made available, on relevant issues concerning the Related Parties Perimeter;
e) may be assisted in issuing opinions by independent experts of its choice, after verification of its independence;
f) verifies the correct application of the exemption conditions applied to Significant Transactions defined as ordinary and concluded at market or standard conditions, communicated to them;
g) on the basis of the annual information flow received, performs an ex post control on the application of exemption cases on exempted transactions during the year and assesses the adequacy of the exemption procedures, also with a view to their periodic review.

The Committee is vested with the power to carry out constant monitoring of the transactions envisaged by the procedures for the identification and management of transactions with related parties, also in order to allow it to propose any corrective measures.

The Chief Executive Officer of the Company may submit topics or issues to the Committee for subsequent approval/information to the Board of Directors.

The Committee identifies the information flows to be addressed to it with regard to risks (subject matter, format, frequency, etc.) and may access corporate information relevant to the exercise of its prerogatives.

Specifically, the Committee during the 2023 financial year assessed and expressed its opinion, in support of the Board of Directors in particular, on the following main issues:

• relevant policies: Policy "Diversity & Inclusion", Update Policy "Management of Corporate Finance Transactions, ICT risk management policy; Group Control Office - Update of Group Risk Acceptance Policy; Group Policy Whistleblowing. Update of the Anti-Corruption Policy of doValue S.p.A. drafted

pursuant to the UNI ISO 37001:2016 Standard; Organisational Model pursuant to Legislative Decree 231/01 of doValue and Code of Ethics of Group

Annual Report 2022 of the Internal Audit Function and Group Audit Plan 2023;
half-yearly report 2023 of the Internal Audit Function;
audit reports with negative assessments issued during 2023 by the Internal Audit Function;
quarterly reporting on the results of monitoring activities of the doValue Group's action plans to address audit findings;
revision of the Group Audit Plan 2023;
2022 annual report of the AML function including the results of the AML self-assessment and the annual activity plan for 2023;
half-yearly report 2023 of the Anti-Money Laundering Function;
Anti-Money Laundering Regulatory Gap Analysis on the Bank of Italy Provision on Organisation, Procedures and Internal Controls
half-yearly reports issued by the AML Function as a result of the anti-money laundering compliance monitoring campaigns;
Annual Report 2022 of the Data Protection Officer and Plan of Activities for 2023;
half-yearly report 2023 of the Data Protection Officer;
updating the Data Protection Officer's Plan;
monitoring action plans related to GDPR implementation;
2022 annual report of the Risk Management Function and 2023 planning;
Quarterly Risk Tableau de Bord 2023;
Enterprise Risk Management (ERM) activities
assessment, also on the basis of the reports of the control functions referred to in the previous points, of the adequacy of doValue's organisational, administrative and accounting structure, as well as of the internal control and risk management system;
Business Continuity activities carried out during 2022;
Business Continuity and Disaster Recovery plans;
Examination of the Draft Individual and Consolidated Financial Statements as at 31 December 2022, Consolidated Non-Financial Statement pursuant to Legislative Decree 254/2016 as at 31 December 2022, together with the Manager in charge, having consulted with the independent auditors and the Board of Statutory Auditors, also in order to ascertain the correct use of accounting principles;
examination of the separate doValue Financial Statements and the Consolidated Interim Report of the doValue Group as at 30 June 2023 and 30 September 2023;
Analysis and update of the Impairment Test Results in accordance with IAS 36 on the net book value of intangible assets arising from the PPA of the investee companies doValue Spain and doValue Greece as at 31.12.2022 and 30.06.2023;
Related Party Transaction: waiver of the Remuneration Policy, in relation to the remuneration of the Chief Executive Officer ;
Bonus pool 2023;
Examination of transactions with material characteristics and/or with related parties;
Committee Controls on Excluded Related Party Transactions;
information flows on related party transactions carried out by the company and its subsidiaries;
Issuing risk assessment opinions on business projects and related financial transactions;
Update on ongoing sustainability activities;

Pursuant to the doValue Group's current Policy for the Management of Related Party Transactions and Conflict of Interest Transactions, 'periodically and at least every three years, the Board of Directors, after receiving the opinion of this Committee, assesses whether to revise the Policy, taking into account, inter alia, any changes in the ownership structure as well as its effectiveness'.

Therefore, in November 2023, the Committee identified and engaged an external consultant to assess the adequacy of the Policy, given the time that had elapsed since the last review. This activity was completed in early 2024.

9.2 HEAD OF THE INTERNAL AUDIT FUNCTION

Consistently with Recommendation 32 letter b) of the Corporate Governance Code, the Board of Directors deliberates with exclusive competence on the appointment and dismissal of the Head of Internal Audit, upon the proposal of the Risk, Related Party Transactions and Sustainability Committee, which in turn is advised by the Appointments and Remuneration Committee, and after hearing the opinion of the Board of Statutory Auditors.

In the context of the current organisational structure resulting from the debanking process and the initiatives aimed at accompanying the Group's international growth, the Head of the Internal Audit Function, whose role is held by Silvia de Grassi, reports to the Board of Directors through the Head of the Internal Controls Department, as well as functionally to the Group Internal Audit Function. Consistently with the provisions of Recommendation 36 of the Corporate Governance Code, he is not responsible for any operational area and reports to the Board of Directors directly or through the Risk, Related Party Transactions and Sustainability Committee, at least once a year or at the earliest opportunity, in cases of particular relevance, on the adequacy, effectiveness and actual functioning of the Internal Control System.

In line with Recommendation 33 letter b) of the Corporate Governance Code, the Board of Directors also resolves, subject to the favourable opinion of the Risk, Related Party Transactions and Sustainability Committee and after consulting the Board of Statutory Auditors, on the remuneration of the Head of the Internal Audit Function on the basis of criteria and parameters that are not linked to the Company's performance, consistently with the provisions of corporate policies.

In order to fulfil its mandate to verify the operability and suitability of the Internal Control and Risk Management System, the Head of the Internal Audit Function performs the following activities:

It defines and executes an annual and multi-year audit plan based on a risk assessment methodology that takes into account the evolutionary aspects of the Group's business and related development strategies, emerging risks and significant changes in organisational structures and processes, constraints deriving from regulatory and contractual provisions, and requests by Management and Corporate Bodies (Recommendation 36 letter a) of the Corporate Governance Code. Within the framework of this Plan, the reliability of information systems, including accounting systems (Recommendation 36 letter e), is also verified with the support of the Group IA Audit unit established at the Parent Company within the Group Internal Audit Function. The multi-year plan is also updated on an annual basis in order to promptly reflect any significant changes in the Company's risk profile as a result of changes in the business, organisational or regulatory context. In order to ensure the plan is dynamic and to meet any unforeseen requests for action during the year, the annual plan provides for the establishment of an appropriate reserve of resources within those available. Audit plans are submitted to the Board of Directors for approval after review by the Risk, Related Party Transactions and Sustainability Committee;
prepares and submits to the Chairmen of the Board of Statutory Auditors, the Risk, Related Party Transactions Committee and the Board of Directors, as well as to the Chief Executive Officer, periodic reports containing an assessment of the suitability of the internal control and risk management system and adequate information on its activities and on the manner in which risk management is conducted (half-yearly and annual) as well as an update on compliance with the action plans defined by Management for their containment (quarterly) in accordance with Recommendation 36 letter b) and d) of the Corporate Governance Code;
promptly brings to the attention of the Chairmen of the Board of Statutory Auditors, the Risk, Related Party Transactions Committee and the Board of Directors, as well as the Chief Executive Officer, the reports prepared as a result of individual audits that contain aspects of particular relevance for the purpose of assessing the overall Internal Control and Risk Management System (Recommendation 36 letter c) and d) of the Corporate Governance Code);
communicates in an appropriate and transparent manner with the supervisory authorities with regard to audit activities;
maintains qualified resources within the Internal Audit Function with the skills, knowledge, abilities and experience necessary to fully realise its mission;
has direct and unrestricted access to all information and documentation relevant to the performance of individual tasks, in accordance with Recommendation 36 of the Corporate Governance Code.

In order to perform his duties, the Head of the Internal Audit Function has an adequate annual budget, submitted for approval to the competent corporate bodies and capable of covering, in particular, the main requirements linked to the use of technical consultancy on specific matters and the professional training needs of his resources.

