Stop parsing PDFs. Get the API. Request Access

AI Terminal

MODULE: AI_ANALYST
Interactive Q&A, Risk Assessment, Summarization
MODULE: DATA_EXTRACT
Excel Export, XBRL Parsing, Table Digitization
MODULE: PEER_COMP
Sector Benchmarking, Sentiment Analysis
SYSTEM ACCESS LOCKED
Authenticate / Register Log In

FinecoBank

Governance Information Mar 20, 2018

4321_cgr_2018-03-20_54dad16e-7f78-42da-ab02-aa646b9adbbc.pdf

Governance Information

Open in Viewer

Opens in native device viewer

R EPO R T

ON THE CORPORATE GOVERNANCE AND OWNERSHIP STRUCTURES

pursuant to Article 123-bis of the Legislative Decree no. 58 of February 24, 1998 (traditional management and control model)

Name of Issuer: "FinecoBank S.p.A."

Website: finecobank.com

Financial year of reference of the Report: January 1, 2017 / December 31, 2017

Date of approval of the Report: March 1, 2018

This is an English translation of the original Italian document. The original version in Italian takes precedence.

Contents

GLOSSARY
INTRODUCTION
1. PROFILE OF THE ISSUER
1.1. CORPORATE GOVERNANCE MODEL
1.1.1 Shareholders' Meeting
1.1.2 Board of Directors
1.1.3 Board committees
1.1.4 Board of Statutory Auditors
1.1.5 External Auditors
2. INFORMATION ON OWNERSHIP STRUCTURES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1 OF THE TUF)11
$\mathbf{A}$ STRUCTURE OF SHARE CAPITAL (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER A) OF THE TUF)
B)
OF THE TUF)		 RESTRICTIONS ON THE TRANSFER OF SECURITIES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER B)
C) SIGNIFICANT HOLDINGS IN CAPITAL (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER C OF THE TUF) 12
D)
THE TUF)		 SECURITIES CONFERRING SPECIAL RIGHTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER D) OF
E) EMPLOYEE SHAREHOLDINGS: MECHANISM TO EXERCISE VOTING RIGHTS (PURSUANT TO ARTICLE 123-BIS,
PARAGRAPH 1, LETTER E) OF THE TUF)
B) RESTRICTIONS ON VOTING RIGHTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER F) OF THE TUF).
G) SHAREHOLDER AGREEMENTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER G) OF THE TUF) 14
H) CHANGE OF CONTROL CLAUSES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER H) OF THE TUF AND
STATUTORY PROVISIONS ON TAKEOVER BIDS (PURSUANT TO ARTICLES 104, PARAGRAPH 1-TER, AND 104-BIS,

PARAGRAPH 1 )
$\bf{I}$ DELEGATED POWERS TO INCREASE SHARE CAPITAL AND AUTHORISATION TO PURCHASE TREASURY SHARES
(PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER M) OF THE TUF)
L) MANAGEMENT AND COORDINATION (PURSUANT TO ARTICLE 2497 AND SUBSEQUENT OF THE CIVIL CODE)
3. COMPLIANCE (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER A) OF THE TUF) 16
4. BOARD OF DIRECTORS
4.1 APPOINTMENT AND REPLACEMENT (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER L), OF THE TUF)
4.2 COMPOSITION (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER D) OF THE TUF) 19
4.2.1. Maximum number of board mandates in other companies
4.2.2. Induction and ongoing training
4.3 ROLE OF THE BOARD OF DIRECTORS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER D) OF THE
TUF)
4.3.1 Duties
4.3.2 Meetings and functioning
4.3.3 Self-assessment
4.3.4 Competing activities
4.4 EXECUTIVE BODIES AND OFFICERS
4.4.1 Managing Director and General Manager
4.4.2 Chairman of the Board of Directors
4.4.3 Reporting to the Board of Directors
4.5 OTHER EXECUTIVE DIRECTORS
4.6 INDEPENDENT DIRECTORS
4.7 LEAD INDEPENDENT DIRECTOR
5. PROCESSING OF COMPANY INFORMATION
6. BOARD COMMITTEES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER D) OF THE TUF)40
6.1 RISKS AND RELATED PARTIES COMMITTEE 41
6.1.1. Composition 41
6.1.2. Functioning 42
6.1.3 Duties and Responsibilities 43
6.1.4 Activities performed 46
7. REMUNERATION COMMITTEE 47
8. APPOINTMENTS AND SUSTAINABILITY COMMITTEE 49
8.1. Composition 49
8.1. Functioning 50
8.2. Duties and Responsibilities 51
8.3. Activities performed 52
9. REMUNERATION OF DIRECTORS 53
10. CONTROL AND RISKS COMMITTEE54
11. INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM55
11.1 DIRECTOR IN CHARGE OF THE INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM 63
11.2 HEAD OF THE INTERNAL AUDIT FUNCTION 65
11.3 COMPLIANCE PROGRAMME PURSUANT TO LEGISLATIVE DECREE NO. 231 OF 8 JUNE 2001 67
12. DIRECTORS' INTERESTS AND RELATED-PARTY TRANSACTIONS73
13. APPOINTMENT OF STATUTORY AUDITORS 75
14. COMPOSITION AND FUNCTIONING OF THE BOARD OF STATUTORY AUDITORS77
15. RELATIONS WITH SHAREHOLDERS 82
16. SHAREHOLDERS MEETINGS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER C) OF THE TUF)84
17. ADDITIONAL CORPORATE GOVERNANCE PRACTICES 87
18. CHANGES AFTER THE END OF THE 'YEAR 88
19. CONSIDERATIONS ON THE LETTER OF 13 DECEMBER 2017 OF THE CHAIRMAN OF THE CORPORATE
GOVERNANCE COMMITTEE89