With reference to the audit activities on the subsidiaries centralised at the Parent Company and in particular for the supervised company doNext, consistently with the provisions of the outsourcing contract drawn up in compliance with reference regulations, the company's Board of Directors has appointed an independent Director, without

operational powers, as the contact person for the outsourced third-level control activities. This Director has the task of supervising the activities of the Supplier's Internal Audit Function, the adequacy of risk coverage and the execution of the planned activities, in order to ensure constant comparison and free access of the Head of the Internal Audit Function to the Board of Directors of the supervised company.

In relation to the other non-supervised Italian subsidiaries, although no contact person is foreseen, the Head of the Internal Audit Function ensures the necessary coverage of the main operational processes and their inherent risks through their inclusion in the Group audit plan. For these companies, the Head of the Group Internal Audit Function has the task of informing the Corporate Bodies of the individual subsidiary of the Parent Company on the results of the audits carried out by virtue of the exercise of management and coordination activities, by means of the overall reporting on the audit activities carried out at Group level.

During 2023, the Internal Audit Function, under the supervision of its Manager and in line with the plan approved by the Board of Directors on 23 March 2023, carried out interventions involving both the Parent Company and its Italian subsidiaries that can be traced back to three main areas of intervention characterised by priority logic and specific risk profiles:

governance processes, relating to the definition of corporate strategies, planning and management control, risk management and controls, and the management of corporate bodies);
business processes, which include the Company's 'core' activities, with regard to both the management and recovery of mandated portfolios and/or deriving from securitisation transactions and ancillary services);
support processes, aimed at the proper functioning of the company, through the management of projects, processes and procedures and the performance of administrative activities and the management of company resources, financial, human, technological, tangible and intangible).

The latter includes the verification activities aimed at assessing the reliability of information systems (Recommendation 36 letter e) of the Corporate Governance Code) which, as already represented, since September 2023, have been ensured by the Group IT Audit unit, which is responsible for verifying the processes for managing information systems and governing the related risks throughout the doValue Group perimeter. During 2023, these audit activities focused mainly on assessing the adequacy of the overall IT process governance framework as revised in light of their progressive centralisation at Group level. In this context, the main aspects assessed were the alignment of the IT strategy with the Group's overall objectives, the processes for measuring the performance of IT services, identifying and monitoring IT risks, and managing budgets and projects. Other areas under analysis were the governance of IT service providers and IT security management.

Lastly, during 2023, the doValue Internal Audit Function continued to support the Group Internal Audit Function in the process of integrating and consolidating internal audit activities at a Group-wide level through the timely application of a common methodology for control and risk assessment by all the Internal Functions established within the Group in the various phases of the audit cycle (i.e. risk assessment and annual planning, process and compliance audits, monitoring of the resolution status of findings and reporting to the Bodies). As of 2023, then, this methodological consolidation process could also rely on a common IT tool to support internal audit activities. The use

of the Sphera tool, already in place at the Parent Company for some years, was in fact extended to all the Group's Internal Audit Functions.

9.3 ORGANISATIONAL MODEL pursuant to Legislative Decree 231/2001

In order to ensure the alignment with the changed corporate, operational and organisational structure of the Group, as well as the updating of the contents with respect to the new offences introduced by the legislator since the last update, a project was completed in December 2023, mainly aimed at

update the 231 Model of the Company (and the Italian subsidiaries doNext and doData) and the Group's Code of Ethics;
integrate the 231 Risk Assessment Framework with the doValue Anti-Corruption Risk Assessment Framework.

At the end of the project, integrated 231/anti-bribery/whistleblowing training was also provided to the entire population.

The current Organisational and Management Model pursuant to Legislative Decree 231/2001 of doValue (the '231 Model'), approved on 11 May 2023 by the Board of Directors of doValue, is structured as follows:

General Part, which includes:

the Company's Governance Model and the existing corporate tools supporting the Model;
the aims pursued by the adoption of the Model;
the methodology adopted for the analysis of activities that are sensitive to the offences referred to in Legislative Decree 231/2001 and the relevant safeguards;
the identification and appointment of the Company's Supervisory Board (hereinafter also 'SB') with an indication of its powers, duties and information flows;
the disciplinary system and its sanctioning apparatus;
the information and training plan to be adopted in order to ensure awareness of the measures and provisions of the Model;
the criteria for updating and adapting the Model;

Special Part, which includes the decision-making protocols where the risk-crime activities identified in the Risk Assessment phase are distributed into Sensitive Areas concerning one or more families of offences and/or offence cases, identified by commonality of sensitive activities and control and conduct principles.

The following Annexes also form an integral part of the Model:

Code of Ethics of the doValue Group;
document "Group Governance on Models 231", in which the guidelines and guidelines are provided to the doValue Group Companies operating in Italy, so that they contribute to the implementation of a "231 System" coordinated at the Group level, in order to allow an integrated and homogeneous management of risks concerning the administrative liability of Entities, without prejudice to the autonomy and specificity of individual Companies;

Annex "Predicate Offences of Legislative Decree 231/2001".

Predicate offences under Legislative Decree 231/2001

The annex to the 231 Model, entitled "Predicate Offences of Legislative Decree 231/2001", which is an integral part of the 231 Model itself, provides a description of the crimes and administrative offences whose commission determines, when the conditions provided for by Legislative Decree 231/2001 are met, the occurrence of which gives rise to the administrative liability of the entity pursuant to and for the effects of the aforementioned legislation, and will also be updated in line with the organisational changes that have taken place and the introduction of new crimes. The 231 Model as well as the Group's Code of Ethics can be found on the doValue website at: https://www.dovalue.it/it/governance/modello-ex-dlgs-23101.

9.4 AUDITING COMPANIES

The Shareholders' Meeting of 17 June 2016 appointed Ernst & Young S.p.A. to audit the Group's annual financial statements and consolidated financial statements as well as to perform a limited audit of the consolidated half-yearly report for each of the nine financial years ending 31 December 2016 to 31 December 2024.

Ernst & Young S.p.A. was also entrusted, through separate formalised agreements, with the auditing of the financial statements of some of doValue's subsidiaries.

On 9 November 2023, the Company's Board of Directors approved the update of the policy for the engagement and management of auditing firms within the doValue Group in order to safeguard the independence requirement of the auditing firm and its network.

Lastly, it should be noted that on 4 April 2023, the Board, after consulting the Board of Statutory Auditors, assessed the results presented by the statutory auditor in the additional report on the annual financial statements as of 31 December 2022, pursuant to Article 11 of EU Regulation No. 537/2014, addressed to the Board of Statutory Auditors.

9.5 MANAGER IN CHARGE OF PREPARING CORPORATE ACCOUNTING DOCUMENTS AND OTHER CORPORATE ROLES AND FUNCTIONS

By Board of Directors resolution of 17 March 2022, following the favourable opinion of the Board of Statutory Auditors, the Board of Directors, having assessed the candidate's curriculum and verified that he meets all the requirements envisaged by current regulations, appointed Mr. Davide Soffietti, Group Chief Financial Officer, in charge of the Group Finance structure, as the Executive in charge of Financial Reporting until the approval of the financial statements as of 31 December 2023.

The Executive in Charge of Financial Reporting is granted adequate powers and means for the exercise of the tasks assigned by the regulation, while the Board of Directors is responsible for ensuring that the Executive in Charge of Financial Reporting has such powers and means and complies with administrative and accounting procedures. The presence of an adequate structure reporting directly to the Executive in Charge of Financial Reporting is the main

element that characterises the availability of adequate means and powers required by the regulations. To this end, the doValue Group has envisaged that the Manager in charge be supported by a team of resources dedicated to carrying out the activity, in order to cover all the entities of the group. The team is composed as follows:

for the Subsidiary for the Responsible Officer (RACDP), if appointed by resolution of the Board of Directors of the individual entity, normally identified, if any, in the Chief Financial Officer (CFO) of the represented entity, who performs locally for the represented entity and any other specifically selected direct and indirect subsidiaries, the coordination and attestation activities foreseen for the Responsible Officer (Taraboulous Alvertos for doValue Greece and Carlos Maceda for doValue Spain and Adsolum Real Estate S.L., Stavros Stavrou for doValue Cyprus);
Management 262 (Italy), which carries out the checks required for 262 activities in Italy and for consolidation;
Management 262 (Territorial), where appointed, which is responsible for carrying out the controls foreseen for activities 262, according to its own perimeter of competence.