GLOSSARY

Appointments and
Sustainability Committee:		 Board committee established in compliance with articles 4 and 5 of the Corporate
Governance Code.
Bank of Italy Circular: Bank of Italy Circular no. 263 of 27 December 2006 (with New regulations for the
prudential supervision of banks) as amended.
Board / Board of Directors: the Board of Directors of the Issuer.
Board of Statutory Auditors: the Board of Statutory Auditors of the Issuer.
By-laws: the By-laws of the Company in force at the date of approval of this Report (available
on the Company's website).
Borsa Italiana: Borsa Italiana S.p.A.
Civil Code: the Italian Civil Code approved by Royal Decree no. 262 of 16 March 1942 as
amended.
Code / Corporate Governance
Code:		 the Corporate Governance Code of listed companies approved in July 2015 by the
Corporate Governance Committee and endorsed by Borsa Italiana, ABI, Ania,
Assogestioni, Assonime and Confindustria.
Consob: Commissione Nazionale per le Società e la Borsa (public authority regulating Italian
financial markets) with headquarters in Rome, Via G.B. Martini n. 3.
Directive CRD IV Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013
on access to the activity of credit institutions and the prudential supervision of credit
institutions and investment firms.
External auditors: Deloitte & Touche S.p.A., with registered office in Via Tortona 25, Milan, VAT no.
03049560166, tax code and Milan Companies Register no. 03049560166, Economic
and Administrative Index (R.E.A.) no. 1720239, a registered auditor, appointed to
independently audit the accounts of the Issuer.
Group or UniCredit Group: UniCredit and its subsidiaries pursuant to article 2359 of the Civil Code and article 93
of the TUF.
Instructions on Stock
Exchange Regulations:		 instructions on Regulations for Markets organised and managed by Borsa Italiana, in
force at the date of approval of this Report.
Issuer or FinecoBank or
Bank or Company:		 FinecoBank S.p.A., an issuer of securities to whom the Report refers, a company of
the UniCredit Banking Group, a registered Banking Group no. 02008, with registered
office in Piazza Durante 11, Milan, Headquarters in Via Rivoluzione d'Ottobre 16,
Reggio Emilia, VAT no. 12962340159, Tax code and Milan Companies Register no.
01392970404, Economic and Administrative Index (REA) no. 1598155, member of
the National Guarantee Fund and the Interbank Fund for the Protection of Deposits.
Issuer Regulations: the Regulations issued by Consob with resolution no. 11971 of 14 May 1999 (as
amended), on issuers.
Market Regulations: the Regulations issued by Consob with resolution no. 20249 of 28 December 2017, on
markets.
MTA: the main Stock Exchange organised and managed by Borsa Italiana, where
FinecoBank shares are also traded.
Regulations of company
bodies:		 the Regulations approved by the Board of Directors (last version May 2017)
governing the functioning and responsibilities of the Board of Directors and Board of
Statutory Auditors of the Company and related information flows, in compliance with
laws, regulations and the By-laws, as well as the principles in Guidelines issued by
UniCredit, in carrying out management and coordination as the parent company of the
UniCredit Group Banking Group. This document is available on the Issuer's website
www.finecobank.com ("Governance/Company Positions" Section).
Related-Party Regulations: the Regulations issued by Consob with resolution no. 17221 of 12 May 2010 (as
amended), on related-party transactions.
Remuneration Committee: Board committee established in compliance with articles 4 and 6 of the Corporate
Governance Code.
Report: this Report on corporate governance and ownership structures which companies are
required to prepare pursuant to article 123-bis of the TUF.
Risks and Related Parties
Committee:		 Board committee established in compliance with articles 4 and 7 of the Corporate
Governance Code.
Shareholders: owners of FinecoBank shares.
Shareholders' Meeting: Shareholders' Meeting of the Issuer.
Stock Exchange Regulations: the Regulations for Markets organised and managed by Borsa Italiana, approved by
the shareholders' meeting of Borsa Italiana, in force at the date of approval of this
Report.
Supervisory Regulations: the Supervisory regulations for banks as of Bank of Italy Circular no. 285 of 17
December 2013.
Supervisory Regulations on
Corporate Governance:		 the Supervisory regulations for banks on organisation and corporate governance as of
Bank of Italy Circular no. 285 of 17 December 2013, Part I, Title IV, Chapter 1.
TUB: Legislative Decree no. 385 of 1 September 1993 as amended (Consolidated Law on
Banking).
TUF: Legislative Decree no. 58 of 24 September 1998 as amended (Consolidated Law on
Finance).
UniCredit: UniCredit S.p.A., with registered office in Milan, Piazza Gae Aulenti no. 3, Tower A,
VAT no., tax code and Rome Companies Register of Milan-Monza-Brianza-Lodi no.
00348170101, a registered bank and Parent Company of the UniCredit Banking
Group, a registered Banking Group no. 02008.1, a member of the Italian Banking
Association code 02008, a member of the Interbank Fund for the Protection of
Deposits.
Year: the financial year this Report refers to.

INTRODUCTION

This Report has been prepared pursuant to article 123-bis of the TUF, in compliance with the "Format for corporate governance and ownership structure reports", VII edition, January 2018, as well as Supervisory Regulations on Corporate Governance. The information in this Report refers to the 2017 financial year, unless otherwise indicated.

The Report, approved by the Board of Directors of the Company on March 1, 2018, is published at the same time as the Management Report on the Issuer's website (Governance Section) and is also available on the website of the authorised storage system managed by Spafid Connect S.p.A. ().

The Report has been submitted to the External Auditors, for its findings and fairness opinion pursuant to article 123-bis, paragraph 4 of the TUF. The results of the work carried out by the External Auditors are contained in its report, prepared pursuant to article 14 of Legislative Decree no. 39 of 27 January 2010, and attached to the 2017 Financial Statements of the Company.

1. PROFILE OF THE ISSUER

FinecoBank is the UniCredit Group's direct multichannel bank. It has one of the largest advisory networks in Italy, and is the number one broker in Italy for equity trades in terms of volume of orders and number one broker in Europe for number of executed orders. FinecoBank offers an integrated business model combining direct banking and financial advice, with a single free-of-charge account including a full range of banking, credit, trading and investment services, which are also available through applications for smartphone and tablet ( 1 ).

FinecoBank is listed on the MTA (2 ).

1.1. Corporate governance model

The Company's corporate governance system is based on principles recognised by international best practices as fundamental for good governance: the central role of the Board of Directors, the correct management of conflicts of interest, an efficient internal control system and transparency in relations with the market, with particular reference to the disclosure of corporate management decisions.

FinecoBank is part of the UniCredit group and is managed and coordinated by the Parent Company UniCredit, pursuant to and for the purposes of articles 2497 and subsequent of the Civil Code.

FinecoBank's overall corporate governance structure has been defined in compliance with applicable laws and regulations, also considering recommendations in the Corporate Governance Code. The Company must also comply with Supervisory Regulations issued by the Bank of Italy and, in particular, as regards corporate governance, with Supervisory Regulations on Corporate Governance. Pursuant to these regulations, FinecoBank, as a listed bank and under the direct prudential supervision of the European Central Bank (ECB), qualifies as a bank of significant size or operational complexity and, therefore complies with the provisions applicable to these banks.

FinecoBank adopts a traditional administration and control system based on two bodies appointed by the Shareholders' Meeting: the Board of Directors, with strategic oversight and business management functions, and the Board of Statutory Auditors, with administration control functions. External auditors are appointed to audit the accounts, in compliance with applicable laws.

At the date of approval of this Report, the governance of FinecoBank also included the following Board Committees:

  • the Risks and Related Parties Committee;
  • the Remuneration Committee; and
  • the Appointments and Sustainability Committee.

FinecoBank's governance structure is illustrated in the diagram below:

( 1 ) Since the start of the Year, FinecoBank has extended its operations to the UK market, offering services and a single online platform of banking and brokerage services, thus without a network of financial advisors, unlike FinecoBank in Italy.

( 2 ) FinecoBank was admitted to trading on the MTA on July 2, 2014. Since April 1, 2016, FinecoBank has been included in the FTSE-Mib index.

1.1.1 Shareholders' Meeting

The Shareholders' Meeting is the body that represents the interest of all shareholders and through its decisions, the intentions of the Company.

The Shareholders' Meeting passes resolutions in ordinary and extraordinary session with the meeting and voting quorums envisaged by law and the By-laws, in view of specific matters to discuss.

The Ordinary Shareholders' Meeting approves, among others, the financial statements and resolves on profit distribution. It appoints the Directors, the Statutory Auditors and the external auditors, establishing their fees. It also resolves on remuneration and incentive policies and practices established by current regulations.

The Extraordinary Shareholders' Meeting resolves on amendments to the By-laws, capital increases and mergers and demergers.

Holders of voting rights and for whom the Company has received notice from the intermediary holding the relative account, within the deadlines established by applicable laws (record date, the seventh open trading day prior to the date convened for the Meeting) may participate in the Shareholders' Meeting.

For further information on the Shareholders' Meeting, see Section 16

1.1.2 Board of Directors

Pursuant to the By-laws, the Board of Directors is the body given all powers, within the framework of the company object, which are not expressly assigned to the Shareholders' Meeting according to law or the By-laws, and that exclusively oversees business management. For this purpose, the Board of Directors is given full powers for the ordinary and extraordinary management of the Company.

Members of the Board of Directors have the professional standing, integrity and independence required by the By-laws and by applicable laws and regulations.

As established in the By-laws, members of the Board of Directors are appointed by the Shareholders' Meeting for a three-year term of office, save for a shorter term established by the Shareholders' Meeting when making appointments, based on a list voting system, to guarantee an adequate number of board directors elected by the minority.

The Board of Directors elects a Chairman from its members and, where considered appropriate, one or two Deputy Chairmen, one of whom will act as a stand-in. The Chairman and Deputy Chairmen remain in office for the entire duration of the Board. The Board of Directors also appoints a Secretary, who is not necessarily a board member. The Board may establish committees or commissions with advisory, decision-making or coordination functions, in compliance with applicable laws and regulations.

The Board of Directors may also appoint a Managing Director, establishing the term of office and relative duties and powers, as well as a General Manager and one or more Deputy General Managers, who comprise Head Office. In compliance with the By-laws, the Board of Directors of the Company appointed Alessandro Foti as Managing Director and General Manager of the Bank.

For further information on the Board of Directors, see Section 4

1.1.3 Board committees

To promote an efficient information and consultation system in order for the Board of Directors to evaluate issues to the best of its ability, three board committees, with advisory, decisionmaking or coordination functions, are established at the date of approval of this Report, in compliance with Supervisory Regulations on Corporate Governance and the recommendations of the Corporate Governance Code; more specifically: (i) a Risks and Related Parties Committee; (ii) a Remuneration Committee; and (iii) an Appointments and Sustainability Committee.

For further information on the Risks and Related Parties Committee, the Remuneration Committee and Appointments and Sustainability Committee, see Sections 6.1, 7, 8 and 18

1.1.4 Board of Statutory Auditors

Pursuant to FinecoBank's By-laws, the Board of Statutory Auditors comprises three statutory and two stand-in auditors. Statutory Auditors are appointed by the Shareholders' Meeting based on a list voting system, to guarantee an auditor elected by the minority, as well as compliance

with provisions on gender balance.

Auditors remain in office for three years, they may be re-elected and their term ends on the date of the Shareholders' Meeting convened to approve the financial statements for the third year of their appointment. The Board of Statutory Auditors performs the functions assigned to it by law and other applicable regulations. For the entire period while the Company's shares are admitted to trading on a regulated Italian market, the Board of Statutory Auditors also exercises all powers and carries out all duties provided for by special laws; with particular reference to disclosure, Directors are required to report on a quarterly basis, pursuant to article 150 of the TUF, according to the procedures in article 15 of the By-laws. The Board of Statutory Auditors, acting as the "Internal control and audit committee", pursuant to Legislative Decree no. 39 of 27 January 2010 carries out all other activities provided for by this decree.

Members of the Board of Statutory Auditors are registered auditors and meet the requirements of professional standing, integrity and independence of applicable laws and statutory regulations.

For further information on the Board of Statutory Auditors, see Section 14

1.1.5 External Auditors

As established in the By-laws, the accounts are audited, pursuant to applicable legal provisions, by an entity that meets the requirements of applicable regulations.

The External Auditors represent the external control body auditing the accounts. In particular, the External Auditors are required, during the year, to verify the accounts of the company, and to give an opinion on the financial statements (including the consolidated financial statements), in a relative report.

For further information on the External Auditors, see Section 11.4

* * *

The duties and operating procedures of company bodies are governed by law, by the By-laws and by decisions taken by competent bodies.

For further information on each body and/or entity comprising the Company's governance system, see specific sections of this Report.

2. INFORMATION ON OWNERSHIP STRUCTURES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1 OF THE TUF)

a) Structure of Share Capital (pursuant to article 123-bis, paragraph 1, letter a) of the TUF)

As at 31 December 2017, the share capital, fully subscribed and paid up, was equal to €200,545,403.85 divided into 607,713,345 ordinary shares with a par value of €0.33 each.

The Board of Directors, partially exercising the authority granted to it pursuant to article 2443 of the Civil Code by the Extraordinary Shareholders' Meetings of 5 June 2014 and 23 April 2015, resolved on 6 February 2018 to increase the share capital, as follows:

  • (i) with effect from 6 February 2018, by a nominal amount of €163,182.69, corresponding to 494,493 ordinary shares with a par value of €0.33 each, to service Employee incentive plans ("2014-2017 Top Management Multi-year plan " – assignment of the 2nd tranche);
  • (ii) with effect from 30 March 2018, by a nominal amount of €37,105.20, corresponding to 112,440 ordinary shares with a par value of €0.33 each, to service Employee incentive plans ("2014 Group Incentive System" – 4th tranche of the plan and 2nd tranche share);
  • (iii) with effect from 30 March 2018, by a nominal amount of €27,758.61, corresponding to 84,117 ordinary shares with a par value of €0.33 each, to service Employee incentive plans ("2015 Group Incentive System" 3rd tranche of the plan and 1st tranche share).

Ordinary shares are registered and are admitted for trading on the MTA. No further categories of shares, equity-based instruments, convertible or exchangeable bonds were issued.

Shares are indivisible and joint ownership is governed by law.

Shares are not subject to any privileges or constraints; there are no shares reserved for issue under option and sales contracts.

Each ordinary share carries the right to one vote in ordinary and extraordinary Shareholders' Meetings. Ordinary shares have all administrative and equity rights and obligations in accordance with law.