The Executive in Charge is responsible for certifying:

the adequacy and effective application of administrative and accounting procedures during the financial year to which the documents refer;
the conformity of the documentation drawn up according to the IAS/IFRS international accounting standards transposed into Italian law by Legislative Decree No. 38/2005, which exercised the option provided for by EU Regulation No. 1606/2002 on international accounting standards;
the correspondence of the documents with the entries in the books and records;
the suitability of the documents to provide a true and fair representation of the assets and liabilities, profit and loss, and financial position of the issuer and the companies included in the consolidation;
for the annual and consolidated financial statements, that the management report includes a reliable analysis of the development and results of operations, as well as the situation of the issuer and the consolidated companies, together with a description of the main risks and uncertainties to which they are exposed;
for the condensed half-yearly financial statements, that the interim management report contain references to the important events of the first six months of the financial year and their impact, together with a description of the main risks and uncertainties for the remainder of the financial year.

The Appointed Executive attends the meetings of the Board of Directors of the Group Companies and/or the Board of Statutory Auditors, when the agenda deals with matters within his competence.

Information flows between the Executive in Charge of Financial Reporting and the other corporate control functions are governed by the 'Regulations on the Internal Control System of the doValue Italia Group'. In addition, the Executive in Charge of Financial Reporting holds meetings and exchanges of information with the Auditing Firm on their respective activities, with particular reference to any points of attention on internal controls.

In order to be able to fully comply with the provisions of the regulations, the Board of Directors approved a specific Global Regulation "Regulation of the Control Function of the Executive in Charge", which provided the general criteria and description of the responsibilities and relations between the Parent Company and the doValue Group

Companies. In addition, a Global Procedure "Methodology of the Control Function of the Executive in Charge of Financial Reporting" was approved and sent to the companies included in the consolidation and subject to certification for the purposes of Law No. 262/2005, on the basis of criteria approved from time to time, regulating the process and operating procedures for the application of the aforementioned general criteria.

The internal control system relating to Financial Reporting adopted provides for the application of a common methodological structure, based on:

the use of a uniform, centrally defined internal control system model based on internationally recognised methodological standards;
its updating and dissemination within the Group on the basis of centrally defined parameters. The methodological approach adopted by the doValue Group in order to comply with the Savings Protection Act (Law No. 262/2005) is inspired by the Internal Control - Integrated Framework (CoSO Framework), produced by the Committee of Sponsoring Organisations of the Treadway Commission (CoSO).

The heads of the additional corporate functions with specific tasks in the area of internal control and risk management, in accordance with Recommendation 32 e) of the Corporate Governance Code, have been indicated in the previous sections of this Report, within the specific sections devoted to the individual functions.

9.6COORDINATION BETWEEN THE PARTIES INVOLVED IN THE INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM

Consistent with Principle XX of the Corporate Governance Code, the duties and responsibilities of the various control bodies and functions, as well as the information flows between the various functions/bodies and between these and the corporate bodies, are defined in detail within the Internal Control System Regulation, the latest update of which, as far as the doValue Group in Italy is concerned, was approved by the Parent Company's Board of Directors on 13 July 2022.

In order to guarantee a unified and integrated vision of the Internal Control System and to ensure proper interaction and integration between the corporate control functions, a series of coordination and collaboration mechanisms are also defined, in line with Recommendation 33 letter g), aimed at maximising synergies and avoiding any potential areas of overlapping or lack of supervision.

In particular, a fruitful interaction between the corporate control functions is ensured through the pursuit of the following objectives:

sharing the methodologies and metrics by which the different functions carry out their evaluations;
improving communication between corporate control functions and corporate bodies;
sharing of information and assessments.

These objectives are realised through the following interaction mechanisms that are part of the more general framework of active and constant collaboration between the corporate control functions:

participation in the process of defining/updating internal rules on risks and controls;

exchange of information flows, documents or data, such as those on the planning of control activities and their outcome;
participation in Board Committees (Risk, Related Party Transactions and Sustainability Committee) and Management Committees (Internal Control System Coordination Committee).

The improvement of the interaction between control functions and their constant updating to the corporate bodies, in relation to the activities carried out, are intended to contribute over time to a corporate governance that guarantees sound and prudent management also through a more effective risk control at all corporate levels.

The coordination mechanisms between the various parties involved in the Group's system of internal controls and the overall system of information flows that support the aforesaid mechanisms were revised in 2022 with regard to the perimeter of the Italian legal entities. As already represented in this report, in order to provide an overall representation of the coordination mechanisms between the functions and the related information flow system, as redesigned in light of the new organisational structure of the Group, a further Regulation on the Internal Control System of the entire doValue Group is currently being prepared and will be submitted to the Parent Company's Board of Directors for approval.

10 DIRECTORS' INTERESTS AND RELATED PARTY TRANSACTIONS

The Board of Directors, with a decision taken on 17 June 2021 (which had already been previously updated in February 2020) approved the new version of the "Policy for the management of transactions with related parties and transactions in conflict of interest of the doValue Group" (hereinafter: the "RPT Policy").

This update takes into account the issuance of the updated "Regulation containing provisions on related party transactions" (hereinafter "the RPT Regulation"), effective as of 1 July 2021, as well as the organisational changes that occurred in 2021 and ensures the application of the principles contained therein to all subsidiaries, including foreign subsidiaries.

The RPT Policy was submitted in advance to the Risk and Related Parties Committee, which issued a favourable opinion for approval.

The RPT Policy is aimed at defining, within the scope of the Parent Company's and Subsidiaries' operations, the principles and rules to be observed to ensure the transparency and substantive and procedural correctness of transactions with Related Parties, carried out directly by the Parent Company or through its Subsidiaries.

In this respect, it establishes for the entire Group, inter alia:

the criteria for identifying Related Parties;
cases of total or partial exemption from the application of the rules of preliminary investigation, deliberation and information to corporate bodies and the rules on market disclosure
the procedures for the investigation, proposal and decision-making of Related Party transactions
Subsequent disclosure to the Parent Company's Corporate Bodies on Related Party transactions
the necessary safeguards to ensure disclosure to the market of information on related party transactions.

The RPT Policy therefore proposes to implement the aforesaid regulations by introducing, with validity for the whole Group, rules on the preliminary investigation procedures, decision-making powers, reporting and disclosure. Therefore, the indications contained in the RPT Policy are valid for the entire structure of the Parent Company and Subsidiaries. All Subsidiaries are required to transpose the RPT Policy, which is adopted by the Parent Company, as Group discipline, subject to the resolution of their respective competent bodies, without prejudice to the application of local and/or sector regulations applicable from time to time, consistent with the principles set out in the RPT Policy. The full text of the RPT Policy, to which reference should be made for any further details, is available on the doValue website, in the Governance section. Finally, it should be noted that the RPT Policy also regulates the principles set forth in Article 2391 of the Italian Civil Code (on the subject of Directors' interests).

To this end, the Directors, Statutory Auditors and other DIRS of the Company have communicated, and periodically update, declarations containing personal data functional to the maintenance of the perimeter of related parties and therefore to the identification and management of related party transactions and/or any transactions in conflict of interest. A similar process has been applied for updating shareholders' declarations (where applicable).

11 BOARD OF AUDITORS

11.1 APPOINTMENT AND REPLACEMENT

Article 23 of the Articles of Association stipulates that the Board of Statutory Auditors is appointed by the Shareholders' Meeting on the basis of lists submitted by the entitled parties, in which the candidates are listed in sequential order.

The lists shall be divided into two lists, respectively containing up to 3 (three) candidates for the office of Standing Auditor and up to 2 (two) candidates for the office of Alternate Auditor. In the event of a list containing candidates for the office of Standing Auditor and Alternate Auditor, at least the first candidate for the office of Standing Auditor and at least the first candidate for the office of Alternate Auditor on the respective lists must have been enrolled for at least three years in the register of statutory auditors and must have exercised the activity of statutory auditor for a period of no less than three years. In the event of a list containing a number of candidates equal to or greater than 3, each list for the appointment as Standing Auditor and Alternate Auditor must contain a number of candidates belonging to the least represented gender that ensures, within the list itself, compliance with the gender balance at least to the minimum extent required by the laws and regulations in force.

No candidate may appear on more than one list under penalty of disqualification.

Each party eligible to vote (as well as (i) the eligible parties belonging to the same group, meaning the party, including non-corporate, controlling pursuant to Article 2359 Each person entitled to vote (as well as (i) the parties to the same shareholders' agreement pursuant to Article 122 of the Consolidated Law on Financial Intermediation, or (iii) the parties that are otherwise associated with each other by virtue of associative relationships pursuant to applicable laws and/or regulations) may submit or take part in the submission of only one list, just as each candidate may be included in only one list, under penalty of ineligibility.