For equity-based incentive plans, which involve free share capital increases approved by the Shareholders' Meeting, see the relative information documents drawn up pursuant to article 84 bis of the Issuer Regulations ( 3 ), as well as the Compensation Report drawn up pursuant to article 84-quater of the Issuer Regulations ( 4 ).

b) Restrictions on the transfer of securities (pursuant to article 123-bis, paragraph 1, letter b) of the TUF)

At the date of approval of this Report, there were no restrictions on the transfer of securities.

( 3 ) Information documents are available at the following address on FinecoBank's website: https://images.fineco.it/pub-fineco/pdf/corporate/assemblea/2018/en/Annex_2_2018_CompensationPolicy.pdf. See information on page 2 et seq.

( 4 ) The Compensation Report is available at the following address on FinecoBank's website: https://images.fineco.it/pub-fineco/pdf/corporate/assemblea/2018/en/2018_CompensationPolicy.pdf . Moreover, the information pursuant to article 84-quarter are reported in the Annex 1 to 2018 Compensation Policy, available at the following address on FinecoBank's website https://images.fineco.it/pubfineco/pdf/corporate/assemblea/2018/en/Annex\_1\_2018\_CompensationPolicy.pdf. See in particular the information reported on page 3 et seq. of the document.

c) Significant holdings in capital (pursuant to article 123-bis, paragraph 1, letter c of the TUF)

Based on entries in the Shareholders' Register and notices received pursuant to article 120 of the TUF, as well as other information available to the Company, direct or indirect significant holdings in share capital as at 31 December 2017 are presented below.

The table does not include entities that are exempt from the disclosure requirements of article 119-bis of the Issuer Regulations.

Declarer or
entity at the
top of the
ownership
chain		 Direct
shareholder		 No. of ordinary
shares		 % Share of
ordinary capital		 % Share of voting
capital
UniCredit
S.p.A.		 UniCredit
S.p.A.		 215,066,403 35.389% 35.389%
UniCredit Bank
AG		 219,550 0.036% 0.036%
Total 215,285,953 35.426% 35.426%
BlackRock
Inc. (*)		 Blackrock
Netherlands
B.V.
Management llc		 49,007 0.008% 0.008%
BlackRock
Advisors (UK)
Limited		 3,121,252 0.514% 0.514%
Blackrock
Advisors, LLC		 790,717 0.130% 0.130%
BlackRock
Asset
Management
Canada Limited		 34,459 0.006% 0.006%
BlackRock
Asset
Management
Deutschland
AG		 2,102,294 0.346% 0.346%
BlackRock
Asset
Management
North
Asia
Limited		 326 0.000% 0.000%
BlackRock
Financial
Management,
Inc.		 4,981 0.001% 0.001%
BlackRock
Fund Advisors		 1,955,847 0.322% 0.322%
BlackRock
Institutional
Trust Company		 691,579 0.114% 0.114%
BlackRock
International
Limited		 263,685 0.043% 0.043%
BlackRock
Investment
Management
(Australia)
Limited		 18,405 0.003% 0.003%
BlackRock
Investment
Management
(UK) Limited		 21,670,298 3.566% 3.566%
BlackRock
Investment
Management,
LLC		 7,062 0.001% 0.001%
BlackRock
Japan Co., Ltd		 85,196 0.014% 0.014%
Total 30,795,108 5.067% 5.067%
Wellington
Management
Group LLP (*)		 Wellington
Management
International
LTD		 2,503,099 0.412% 0.412%
Wellington
Management
Company LLP		 27,151,921 4.468% 4.468%
Total 29,655,020 4.880% 4.880%

(*) Type of possession: non-discretional asset management.

d) Securities conferring special rights (pursuant to article 123-bis, paragraph 1, letter d) of the TUF)

At the date of approval of this Report, FinecoBank had not issued any shares conferring special control rights, nor adopted By-law provisions allowing multiple or increased voting rights.

e) Employee shareholdings: mechanism to exercise voting rights (pursuant to article 123-bis, paragraph 1, letter e) of the TUF)

There is no employee share ownership scheme in which the voting right is exercised by representatives of the employees.

b) Restrictions on voting rights (pursuant to article 123-bis, paragraph 1, letter f) of the

TUF)

There are no restrictions on voting rights.

g) Shareholder agreements ( pursuant to article 123-bis, paragraph 1, letter g) of the TUF)

The Issuer is not aware of any shareholder agreements pursuant to article 122 of the TUF.

h) Change of control clauses (pursuant to article 123-bis, paragraph 1, letter h) of the TUF and statutory provisions on Takeover bids (pursuant to articles 104, paragraph 1-ter, and 104-bis, paragraph 1)

FinecoBank has not entered into any significant agreements that become effective, are modified or are terminated in the event of a change in control of the company which is party to the agreement (5 ).

* * *

The Bank's By-laws do not envisage any exceptions to the provisions on the passivity rule as of article 104, paragraphs 1 and 1-bis of the TUF, nor the application of the neutralisation provisions as of article 104-bis, paragraphs 2 and 3 of the TUF.

i) Delegated powers to increase share capital and authorisation to purchase treasury shares (pursuant to article 123-bis, paragraph 1, letter m) of the TUF)

The Board of Directors has been authorised by the Extraordinary Shareholders' Meeting to carry out free capital increases, to implement the incentive plans for Bank personnel classified as "identified staff". The Board of Directors was not assigned the power to issue equity-based financial instruments.

On 12 April 2016, the Shareholders' Meeting, at the proposal of the Board of Directors, authorised the purchase and disposal of 250,000 treasury shares in favour of FinecoBank network managers and financial advisors identified as key personnel.

On 11 April 2017, the Shareholders' Meeting, at the proposal of the Board of Directors, authorised the purchase and disposal of 346,000 treasury shares to service the 2017 incentive system for FinecoBank financial advisors identified as key personnel.

On 10 January 2018, the Board of Directors resolved to put to the Shareholders' Meeting convened to approve the 2017 Financial Statements, the proposal to authorise the purchase and disposal of 297,620 treasury shares to service the 2018 incentive system for FinecoBank financial advisors identified as key personnel.