Pursuant to the Articles of Association, Shareholders may submit a list for the appointment of Statutory Auditors if, at the time of submitting the list, they own, alone or together with other submitting Shareholders, shares with voting rights representing at least 2.5%⁴ of the share capital with voting rights at the Ordinary Shareholders' Meeting, or the lower amount established by mandatory provisions of law or regulations.

Ownership of the minimum shareholding for the submission of lists is determined by taking into account the shares registered to the individual shareholder, or to several shareholders jointly, on the day the lists are filed with the Company. Certification of the minimum shareholding can also be produced after the filing provided that it is within the deadline set for the publication of the lists by the Company.

The lists must, under penalty of forfeiture, be filed at the company's registered office, also through a remote means of communication and in accordance with procedures disclosed in the notice of call that allow for the identification of the persons making the filing, within the twenty-fifth day prior to the date of the Shareholders' Meeting (or within the different term provided for from time to time by the applicable regulations) and shall be made available to the public at the registered office, on the doValue Website and in the other ways provided for by the applicable

⁴ According to Consob Executive Determination No. 92 of 31.01.2024, the percentage for the Company is 4.5%.

regulations, at least twenty-one days prior to the date of the Shareholders' Meeting (or within the different term provided for from time to time by the applicable regulations).

Together with the lists, and always within the deadline indicated above, the parties entitled to submit them must also deposit any further documentation and declarations required by the laws and regulations in force from time to time. Lists for which the above requirements are not complied with shall be considered as not submitted. Each person entitled to vote may only vote for one list.

The members of the Board of Auditors are elected as follows:

(i) 2 (two) Standing Auditors and 1 (one) Alternate Auditor are taken from the list that has obtained the highest number of valid votes, in the sequential order in which they are listed;
(ii) the remaining Acting Auditor and the remaining Alternate Auditor are taken from the list obtaining the highest number of votes after the list referred to in point (i) above that is not connected in any way, not even indirectly, with the parties entitled to vote that submitted the list referred to in point (i) above, with the first candidates in the relevant sections being elected as Acting Auditor and Alternate Auditor, respectively.

The Statutory Auditor drawn from the list obtaining the highest number of votes after the list referred to in point (i) above shall be the Chairman of the Board.

In the event that only one list has been submitted by the deadline and in accordance with the procedures set forth above, or no list at all has been submitted, or if there are no candidates on the lists equal to the number to be elected, the Shareholders' Meeting shall resolve to appoint or add to the list by relative majority vote. In the event of a tie between several candidates, a ballot shall be held between them, by means of a further Shareholders' Meeting vote. The Shareholders' Meeting is in any case required to ensure compliance with the gender balance provided for by the laws and regulations in force.

In the event of the death, resignation or debarment or the absence for any other reason of a Standing Auditor, he shall be replaced by the Alternate Auditor belonging to the same list that elected the outgoing Auditor, according to the progressive order in which they are listed, in compliance with the minimum number of members entered in the register of statutory auditors who have carried out statutory auditing activities and the principle of gender balance. If this is not possible, the outgoing Statutory Auditor shall be replaced by the Alternate Statutory Auditor having the indicated characteristics drawn from the most voted minority lists, according to the progressive order of listing. In the event that the appointment of the Statutory Auditors is not carried out through the list voting system, the Alternate Statutory Auditor provided for by law shall take his place. In any case of substitution of the Chairman of the Board of Statutory Auditors, the Substitute Statutory Auditor shall also assume the office of Chairman. The Shareholders' Meeting provided for in Article 2401, paragraph 1, of the Italian Civil Code, shall appoint or replace Auditors in compliance with the principle of necessary representation of minorities and gender balance. In the event of non-confirmation by said Shareholders' Meeting of the Alternate Auditor who has taken over the office of Standing Auditor, the same shall return to the role of Alternate Auditor.

11.2 COMPOSITION AND OPERATION (pursuant to Article 123-bis, paragraph 2, letters d) and dbis), TUF)

As at the date of the Report, the Board of Statutory Auditors is made up of three standing auditors and two alternate auditors, who meet the requirements set forth in current laws and regulations; for this purpose, the subjects and sectors of activity closely related to those of the company are those indicated in the corporate purpose, with particular reference to companies or entities operating in the financial, industrial, banking, insurance, real estate and services sectors in general. The Ordinary Shareholders' Meeting elects the Board of Statutory Auditors and determines its remuneration.

Statutory auditors also act with autonomy and independence vis-à-vis the shareholders who elected them.

All Statutory Auditors must meet the requirements of eligibility, honourableness and professionalism set forth by law and other applicable provisions and, for the purposes of Article 1, paragraph 2, letters b) and c) of Ministry of Justice Decree No. 162 of 30 March 2000, which establishes the requirements of professionalism and honourableness.

Furthermore, in accordance with Principle VIII of the Corporate Governance Code, the auditors of doValue must meet the independence requirements of Article 2, Recommendation 9, of the same code, as well as the requirements of Article 148, paragraph 3, of the TUF.

The assessment of independence is carried out by the Control Body immediately after appointment as well as during the term of office, upon the occurrence of circumstances relevant to independence and in any case at least once a year, on the basis of the information provided by each member of the Control Body.

The Statutory Auditors may take on positions of administration and control in other companies within the limits established by the provisions, including regulations, in force.

The Board of Statutory Auditors, in the performance of its duties and activities, has constantly coordinated through periodic and reciprocal involvement as well as punctual exchanges of information - with both the Risk, Related Party Transactions and Sustainability Committee and the Internal Audit function, as well as with the Internal Control Department. This activity was carried out through the constant participation of the Chairman of the Board of Statutory Auditors, and/or another Statutory Auditor appointed for this purpose, in the meetings of the aforesaid committee (as already highlighted in Chapter 9 above) and of the Head of the Internal Audit Department and/or the Head of the Internal Control Department in the periodic meetings of the Board of Statutory Auditors.

The Shareholders' Meeting of 29 April 2021, using the list voting system governed by the Articles of Association, appointed the Company's Statutory Auditors for the three-year period 2021-2023.

Voting took place on the basis of two lists:

List No. 1, submitted by the shareholder AVIO S.a.r.l., obtained a total of 23,215,024 votes (34.027% of the votes cast and 29.019% of the total share capital).

List No. 2, submitted by Studio Legale Trevisan & Associati on behalf of a group of institutional investors,

obtained a total of 36,188,396 votes (53.043% of the votes cast and 45.235% of the total share capital).

As a result of the aforesaid voting and considering that List No. 2 contained only one name and List No. 1 three members, pursuant to the provisions of Article 23.10 of the Articles of Association, the following persons were elected as Statutory Auditors:

Nicola Lorito President
Francesco Mariano Bonifacio Statutory Auditor
Chiara Molon Statutory Auditor
Maurizio De Magistris Alternate Auditor
Sonia Peron Alternate Auditor

The appointment was made on the basis of the list voting mechanism, as governed by the Bylaws and described in section 11.1 above of this Report. The Company has therefore confirmed compliance with the provisions on gender balance in the composition of the control body (pursuant to Article 148 of the Consolidated Law on Finance and in compliance with the provisions of Law No. 160 of 27 December 2019).

Consequently, the term of office of the current Statutory Auditors will expire on the date of the Shareholders' Meeting convened to approve the financial statements for the financial year 2023.

During 2023, the Board of Statutory Auditors held 26 meetings, each lasting an average of approximately 2 hours. With reference to the percentage of participation of each Auditor in the meetings, please refer to Table 4 at the end of this Report.

Table 4 also provides relevant information on each member of the Board of Statutory Auditors in office at the date of approval of this Report.

For the financial year 2024, 14 meetings have been scheduled so far, of which seven have already been held as of the date of this Report.

Diversity criteria and policies

doValue has continued to pursue the adoption of diversity criteria and policies for the composition of its corporate bodies and, in the report prepared pursuant to Article 125-ter of the Consolidated Law on Finance for the renewal of the control body on the occasion of the Shareholders' Meeting of 29 April 2021, the Board of Directors, among other things, took into account the diversity policies provided for by current company and Group regulations, as well as the applicable regulations on the subject and, in particular, those relating to gender and educational background. In this regard, it should be noted that the Board of Directors has given priority to the existence of these characteristics, regardless of the age of the exponents. The policies relating to gender diversity, as indicated above, were implemented with the renewal of offices by the Shareholders' Meeting of 29 April 2021 and, in this sense, the Board of Statutory Auditors sees the presence of 2 members of the less represented gender, one in the role of Standing Auditor, and one as Alternate Auditor.