As at 31 December 2017, the Company held 60,397 treasury shares equal to 0.01% of the share capital.

l) Management and coordination (pursuant to article 2497 and subsequent of the Civil Code)

UniCredit carries out management and coordination activities in conformity to and within the

( 5 ) In addition to the above, on 26 October 2017, a company under Irish law was established. It is a wholly-owned subsidiary of the Issuer and will manage CIUs, subject to all authorisations being issued by the relevant Supervisory Authorities. In this regard, the above company did not enter into any agreements considered significant pursuant to article 123-bis, paragraph 1, letter h) of the TUF.

limits of the TUB and Supervisory Regulations, based, among others, on the following: (i) proposing members of the board of directors and control bodies, and managerial positions, of Group companies, to the shareholders' meetings; (ii) disseminating best practices, methodologies, procedures and IT systems in order to standardise operating procedures within the Group; (iii) defining and implementing a managerial/functional system that defines mechanisms for managerial coordination at group level, assigning the managers of parent company functions specific responsibilities and powers vis-à-vis corresponding functions of subsidiaries, in order to ensure the overall consistency of the group's corporate governance system, through adequate coordination among bodies, structures and company functions of different entities comprising the Group; (iv) defining, disseminating and implementing Group regulations for activities which are significant in terms of legal compliance and/or risk management, concerning, for example: (a) the reporting of inside information; (b) the preparation of periodic financial information; (c) the drafting of the strategic budget; (d) management control and reporting management information; (e) the structure, composition and remuneration of the Board of Directors; (f) transactions with related parties and associated persons; (g) supplier selection; (h) personnel and personnel training.

* * *

The information required by article 123-bis, paragraph 1, letter i) of the TUF is contained in the Compensation Report published pursuant to article 123-ter ( 6 ) of the TUF.

* * *

The information required by article 123-bis, paragraph 1, letter l) of the TUF regarding the appointment and replacement of directors is given in the section of this Report on the Board of Directors (Section 4.1.).

( 6 ) The Compensation Report is available at the following address on FinecoBank's website: https://images.fineco.it/pub-fineco/pdf/corporate/assemblea/2018/en/2018_CompensationPolicy.pdf

3. COMPLIANCE (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER A) OF THE TUF)

FinecoBank adheres to the Corporate Governance Code, bringing its own conduct in line with the principles therein, where applicable.

The Code is available to the public on the website of the Corporate Governance Committee, at: http://www.borsaitaliana.it/comitato-corporate-governance/codice/2015clean.pdf.

For additional information on the corporate governance structure of FinecoBank, in addition to specific sections of this Report, see the Company's website, where the Report is published together with economic/financial information, data and documents of interest to shareholders.

* * *

The Issuer is not subject to provisions of law outside Italy that affect its corporate governance structure (7 ).

( 7 ) With reference to the company recently established under Irish law, a wholly-owned subsidiary of the Issuer (See note 5 above), the legal provisions this company is subject to (or will be subject to, following authorisation to manage CIUs from relevant Supervisory Authorities), do not or will not affect the Issuer's governance structure.

4. BOARD OF DIRECTORS

4.1 Appointment and replacement (pursuant to article 123-bis, paragraph 1, letter l), of the TUF)

In compliance with laws and regulations applicable to listed companies, article 13 of the Bylaws requires the Board of Directors to be appointed by the Shareholders' Meeting, based on lists of candidates submitted by Shareholders, with each list containing the names of candidates numbered progressively, according to the procedure described below.

Shareholders can submit a list for the appointment of Directors, provided that when they submit the list they hold, alone or together with others presenting shareholders, at least the minimum shareholding established by Consob pursuant to article 147-ter, paragraph 1, of the TUF and in compliance with relevant provisions in the Issuer Regulations. Ownership of the minimum shareholding required is calculated based on the shares registered for each shareholder on the day when the lists are filed at the Company; relative certification may be submitted after the lists have been filed, provided this is within the deadline for publication of the lists.

Each party entitled to vote (as well as (i) entitled persons belonging to the same group, intended as a party, which need not be a corporation, exercising control pursuant to article 2359 of the Civil Code and any subsidiary controlled by, or under the control of said party, or (ii) shareholders who are party to a shareholders' agreement as of article 122 of the TUF, or (iii) entitled persons who are otherwise associated with each other in a material relationship pursuant to current and applicable statutory or regulatory provisions) may submit individually or with others only one list, likewise each candidate may be included in only one list, or otherwise be considered ineligible.

Each list that has three or more candidates must include candidates from both genders, so as to ensure compliance with at least the minimum requirements of applicable laws and regulations on gender balance.

The lists shall be filed at the registered office or head office – also by remote communication and in accordance with procedures in the notice of call, so as to allow the identification of parties submitting the list – at least twenty-five days before the date of the Shareholders' Meeting to appoint members of the Board of Directors, in single call. The Company shall ensure that lists are made public on the Company's website and by other means established by applicable provisions, at least twenty-one days prior to the above Shareholders' Meeting, in one session or on first call.

The lists also contain attachments with any additional documents and declarations required by applicable laws and regulations, as well as:

  • information on the identity of parties submitting the lists, indicating the total percentage of shares held;
  • information on the personal and professional characteristics of the candidates in the list;
  • a statement whereby individual candidates irrevocably accept the position (subject to their appointment) and certify, under their responsibility, that there are no grounds for their ineligibility or incompatibility to stand as candidate, and that they meet the requirements of professional standing and integrity required by applicable laws and regulations;
  • a statement that the independence requirements in the By-laws have been met.

Lists that do not comply with the above requirements shall be considered as not submitted.

Each eligible voter may vote for one list only.

After the vote, candidates are elected from lists that have obtained the largest number of votes, with the following criteria:

  • (a) a number of directors equal to the number of directors to be elected minus one shall be taken from the list that obtained the majority of votes cast, in the consecutive order in which they appear on the list. The remaining director is taken - in consecutive order - from the list that obtained the most votes among minority lists;
  • (b) if the number of candidates in the majority list is not sufficient to ensure the appointment of all directors according to the mechanism specified in (a) above, all the candidates of the majority list shall be appointed and the remaining directors shall be taken from the list that obtained the most votes from among the minority lists, according to the consecutive order in which they appear on the list and, if necessary, from the next minority lists below the most voted minority list, in the consecutive order in which the candidates appear on the list, until the required number of directors has been appointed;
  • (c) if the number of candidates included in both the majority and minority submitted lists is below that of the Directors to be appointed, the remaining Directors shall be appointed by resolution of the shareholders' meeting passed by relative majority, making sure that the independence and gender balance principles of applicable laws and regulations are complied with. In the event of a tie between candidates, the shareholders' meeting holds a second round of voting;
  • (d) where only one, or no lists have been submitted, the Shareholders' Meeting shall resolve in accordance with the procedures specified in subparagraph (c) above;
  • (e) if the required number of independent Directors and/or of Directors of the less represented gender is not appointed, the Directors of the most voted list and appearing first on the list and not satisfying the requirements in question are replaced by the next directors from the same list satisfying the requirement(s). In the event that, following the application of this criterion, it is still not possible to identify Directors with the mentioned characteristics, the said replacement criterion shall be applied to the progressively most voted minority lists from which any appointed candidates have been drawn;
  • (f) in the event that, following the application of the replacement criterion set out in (e), it is still not possible to identify any suitable directors, the Shareholders' meeting shall resolve by relative majority. In this case, replacements shall be made starting from the most voted lists and from the candidates appearing first on the list.

In the event of death, resignation, withdrawal or removal from office for any other reason of a Director, or where a Director no longer meets the professional standing and integrity requirements, the Board of Directors can take steps to co-opt a Director, in compliance with the principles of minority representation and gender balance. If, in the above cases, the minimum number of independent Directors falls below the level required by laws and regulations in force at the time and/or the number of Directors belonging to the least represented gender falls below the level required by law, the Board of Directors shall replace them.

For the appointment of Directors needed to fill vacancies on the Board of Directors, the Shareholders' Meeting shall resolve by relative majority, ensuring that the principles of independence and gender balance established by current law and regulations are met.

The Board of Directors shall elect a Chairman from among its members and – where appropriate – one or more Deputy Chairmen, one of which will act as a stand-in.

In compliance with applicable sector laws and regulations, the Board of Directors defines the optimal number and type of directors to effectively carry out its duties and oversee its responsibilities assigned by law, by Supervisory Regulations on Corporate Governance and the By-laws. The Board also establishes requirements applicable to FinecoBank directors, in addition to requirements of applicable laws and regulations, and provides guidance on the maximum number of positions that directors may hold in other companies.

Before appointing directors, the Board informs shareholders of the optimal board composition, so that candidates may be selected considering the professional competencies required. Shareholders may in any case make their own evaluations of the optimal board composition, and submit candidate proposals, giving reasons for any differences from evaluations made by the Board.

Succession Plans

On 5 December 2017, the Board of Directors approved the succession plan for the Managing Director and General Manager and for the other key managers, in which the professional competencies and expertise required for possible candidates are established.

Only the Managing Director and General Manager has a specific term of office; other key managers are employees of the Bank. For the Managing Director and General Manager, the succession plan provides information to support the appointment of the successor also in the event of early replacement, subject to UniCredit being involved in the replacement process, in its capacity as the parent company. This succession plan is submitted annually for approval to the Board of Directors by the Human Resources department, after being approved by the Appointments Committee. The annual review consists of detailed analysis of the competencies and requirements necessary to hold individual positions. Tools used to identify the pool of possible candidates for succession plans include assessment and development processes for staff in Band 4 or higher (EDP – Executive Development Plan) and staff with high a potential.

4.2 Composition ( pursuant to article 123-bis, paragraph 2, letter d) of the TUF)

Pursuant to article 13 of the By-laws, the Company is managed by a Board of Directors comprising a minimum of five and a maximum of thirteen Directors, elected by the Shareholders' Meeting. The Shareholders' Meeting shall also determine the term of office, on the understanding that said term may not be less than one year or more than three years from acceptance of the position and shall expire on the date of the Shareholders' Meeting convened to approve the financial statements relative to the last year of office. Members of the Board of Directors may be re-elected.

According to the Corporate Bodies Regulations, the number of Board Directors shall be commensurate with the size and complexity of the Bank's organisational structure, and allow for the oversight of all company operations, as regards management and controls. Moreover, the Board shall comprise (i) various representatives of the shareholder base, (ii) the professional competencies necessary to foster internal dialogue and (iii) a sufficient number of independent directors pursuant to the Corporate Governance Code. The composition of the Board shall also

guarantee a gender balance.

To ensure its proper functioning, the Board of Directors has established requirements for FinecoBank's Directors, in addition to requirements of applicable laws and regulations, and the number of positions directors may hold in other companies, as shown in the document "Qualitative and quantitative composition of the Board of Directors of FinecoBank S.p.A." (approved by the Board of Directors on February 7, 2017), published on the Company's website, to which reference is made (hereinafter, the "2017 Qualitative/Quantitative Profile").

Save for limits on the number of positions directors may hold, directors may accept a position on the board when they consider they have sufficient time to diligently carry out their duties, also considering their own work and professional commitments, as well as the number of positions held in other companies (including non-Italian firms).

Moreover, all Directors shall meet the requirements for eligibility and professional standing of applicable laws and other provisions, including regulatory and industry provisions.

Pursuant to article 147-ter and 148 of the TUF and article 16 of the Market Regulations, as well as Supervisory Regulations on Corporate Governance, the majority of FinecoBank's Board members shall meet the independence requirements in article 3 of the Corporate Governance Code, as the Company is managed and coordinated by another Italian company with shares listed on regulated markets (i.e. UniCredit).

The Board shall assess whether the independence requirements have been met with regard to the prevalence of substance over form. This assessment shall be performed:

  • (i) following the appointment of a new Director who qualifies as independent; and
  • (ii) annually, for all Directors.

For this purpose, the Board of Directors, based on statements provided and any other information available, shall examine the Director's direct or indirect commercial, financial or professional relationships with the Company, assessing their significance both in absolute terms and with regard to the economic and financial position of the individual concerned. The Board of Statutory Auditors shall ascertain the correct application of the criteria and procedures adopted by the Board of Directors for the above-mentioned assessment. The results of the above assessments shall be disclosed to the market.

The Board of Directors in office at the date of this Report was appointed by the Shareholders' Meeting of 11 April 2017 and shall remain in office until the next Shareholders' Meeting convened to approve the Financial Statements as at 31 December 2019.

Accordingly, and in compliance with Supervisory Regulations on Corporate Governance, the appointment of Board members was proposed to the above Shareholders' Meeting in April 2017, after determining the number of members and their term of office. During the meeting, the Board of Directors also requested shareholders to consider the 2017 Quantitative/Qualitative Profile when submitting lists.

In compliance with applicable laws, the following lists of candidates for appointment to the Board of Directors were presented:

  • List no. 1, presented by UniCredit (owner of a total of 215,066,403 ordinary shares representing 35.39% of the share capital), with Enrico Cotta Ramusino, Alessandro Foti, Francesco Saita, Manuela D'Onofrio, Maria Chiara Malaguti, Gianmarco Montanari and Patrizia Albano;

  • List no. 2, presented by a number of asset management companies and institutional investors (owners of a total of 16,347,439 ordinary shares representing 2.6901% of the share capital), with Elena Biffi and Maurizio Santacroce.

The following documents were filed and published along with the two lists, according to established times and procedures:

  • (i) a statement from shareholders other than shareholders that hold, even jointly, a controlling or relative majority interest, certifying the absence of any connection and/or significant relations with the latter as provided for by article 147-ter, paragraph 3 of the TUF and article 144-quinquies of the Issuers Regulation, also having examined Consob recommendations in its Communication no. DEM/9017893 of 26 February 2009;
  • (ii) exhaustive information on the personal and professional characteristics of the candidates included in the list (curriculum vitae) and the list of administration, management and control positions they hold in other companies, which are relevant pursuant to law);
  • (iii) statements whereby individual candidates irrevocably accepted the position (subject to their appointment) and certified, under their responsibility, that there were no grounds for their ineligibility or incompatibility to stand as candidate, and that they met the requirements of applicable laws, regulatory provisions, the By-laws and Corporate Governance Code;
  • (iv) a statement from each candidate certifying that they met the independence requirements established by law, the By-laws and Corporate Governance Code;
  • (v) a statement from each candidate on their knowledge and expertise in the areas indicated in the 2017 Qualitative/Quantitative Profile.