Independence

All the Statutory Auditors have declared that they meet the independence requirements provided for by the regulations in force. With regard to the independence requirements of the members of the Board of Statutory

Auditors, the preliminary investigation carried out by the Board of Directors in the meetings of 23 February 2023 and 14 March 2024 revealed the existence of the independence requirements, in accordance with the provisions of the Consolidated Law on Finance and, in particular, with the provisions of the combined provisions of Articles 147-ter, paragraph 4, and 148, paragraph 3, of the Consolidated Law on Finance and pursuant to Recommendation 7, as referred to by Recommendation 9, of the Corporate Governance Code, for all members of the Board of Statutory Auditors, thereby fulfilling the evaluation obligations to be carried out at least once during the financial year by the members of the Board of Statutory Auditors.

In this regard, on 23 February 2023 and 14 March 2024, pursuant to Article 144-novies, paragraph 1-bis, of the Consob Issuers' Regulations, the Company regularly informed the market of the results of the assessments carried out, based on the information provided by the interested parties or otherwise available to the Company itself, on whether the members of the control body meet the independence requirements.

Remuneration

The Shareholders' Meeting, held on 29 April 2021, assigned to the members of the Board of Statutory Auditors a remuneration that it deemed appropriate to the competence, professionalism and commitment required by the relevance of the role covered and the company's size and sectoral characteristics and its situation, in application of Recommendation 30 of the Corporate Governance Code

In this regard, it should be noted that, for the purposes of determining the remuneration of Statutory Auditors, the Shareholders' Meeting, in particular, took into account the increasing commitment required as a result of the greater international dimension assumed by the Group.

Interest Management

With reference to Recommendation 37 of the Corporate Governance Code, it should be noted that, in the "Policy for the Management of Transactions with Related Parties and Conflict of Interest of the doValue S.p.A. Group" it is provided, in addition to the procedure for the proper management of any transactions by corporate officers, that if the members of the Board of Statutory Auditors have an interest in the transaction, on their own behalf or on behalf of third parties, they must inform the other Statutory Auditors and the other directors, specifying the nature, terms, origin and scope.

12 SHAREHOLDER RELATIONS

Access to information

The establishment and maintenance of a constant and fruitful dialogue with shareholders, institutional investors and other specific stakeholders is regarded by doValue as a duty to the market.

This dialogue, in accordance with the rules and procedures governing the disclosure of inside information, is aimed at adopting the best applicable professional practices and is marked by the principles of transparency, timeliness and completeness of information.

Also with the aim of ensuring wide and easy dissemination to the public, doValue publishes relevant information of a strategic, financial and corporate governance nature, price-sensitive press releases, the main metrics on the stock's performance on the stock market and the appointments scheduled in the Company's financial calendar in the "Investor Relations" section of the doValue website; this information also facilitates shareholder participation in shareholders' meetings, making it easier for them to exercise their rights. As of August 2020, in conjunction with the Group's first bond issue, a special section of the doValue website called "Bond and Credit Rating" has also been activated, with information aimed at the specific stakeholders of this financial instrument.

The Company, in compliance with Application Criterion 9.C.1 of the Corporate Governance Code, has chosen to equip itself with a corporate structure dedicated to the management of relations with shareholders, "Group Investor Relations", reporting to the General Manager Corporate Functions. The structure can be reached through the following channels:

e-mail: [email protected]

telephone: +39 06 4797 9184

Dialogue with shareholders

On 16 December 2021, the Board of Directors, on the proposal of the Chairman formulated in agreement with the Chief Executive Officer, adopted the Engagement Policy aimed at aligning with the new corporate governance code and formalising the Company's ongoing and ordinary activity with the market. The policy sets out the general principles, the management methods and the main contents of the dialogue between the Company and the Market in order to favour the creation of sustainable value in the medium-long term, the definition of the strategy that inspires the Company's operations, and the activities aimed at guaranteeing the high standards of governance that the Company is committed to pursuing. The Engagement Policy has also been drafted taking into account the engagement policies that institutional investors and asset managers are required, in light of the laws and regulations applicable to them, to adopt and communicate to the public. The policy, in particular, identifies the interlocutors, topics of discussion, timing and channels of interaction. The ways in which communication takes place vary depending on the stakeholders, in relation to their respective characteristics as well as the purpose and nature of their involvement in the Company's business, always in compliance with the principles of symmetry of information, transparency, timeliness, loyalty and fairness, without prejudice to the need for orderly operations, cost-effectiveness and confidentiality required by a responsible and sustainable conduct of business.

The document is available on the doValue.it website in the Governance section.

During 2023, the company maintained a constant dialogue with its shareholders and bondholders, participating in more than 15 roadshows and conferences (both virtual and in-person) organised by both Italian and international brokers, meeting more than 150 investors. Topics of discussion with shareholders and bondholders were mainly focused on corporate strategy, market environment, the company's approach to innovation, approach to potential market consolidation, governance, financial performance, relevant servicing mandates and market pipeline

Report on Corporate Governance and Ownership Structure - Financial Year 2023 Courtesy translation

13 ASSEMBLY

Pursuant to the applicable laws and regulations, the Company's Articles of Association provide that the Ordinary Shareholders' Meeting is convened at least once a year, within 120 days after the end of the financial year, to pass resolutions on the matters attributed to it by law and the Articles of Association. If the legal conditions are met, this term may be extended to 180 days.

The Shareholders' Meeting, both ordinary and extraordinary, is convened in accordance with the law and regulations by means of a notice published on the Company's website at https://www.dovalue.it/it/governance/assembleaazionisti-new, as well as by the other means provided for by the laws and regulations in force.

The Shareholders' Meeting is held in a single convocation. The Board of Directors may decide that the Shareholders' Meeting be held in more than one call. The majorities provided for by current legislation shall apply.

For the validity of the constitution of the Assembly, both ordinary and extraordinary, and of its resolutions, the provisions of the law and the Articles of Association shall be observed; the majorities provided for by the regulations in force shall apply.

Pursuant to the Articles of Association, the Ordinary Shareholders' Meeting determines the remuneration of the bodies it appoints.

The agenda shall be set by the person exercising the convening power in accordance with the law and the Articles of Association. If the Shareholders' Meeting is convened at the request of shareholders, the agenda shall be defined taking into account the indications contained in the request for convocation.

The right to add items to the agenda may be exercised, in compliance with the applicable provisions of law, by as many Shareholders who, also jointly, represent at least 2.5% of the share capital: in this case, they shall also prepare a report stating the reasons for the resolution proposals on the new items they propose to discuss. Shareholders may also submit additional resolution proposals on items already on the agenda, stating their reasons.

Within the term of publication of the notice of call, or within a different term provided for by law, the Board of Directors shall ensure that a report on each of the items on the agenda is made available to the public.

Pursuant to the Articles of Association and in compliance with applicable laws and regulations, holders of shares with voting rights may attend the Shareholders' Meeting, provided that their legitimacy is attested in the manner and under the terms provided for by the law, including regulations, in force at the time.

Entitlement to participate in the Shareholders' Meeting and to exercise voting rights is attested by a communication to the Company, made by the intermediary in favour of the person entitled to vote, on the basis of the evidence relating to the end of the accounting day of the seventh trading day prior to the date set for the Shareholders' Meeting in first call.

Article 9 of the Articles of Association reserves the right for the Chairman of the Assembly to determine, in general, the right to participate in the Assembly, as well as to settle any disputes.

The Articles of Association do not provide for the right of Shareholders to participate in the Shareholders' Meeting by means of telecommunications or to exercise their voting rights electronically.

The Articles of Association also provide that a Shareholder with the right to attend the Shareholders' Meeting may be

represented by written proxy by another person, even if not a Shareholder, provided that the provisions of law are complied with. The voting proxy may also be conferred by means of a computer document signed in electronic form in accordance with the provisions of the regulations in force and notified to the Company at a specific e-mail address in the manner indicated in the notice of call, or by another method chosen from among those provided for by the laws and regulations in force and indicated in the notice of call.

By resolution passed on 26 May 2020, the Shareholders' Meeting of doValue approved its Regulations. The related document is available to shareholders and the general public on the doValue Website, in the Governance section, as well as, for those who are entitled to attend and exercise their voting rights, at the Company's registered office and in the places where the Shareholders' Meetings will be held - from time to time -.

Article 16 of the Rules of the Shareholders' Meeting recognises those who are entitled to participate in the Shareholders' Meeting according to the law and the Articles of Association (the 'Entitled Attendees' as shareholders or their proxies, Directors, Statutory Auditors and the Secretary of the meeting) the right to intervene in the Shareholders' Meeting and to speak on each of the topics under discussion and to formulate proposals pertaining to them.