The lists, together with the above documents, were filed on the Company's website ("Governance/Shareholders' Meetings" section).

After establishing the number of Board Directors as 9, the Shareholders' Meeting of 11 April 2017 appointed Directors for the 2017-2019 period as follows:

  • Enrico Cotta Ramusino, Alessandro Foti, Francesco Saita, Manuela D'Onofrio, Maria Chiara Malaguti, Gianmarco Montanari and Patrizia Albano from the list presented by UniCredit, which was voted by the majority of shareholders;
  • Elena Biffi and Maurizio Santacroce from the list presented by several asset management companies and institutional investors, which was voted by the minority of shareholders.

For the percentage of votes for the above lists in relation to voting capital, see the summary report on voting, available on the Company's website ("Governance/Shareholders' Meeting" section).

The qualitative and quantitative composition of the appointed Board complied with the optimal composition defined by the Board (as described in the Qualitative/Quantitative Profile), in terms of: (i) the number of board members, optimally set by the Board as 9, in order to foster dialogue and promote the decision-making process, and which is commensurate with the size and complexity of the Company's organisational structure, for an effective oversight of all company operations; (ii) meeting requirements of integrity, professional competencies (in particular all Board members have a good knowledge and expertise of two or more areas listed) and independence (the majority of Board members are independent directors pursuant to the Corporate Governance Code); (iii) gender balance (at least one third of members on the board must comprise the least represented gender, as established in article 147–ter, paragraph 1-ter of

the TUF); (iv) complying with the limit on positions (no Board Directors exceeds the limit) and time available (based on the nature and extent of additional positions held, as well as various professional and work commitments) (8 ). As regards the personal and professional profile of each Director, see the information published on FinecoBank's website (www.finecobank.com, "Governance" Section).

In this regard, the Company received a positive decision from the European Central Bank (ECB) on the suitability of board members, on 15 December 2017 for non-executive directors, and on 3 January 2018 for the Chairman and the Managing Director and General Manager.

The table below presents significant information on each Board member in office at the date of approval of this Report.

Position Members Born in Date of first
appointment
*		 In office
since		 In office until List
**		 Exec.
1
(
)		 Non
exec.		 Indep.
Code
2
(
)		 Inde
p.
TUF
3
(
)		 *
(
)		 Number
of other
positions
***
Chairman Enrico Cotta
Ramusino		 1959 13.12. 2001 11.04.2017 Approval of the
Financial
Statements as at
31.12.2019		 M X X 14/14
(100%)		 0
Deputy
Chairman		 Francesco
Saita		 1967 15.04.2014 11.04.2017 Approval of the
Financial
Statements as at
31.12.2019		 M X X X 14/14
(100%)		 0
Managing
Director
and General
Manager		 Alessandro
Foti		 1960 20.10.1999 11.04.2017 Approval of the
Financial
Statements as at
31.12.2019		 M X X X X 14/14
(100%)		 0
Director Patrizia
Albano		 1953 11.04.2017 11.04.2017 Approval of the
Financial
Statements as at
31.12.2019		 M X 9/10
(90%)		 0
Director Manuela
D'Onofrio		 1962 08.11.2016 11.04.2017 Approval of the
Financial
Statements as at
31.12.2019		 M X 14/14
(100%)		 0
Director Elena Biffi 1966 11.04.2017 11.04.2017 Approval of the
Financial
Statements as at
31.12.2019		 m X X X 10/10
(100%)		 0
Director Maria Chiara
Malaguti		 1964 11.04.2017 11.04.2017 Approval of the
Financial
Statements as at
31.12.2019		 M X X X 9/10
(90%)		 0
Director Gianmarco
Montanari		 1972 11.04.2017 11.04.2017 Approval of the
Financial
Statements as at
31.12.2019		 M X X X 10/10
(100%)		 1

( 8 ) See Paragraph 4.2.1. below.

Director Maurizio
Santacroce		 1971 11.04.2017 11.04.2017 Approval of the
Financial
Statements as at		 m X X X 10/10
(100%)		 0
31.12.2019
------------- Directors no longer in office during the Year -------------
Director Gianluigi
Bertolli		 1951 15.04.2014 15.04.2014 11.04.2017 -- X X X 4/4
(100%)		 --
Director Mariangela
Grosoli		 1960 12.04.2011 15.04.2014 11.04.2017 -- X X X 4/4
(100%)		 --
Director Pietro Angelo
Guindani		 1958 15.04.2014 15.04.2014 11.04.2017 -- X X X 4/4
(100%)		 --
Director Girolamo Ielo 1947 14.04.2008 15.04.2014 11.04.2017 -- X X X 4/4
(100%)		 --
Director Laura Stefania
Penna		 1965 17.04.2012 15.04.2014 11.04.2017 -- X 3/4
(80%)		 --

Quorum required to present lists during the last appointment: 1%

* The date of the first appointment of each Director means the date when the Director was appointed for the first time (ever) to the Board of Directors of the Company.

** This column indicates the list on which each director was presented ("M": member from the majority list; "m": member from the minority list).

*** Number of positions as Director or Statutory Auditor held in other companies listed on regulated markets, also abroad, in financial banking, insurance companies or companies of a considerable size (see Section 4.2.1 below, listing companies with reference to each Director).

( 1 ) Executive Director pursuant to the Corporate Governance Code.

( 2 ) Independent Director pursuant to article 3 of the Corporate Governance Code.

( 3 ) Independent Director pursuant to article 148, paragraph 3 of the TUF.

(*) Percentage attendance at Board meetings (no. of attendances/ no. of meetings held during the actual period of office of the person concerned during the Year).

Diversity policies

Save for applicable laws and regulations, the Board has adopted a specific policy with general guidelines on the structure, composition and remuneration of company bodies of associates and on procedures to appoint company officers, issued by UniCredit in its capacity as a steering, coordination and control body, in order to define principles, guidelines and rules to manage officers that shall be appointed in particular to the company boards of subsidiaries at a Group level.

In this regard, the process regulated by the policy establishes, among others, some guidelines on the structure of company bodies and requirements of relative members, in order to achieve a balance between internal and external (independent) members and gender, and a composition that can effectively oversee all company operations in terms of management and controls, also considering the dimensions and complexity of the organisational structure of the specific company. In this context, besides aspects concerning professional standing, integrity, independence and gender, the policy establishes, among others, general guidelines which establish a maximum age for board members as follows: (i) 75 years for the position of Chairman and Deputy Chairman; (ii) 65 years for the appointment of managing director and/or sole director.