Those wishing to exercise their right to speak must make a request to the President (by a show of hands or by submitting a written request, if so ordered by the President) not before the item on the agenda to which the request to speak refers has been read out and in any case before the discussion on the item under discussion has been declared closed.

Article 10 of the Statute also provides that the President shall be assisted by a Secretary, appointed by a majority of those present. In addition to the cases provided for by law, when the President deems it appropriate, a notary, designated by the President himself, may be called upon to act as Secretary.

In the year 2023, the Shareholders' Meeting met on 27 April and resolved in favour of the proposals submitted by the Board of Directors in relation to the items Ordinary Part: 1. Financial Statements as at 31 December 2022;2. Allocation of profit for the year and distribution of dividend; 3. Remuneration Policies: Report on Remuneration Policy and remuneration paid; 4.Authorisation to purchase and dispose of treasury shares and to perform acts on them, subject to the revocation of the authorisation resolution passed by the Ordinary Shareholders' Meeting on 28 April 2022; Extraordinary part - 1.Amendment to the Articles of Association (Articles no. 13 and 16); It should be noted that, in addition to the Chairman and the Chief Executive Officer, 4 Directors and 3 Standing Auditors attended the meeting. On that occasion, the Board of Directors endeavoured to ensure that the Shareholders were adequately informed of the elements necessary to take its decisions in full knowledge of the facts, making all the documentation on the items on the agenda available to the Shareholders in advance, in the manner and within the time limits set forth by the regulations in force.

In accordance with the provisions of Article 106 of Decree-Law No. 18/2020 converted by Law No. 27/2020 ("Decree") and amended by Decree-Law No. 198/2022 converted by Law No. 14 of 24 February 2023, and the exercise of voting rights by shareholders could only take place through the conferment of a specific proxy, containing voting instructions on all or some of the proposals on the agenda, to the Shareholders' Representative appointed by the

Company pursuant to Article 135-undecies of the Consolidated Law on Finance, in accordance with the procedures illustrated in the notice of call.

The foregoing is without prejudice to the right, in any case, for shareholders who do not intend to avail themselves of the described methods of intervention, to grant the Appointed Representative proxies and/or sub-delegations pursuant to Article 135-novies of the Consolidated Law on Finance, with related voting instructions.

In addition, in consideration of the described procedures for attending the Shareholders' Meeting and exercising voting rights, in order to make it possible for those concerned to exercise the right set forth in Art. 126-bis, paragraph 1, penultimate sentence, of the Consolidated Law on Finance (submission of individual resolution proposals to the Shareholders' Meeting), albeit with terms and procedures compatible with the health emergency situation as well as with the need for timely disclosure of such proposals, the Company has provided in favour of those entitled to attend the Shareholders' Meeting and exercise their vote the right to individually submit resolution proposals on items already on the agenda within the deadline of 6 April 2023, committing to the subsequent publication of the same on the website at least fifteen days prior to the date set for the Shareholders' Meeting, in order to allow those entitled to participate in the Shareholders' Meeting to express themselves consciously also on the basis of such new proposals, giving the Appointed Representative any relevant voting instructions.

14 FURTHER CORPORATE GOVERNANCE PRACTICES (pursuant to Article 123 bis(2)(a), second part, TUF)

In implementation of the Directive (EU) 2019/1937 doValue has recently issued a Group Policy that defines the guidelines for the implementation at all Legal Entities of an effective Whistleblowing reporting process that allows through an Internal Channel the reporting of acts or omissions that may constitute a breach of European and/or national law, while guaranteeing the confidentiality of the reporter, as well as the protection of the same against any retaliatory and/or discriminatory behaviour.

The Whistleblowing Policy is part of both an external and internal regulatory framework that has evolved over time to ensure its timely implementation and the gradual extension of its scope of application.

The Policy aims to ensure the doValue Group's compliance with the provisions of the aforementioned Directive (EU) 2019/1937, leaving each Legal Entity free to customise its internal procedures according to the national regulations implementing the Directive.

In this regard, following the enactment of "Legislative Decree No. 24 of 10/03/2023, (transposing EU Directive 1937/2019 on whistleblowing) which came into force on 15 July 2023, the current Procedure for the "Use and Management of the Reporting Channel for Violations" (the "Wistleblowing Procedure") approved by the Board of Directors on 13 July 2023 was updated.

At the same time, the computerised reporting channel accessible from the website at the following link https://segnalazioni.dovalue.it/SitePages/HomePage.aspx was also updated in order to reinforce the principles of confidentiality and protection of the reporter, as well as the segregation and other security measures required by the legislation.

The updated Wistleblowing Procedure - published on the Company's website at https://segnalazioni.dovalue.it/SitePages/HomePage.aspx - provides for the following active reporting channels:

Digital Channel through access to the platform on the institutional website www.dovalue.it.
Ordinary Mail
Electronic Mail
Face-to-face meeting

15 CHANGES SINCE THE END OF THE REPORTING PERIOD

As of January 2024, the Company again qualified as an SME because the market capitalisation for the year 2023 (calculated in accordance with Article 2-ter(1) of the Regulation on Issuers) was below the threshold provided for in Article 1(1)(w-quater(1) of the TUF.

16 REMARKS ON THE LETTER FROM THE CHAIRMAN OF THE CORPORATE GOVERNANCE COMMITTEE

During the Board meeting of 12 January 2024, the Chairman of the doValue Board of Directors delivered and illustrated to the Board members, also in their capacity as members of the Endoconsiliar Committees, as well as to the Board of Statutory Auditors, the letter - dated 14 December 2023 - containing the "Recommendations of the Corporate Governance Committee for 2024", addressed by the Chairman of the Corporate Governance Committee to the Chairmen of the Boards of Directors of all Italian listed companies.

The letter was also sent for information to the chairman of the auditing body for the appropriate evaluations and made available on the dedicated platform for board meetings, so that all councillors also as members of the Endoconsiliar Committees have the availability of the document for each consideration.

The letter accompanies, as usual, the analysis carried out by the Corporate Governance Committee on the application of the recommendations of the Corporate Governance Code by all Italian companies listed on the MTA segment, contained in the "REPORT 2023 on the evolution of corporate governance of listed companies" (available on the Borsa Italiana website).

Among the Committee's 'Recommendations for 2024', aimed at 'further encouraging the companies adhering to the Code to strengthen their practices in order to ensure an ever greater effectiveness of self-regulation and to respond to the changing expectations of the market and society as a whole', are those to be provided in the Corporate Governance Report:

Information on the involvement of the board of directors in the review and approval of the business plan and the analysis of issues relevant to long-term value generation;
Adequate justification in the event of an exception to the timeliness of the pre-council disclosure for reasons of confidentiality, possibly provided for in the board's regulations and/or adopted in practice indicate how the timing of the publication of the guidance was deemed appropriate to allow for adequate consideration by those submitting lists of candidates.
adequate justification in the corporate governance report for the failure to express, on the occasion of the renewal of the board of directors, the orientation on its quantitative or qualitative composition and/or the failure to request, from those submitting a 'long' list, to provide adequate information on whether the list corresponds to the orientation expressed.
As a result of the assessments carried out by the internal structures, as represented to the Board of Directors, it appears that the Company is already in "compliance" with the Committee's wishes; with regard to the

recommendations to provide detailed information in the Corporate Governance Report in the event of a waiver of the timeliness of the pre-consultation disclosure and on the assessment of the appropriateness of the publication of the Guideline, the Company has implemented a series of initiatives to achieve a substantial alignment process.

Report on Corporate Governance and Ownership Structure - Financial Year 2023 Courtesy translation

TABLES

TABLE 1: INFORMATION ON OWNERSHIP STRUCTURE AS AT 31/12/2023

SOCIAL CAPITAL STRUCTURE
	No. of shares	No. of voting rights	Listed (indicate markets) / unlisted	Rights and obligations
Ordinary shares
(stating whether the possibility of an increase in voting rights is envisaged)	80.000.000	100	100
Preference shares
Multiple-voting shares	//	//	//	//
Other categories of shares with voting rights
Savings shares	//	//	//	//
Convertible savings shares
Other non-voting share classes	//	//	//	//
More

OTHER FINANCIAL INSTRUMENTS (granting the right to subscribe for newly issued shares)
Listed No. of shares for (indicate No. of Category of shares serving conversion/year markets) / instruments the conversion/exercise unlisted in circulation
Convertible bonds	//	//	//	//
Warrant	//	//	//	//

SIGNIFICANT SHAREHOLDINGS IN THE CAPITAL
Declarant	Direct shareholder	Share of ordinary capital	Share % of voting capital
SoftBank Group	Avio S.à r.l. - Luxemburg	25,05	28,81
Corporation	Other investors traceable to Softbank Group Corp.	3,22
Bain Capital Credit Member, LLC	Sankaty European Investments S.à r.l.	13,58	13,84
	Jupiter Asset Management Ltd	6,55	6,67
Schroders Plc	Schroder Investment Management Limited	4,90	5,00
	Global Alpha Capital Management Ltd.	4,83	4,92
	More	40,01	40,79
	Own shares doValue	1,87	--

ard of Di Bo tor rec s
Ch arg e	Co ent mp on s	of Ye ar bir th	of firs Da te t int ap po me ( *) nt	ffic In o e sin ce	ffic In o e il unt	(p ) List ent res ers ( **)	M/ List ( m) ( *** )	Exe c.	No n- exe c.	Ind ep . Co de	Ind ep . TU F	No oth er ign ass me nts ( ** )	Par tici tio pa n ( * )
side Pre nt	tell Cas ta Gio ane ni van	194 2	30/ 10/ 201 5	29/ 04/ 202 1	f bal al o App rov e sh eet as at 3 anc 1.1 2.2 023	SHA REH OLD ERS	m	NO	SI	SI	SI	2	23/2 3
Adm inis trat or Del te ega	nks la Fra Ma nue	197 6	29/ 04/ 202 3	04/ 297 202 3	Nex t Sha reh old ' ers Me etin g	CDA	//	SI	NO	NO	NO	1	35 12/1
Adm inis trat or	nti Fra Col asa nce sco	197 5	30/ 10/ 201 5	29/ 04/ 202 1	f bal App al o rov e sh eet as at 3 anc 1.1 2.2 023	SHA REH OLD ERS	m	NO	SI	NO	NO	---	36 22/2
Adm inis trat or	Dag nin o G iova nni Bat tist a	196 6	19/ 04/ 201 8	29/ 04/ 202 1	f bal al o App rov e sh eet as at 3 anc 1.1 2.2 023	SHA REH OLD ERS	M	NO	SI	SI	SI	---	23/2 3
Adm inis trat or	nel hne Fen Ma Cris tina	196 5	04/ 08/ 202 1	04/ 08/ 202 1	f bal al o App rov e sh eet as at 3 anc 1.1 2.2 023	-----	//	NO	SI	SI	SI	2	37 21/2
Adm inis trat or	Gug lielm ino Nun zio	194 6	30/ 10/ 201 5	29/ 04/ 202 1	f bal al o App rov e sh eet as at 3 anc 1.1 2.2 023	SHA REH OLD ERS	m	NO	SI	SI	SI	---	38 22/2
Adm inis trat or	Lies kov ska Ele na	197 1	15/ 06/ 202 3	15/ 06/ 202 3	Nex t Sha reh old ' ers Me etin g	CDA	//	NO	SI	NO	SI	---	11/1 1
Adm inis trat or	Ner i Ro ber ta	196 4	29/ 04/ 202 1	29/ 04/ 202 1	al o f App rov bal e sh eet anc as at 3 1.1 2.2 023	SHA REH OLD ERS	m	NO	SI	NO	NO	---	39 22/2
Adm inis trat or	Ran ieri Giu sep pe	197 4	15/ 07/ 201 6	29/ 04/ 202 1	al o f App rov bal e sh eet anc as at 3 2.2 023 1.1	SHA REH OLD ERS	m	NO	SI	NO	NO	---	310 20/2

TABLE 2: STRUCTURE OF THE BOARD OF DIRECTORS AT THE END OF THE FINANCIAL YEAR

⁵ Absent on 3 August, (extra calendar date, urgently convened) - absence necessary due to conflict of interest.

⁶ Absent on 9 November (calendar date)

7 Absent on 23 March (calendar date) and 20 October (non-calendar date)

⁸ Absent on 17 March (extra calendar date, urgently convened)

⁹ Absent on 26 April (extra calendar date, urgently convened)

¹⁰ Absent on 13 March and 5 June (non-calendar dates) and 9 November (calendar date)

Adm inis trat or	Vill di Ma lla I a M are ria	197 7	25/ 01/ 201 9	29/ 04/ 202 1	f bal al o App rov e sh eet as at 3 anc 1.1 2.2 023	SHA REH OLD ERS	m	NO	SI	SI	SI	---	311 22/2
DI REC TO RS TE RM INA TE D D UR ING TH E F INA NC IAL YE AR ---- ---- ---- ---- ---- ---- ---- ---- --- ---- ---- ---- ---- ---- ---- ---- -
ing Dire Ma cto nag r	Ma ni A ndr ngo ea	196 3	02/ 03/ 201 6	29/ 04/ 202 1	App al o f rov bal e sh eet anc as at 3 1.1 2.2 023	SHA REH OLD ERS	m	SI	NO	NO	NO	1	9/10
Adm inis trat or	in Em Fro m R ela anu	196 7	19/ 04/ 201 8	29/ 04/ 202 1	f bal al o App rov e sh eet as at 3 anc 2.2 023 1.1	SHA REH OLD ERS	m	NO	SI	NO	NO	---	12/1 2

Indicate the number of meetings held during the Year: 23

The quorum required for the submission of lists by minorities for the election of one or more members (pursuant to Art. 147-ter of the Consolidated Law on Finance) is 2.5% as per the Articles of Association (Percentage as per Consob Executive Determination No. 91 of 31.01.2024 equal to 4.5%)

NOTES

The following symbols must be entered in the 'Load' column:

• This symbol indicates the director in charge of the internal control and risk management system.

(*) The date of first appointment of each director means the date on which the director was appointed to the Issuer's Board of Directors for the first time (ever).

(**) This column indicates whether the list from which each director was drawn was submitted by shareholders (indicating 'Shareholders') or by the Board of Directors (indicating 'Board of Directors').

(***) This column indicates whether the list from which each director was drawn is 'majority' (indicating 'M') or 'minority' (indicating 'm').

(****) This column shows the number of directorships or auditor appointments held by the person concerned in other listed or large companies. In the Corporate Governance Report, the offices are indicated in full.

(*****) This column shows the attendance of directors at board meetings

11 Absent on 30 November (extra calendar date)

Absences from the 12 meetings scheduled at the beginning of the year were 3

There were 6 absences from the 11 meetings NOT scheduled in the calendar established at the beginning of the year, 3 of which were urgently convened

Report on Corporate Governance and Ownership Structure - Financial Year 2023

TABLE 3: BOARD COMMITTEE STRUCTURE AT THE END OF THE FINANCIAL YEAR

ard of Bo Di tor rec s	Ris k, lat ed Re Par ty Sus tai nab ility	ctio and Tra nsa ns Co itte mm e	mi ion d No nat an Re ati Co itte mu ner on mm e
n/ itio Qu alif ica tio Pos n	Co ent mp on s	( *)	( **)	( *)	( **)
Ch f th d o f D air e B ire utiv cto ma n o oar rs - no n-e xec e - ind nde and de er T UF Co nt a epe s p	tel lan Cas Gi nni eta ova	----	----	8/ 8	M
Ma ing Di tor nag rec	nks ela Fra M anu	----	----	----	----
e d No utiv ire cto n-e xec r - non ind nde nt epe	Co las i Fr ant anc esc o	----	----	18/ 19	M
ind nde nd No utiv e D ire TU F a cto nt n-e xec r - epe as per Co de	Dag nin o G iov i Ba ttis ta ann	11/ 12	M	----	----
No utiv e D ire ind nde TU F a nd cto nt n-e xec r - epe as per Co de	nel ahn Fen M e C rist ina	12/ 12	P	----	----
ind nde nd No utiv e D ire TU F a cto nt n-e xec r - epe as per de Co	Gu liel min io o N g unz	----	----	19/ 19	P
ind nde of T No n-E utiv e D irec UF tor nt xec epe -	sko vsk len Lie a E a	----	----	7/ 8	M
ind nde and No utiv e D ire er T UF cto nt a n-e xec r - epe s p - de Co	Ne ri R obe rta	12/ 12	M	----	----
e d No utiv ire cto n-e xec r - non ind nde nt epe	Ran ier i G ius epp e	----	----	----	----
No utiv e D ire ind nde TU F a nd cto nt n-e xec r - epe as per Co de	Vil la M lla Idi Ma ria are	----	----	19/ 19	M

NOTES

(*) This column shows the participation of directors in committee meetings

(**) This column indicates the title of the director within the committee: 'P': chairman; 'M': member.

-------------------------------- DIRECTORS TERMINATED DURING THE FINANCIAL YEAR --------------------------------

Ma ing Di tor nag rec	Ma ni A ndr ngo ea	----		----	----
No utiv e d ire cto n-e xec r - non ind nde nt epe	la Fro m R in E ma nue	----	----	----	----

-------------------------------- MEMBERS WHO ARE NOT ADMINISTRATORS -------------------------------- -----.

104

Report on Corporate Governance and Ownership Structure - Financial Year 2023

Courtesy translation

TABLE 4: STRUCTURE OF THE BOARD OF AUDITORS AT THE END OF THE FINANCIAL YEAR

BO AR D O F A UD ITO RS
Ch arg e	Co ent mp on s	of bir th Ye ar	of firs Da te t int nt ap po me ( *)	ffic inc In o e s e	ffic nti l In o e u	M/ List ( m) ( **)	Ind de . Co ep	end Att t anc e a Co lleg ing eet e m s ( *** )	her No . ot ign nts ass me ( ** )
sid Pre ent	LO RIT O N ICO LA	196 1	30/ 10/ 201 5	29/ 04/ 202 1	val of bal Ap pro anc e she t 3 1.1 2.2 023 et a s a	m	SI	26/ 26	12
Act ing aud ito r	MO LO N C HIA RA	198 3	19/ 04/ 201 8	29/ 04/ 202 1	val of bal Ap pro anc e she t 3 1.1 2.2 023 et a s a	M	SI	26/ 26	9
Act ing aud ito r	BO NIF AC E F RA NC ESC O MA RIA NO	195 4	30/ 10/ 201 5	29/ 04/ 202 1	val of bal Ap pro anc e she t 3 1.1 2.2 023 et a s a	m	SI	25/ 26	23
Alt Au dit ate ern or	DE MA GIS TR IS M AU RIZ IO	195 8	29/ 04/ 202 1	29/ 04/ 202 1	val of bal Ap pro anc e she t 3 1.1 2.2 023 et a s a	m	SI	/ /	24
Alt Au dit ate ern or	ON SO NIA PER	197 0	19/ 04/ 201 8	29/ 04/ 202 1	val of bal Ap pro anc e she t 3 1.1 2.2 023 et a s a	M	SI	/ /	7
- A UD ITO RS WH O L EFT OF FIC E D UR ING TH E F INA NC IAL YE AR ---- ---- ---- ---- --- ---- ---- ---- --
NO NE

Number of meetings held during the financial year: 26

NOTES

(*) The date of first appointment of each Statutory Auditor means the date on which the Statutory Auditor was first appointed (ever) to the Issuer's Board of Statutory Auditors.

(**) This column indicates whether the list from which each auditor was drawn is 'majority' (indicating 'M') or 'minority' (indicating 'm'),

(***) This column shows the attendance of the statutory auditors at meetings of the board of auditors (indicate the number of meetings attended out of the total number of meetings attended; e.g. 6/8; 8/8 etc.).

(****) This column shows the number of directorships or auditor appointments held by the person concerned pursuant to Article 148-bis of the Consolidated Law on Finance and the related implementing provisions contained in the Consob Issuers' Regulations. The complete list of offices is published by Consob on its website pursuant to Article 144-quinquiesdecies of the Consob Issuers' Regulations.

106

Report on Corporate Governance and Ownership Structure - Financial Year 2023

Courtesy translation

AI Terminal

Dovalue

4145_cgr_2024-03-29_d1a1eb89-f7d8-41c1-bda9-1f364be67727.pdf

INDEX

GLOSSARY

Registration: 156425101000

1. ISSUER PROFILE

2 INFORMATION ON OWNERSHIP (pursuant to Article 123-bis, paragraph 1, TUF) AS OF 31 DECEMBER 2023

a) Share capital structure (pursuant to Article 123-bis(1)(a) TUF)

(c) Significant shareholdings in the capital (pursuant to Article 123-bis(1)(c) TUF)

(d) Securities carrying special rights (pursuant to Article 123 bis (1)(d) TUF)

e) Employee shareholding: mechanism for exercising voting rights (pursuant to Art. 123 bis (1)(e) TUF)

f) Voting restrictions (pursuant to Art. 123 bis (1)(f) TUF)

g) Shareholder agreements known to doValue pursuant to Article 122 TUF (formerly Article 123-bis(1)(g) TUF)

h) Change of control clauses (pursuant to Article 123-bis, paragraph 1(h) of the Consolidated Law on Finance) and statutory provisions on takeover bids (pursuant to Article 104, paragraph 1-ter of the Consolidated Law on Finance) )

i) Proxies to increase the share capital and authorisations to purchase treasury shares (pursuant to Art. 123-bis(1)(m) TUF )

l) Management and coordination activities (pursuant to Article 2497 et seq. of the Civil Code)

3 COMPLIANCE (pursuant to Article 123-bis(2)(a) first part, TUF)

4 BOARD OF DIRECTORS

4.0 ROLE OF THE BOARD OF DIRECTORS

4.1 APPOINTMENT AND REPLACEMENT (pursuant to Article 123-bis(1)(l), first part, TUF)

4.2 COMPOSITION (pursuant to Article 123-bis(2)(d) and (d-bis), TUF)

Diversity criteria and policies in Board composition and organisation

Maximum number of offices held in other companies

4.3 OPERATION OF THE BOARD OF DIRECTORS (pursuant to Article 123-bis(2)(d) TUF)

4.4 ROLE OF THE CHAIRMAN OF THE BOARD OF DIRECTORS

Secretary of the Council

4.5 EXECUTIVE DIRECTORS

Managing Director

Chairman of the Board of Directors

Information to the Council by the councillors/delegated bodies

Other executive directors

4.6 INDEPENDENT DIRECTORS AND LEAD INDEPENDENT DIRECTORS

Independent directors

Lead Independent Director

5 MANAGEMENT OF CORPORATE INFORMATION

Management of Privileged Information

Internal Dealing

6 INTERNAL BOARD COMMITTEES (pursuant to Article 123-bis, Section 2(d), TUF)

Additional committees

7 SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS - NOMINATION AND REMUNERATION COMMITTEE

SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS

8 DIRECTORS' REMUNERATION - NOMINATION AND REMUNERATION COMMITTEE

8.0 DIRECTORS' REMUNERATION

8.1. NOMINATION AND REMUNERATION COMMITTEE

Composition and functioning of the committee (pursuant to Art. 123-bis(2)(d) TUF)

Committee functions

On the composition and appointment of its members:

On remuneration and incentive systems

9 INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - CONTROL AND RISK COMMITTEE

Board of Directors and Risk, Related Party Transactions and Sustainability Committee

Board of Auditors

Corporate Control Functions

Internal Controls Department

Internal Audit Function

Anti-Money Laundering Function

Function Compliance & Global DPO / Compliance & DPO

Other Corporate Functions with Control Tasks

O.U. Enterprise Risk Management

9.0 CHIEF EXECUTIVE OFFICER

9.1 CONTROL AND RISK COMMITTEE

Composition and functioning of the control and risk committee (pursuant to Article 123-bis(2)(d) TUF)

Functions assigned to the Audit and Risk Committee

A) RISKS AND THE SYSTEM OF INTERNAL CONTROLS

C) TRANSACTIONS WITH RELATED PARTIES

9.2 HEAD OF THE INTERNAL AUDIT FUNCTION

9.2 HEAD OF THE INTERNAL AUDIT FUNCTION

9.3 ORGANISATIONAL MODEL pursuant to Legislative Decree 231/2001

Predicate offences under Legislative Decree 231/2001

9.4 AUDITING COMPANIES

9.5 MANAGER IN CHARGE OF PREPARING CORPORATE ACCOUNTING DOCUMENTS AND OTHER CORPORATE ROLES AND FUNCTIONS

9.6COORDINATION BETWEEN THE PARTIES INVOLVED IN THE INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM

10 DIRECTORS' INTERESTS AND RELATED PARTY TRANSACTIONS

11 BOARD OF AUDITORS

11.1 APPOINTMENT AND REPLACEMENT

11.2 COMPOSITION AND OPERATION (pursuant to Article 123-bis, paragraph 2, letters d) and dbis), TUF)

Diversity criteria and policies

Independence

Remuneration

Interest Management