With reference to FinecoBank, the principles and rules of this policy shall apply, considering national and EU laws and regulations on requirements for directors – and more in general the composition of the administrative body overall – and also indications in the 2017 Qualitative/Quantitative Profile, previously referred to.

Members of the Board of Directors in office are broken down below, by age and gender.

4.2.1. Maximum number of board mandates in other companies

Based on information from Directors, the Board annually identifies and indicates, in the report on corporate governance and ownership structures, the positions of director or auditor held by the Directors in other companies and, in general, compliance with qualitative and quantitative requirements concerning time (based on the nature and extent of the positions held, as well as other work and professional commitments). The Directors shall promptly notify the Company of positions held or from which they have resigned during their term of office, as well as of any changes that may affect their availability.

In this regard, when approving the 2017 Qualitative/Quantitative Profile, the Board of Directors established new guidelines on the maximum number of positions that may be held by Company directors ( 9 ), in line with provisions in the Directive CRD IV.

In particular, save for additional and/or different provisions that could arise from Ministerial Decrees implementing article 26 of the TUB (as amended by Legislative Decree no. 72 of 12 May 2015 implementing Directive CRD IV in Italian law), each Director may hold the following number of positions (in any type of company, apart from organisations that are chiefly non-commercial):

  • 1 executive position and 2 non-executive positions;
  • 4 non-executive positions;

the following are considered as a single position as director: (a) the position of executive or non-executive director in the same group; e (b) positions are executive or non-executive director held in companies in which the entity has a qualified participation (see article 91 of the Directive CRD IV).

The table shows the overall number of positions held by Directors in office at the date of approval of this Report. The limit on the total number of positions held by Directors, as required by the Board in its 2017 Qualitative/Quantitative Profile, in line with the Directive CRD IV, was considered complied in view of requirements applicable to positions held in the same group, positions held in organisations that are chiefly non-commercial (that are not relevant for the total number of positions), statements provided by directors and the principles outlined in the document "Guide to fit and proper assessments", published by the European Central Bank (ECB) on 15 May 2017.

Name Total number of
positions held by
Directors		 Number of relevant positions
held
Enrico Cotta Ramusino
Chairman		 3
non-executive
positions		 1 non-executive position (1
)
Francesco Saita
Deputy Chairman		 2
non-executive
positions		 2 non-executive positions
Alessandro Foti
Managing
Director
and
General
Manager		 1 executive position and
2
non-executive
positions		 1 executive position and 1 non
1
executive position (
)

( 9 ) In the Qualitative and Quantitative Profile approved in 2014, the Board had already set guidelines for the maximum number of positions that could be held by directors of the Company, in line with provisions in the Code of Corporate Governance and Supervisory Regulations on Corporate Governance.

Patrizia Albano
Director		 4
non-executive
positions		 2 non-executive positions (2 )
Elena Biffi
Director		 1 executive position and
3
non-executive
positions		 1 executive position and 2 non
1
executive positions (
)
Manuela D'Onofrio
Director		 1 executive position 1 executive position
Maria Chiara Malaguti
Director		 1 executive position 1 executive position
Gianmarco Montanari
Director		 5
non-executive
positions and 1 position
as general manager		 2 non-executive positions ( 3
)
Maurizio Santacroce
Director		 1 executive position and
2
non-executive
positions		 1 executive position and 2 non
executive positions

( 1 ) Considering the impact of positions held in organisations that are chiefly non-commercial, the total number of positions held complies with established limits.

( 2 ) Considering the impact of positions held in the same group, the total number of positions held complies with established limits.

( 3 ) Considering the impact of positions held in organisations that are chiefly non-commercial and the position of general manager, which is not relevant for calculation purposes, the total number of positions held complies with established limits.

* * *

In addition to the above, in compliance with article 36 of Law Decree no. 201 of 6 December 2011, ratified with amendments by Law no. 214 of 22 December 2011 establishing provisions on "personal crossholdings in the credit and financial markets t" it is forbidden for "those who hold offices in the management, control and supervisory bodies and the top officers of firms or groups of firms engaged in credit, insurance and financial markets, to accept or exercise similar positions in competing firms or groups of firms" (interlocking ban). Persons who hold incompatible offices must notify the option exercised within 90 days of the appointment. Otherwise, on expiry of this deadline, they shall be removed from both offices.

Directors shall annually renew the certificate stating they do not hold positions in the management, supervisory or control bodies of competing companies or groups of companies, in

order to enable the Board to carry out its annual assessment. This assessment was carried out on the appointment of Directors, with a positive outcome for the year.

Directors are also required to inform the Bank regarding positions held in other companies and entities. In accordance with provisions of the Corporate Governance Code, the summary table in Paragraph 4.2 above shows the number of positions held as director/auditor by board members of FinecoBank in other companies listed on regulated markets (including foreign markets), in financial, banking, insurance or large sized companies, and notified by them.

The table below lists, instead, these positions, without listing positions held by officers in organisations/associations that are chiefly non-commercial.

Name List of positions held by FinecoBank Directors
in other companies listed on regulated
markets (including foreign markets), in		 Companies
belonging to the
UniCredit Group
financial, banking, insurance or large sized
companies		 YES NO
Enrico Cotta Ramusino - -
Chairman
Francesco Saita - -
Deputy Chairman
Alessandro Foti - -
Managing Director and
General Manager
Patrizia Albano - -
Director
Elena Biffi - -
Director
Manuela D'Onofrio - -
Director
Maria Chiara Malaguti - -
Director
Gianmarco Montanari Non-executive director of GTT S.p.A. - x
Director
Maurizio Santacroce - -
Director

4.2.2. Induction and ongoing training

During the Year, at the request of the Chairman of the Board of Directors, five induction and training meetings were held on the following: "Revision of the Items on demand model"; "FinecoBank's compensation policy"; "Investment policy, capital and RAF"; "MIFID II";

"Receivables and the new version of IFRS 9".

In addition, as required by the Supervisory Regulations on Corporate Governance, during 2017 an off-site meeting was held on "Establishing an asset management company (FAM)".

In early financial year 2018, assisted by an external expert, the Company began to systematically plan an assessment of the expertise and training of company officers.

4.3 Role of the Board of Directors ( pursuant to article 123-bis, paragraph 2, letter d) of the TUF)

4.3.1 Duties

Pursuant to current regulations for companies with shares listed on regulated markets and in accordance with recommendations in the Corporate Governance Code, the Board of Directors plays a central role in the Company's governance system. As a body with strategic oversight, the Board of Directors approves the Bank's strategic guidelines and monitors their ongoing implementation.

Article 17 of the By-laws requires the Board of Directors to have the broadest powers for the management of the Company, except for powers reserved by applicable law, regulations and the By-laws to the Shareholders' Meeting.

In particular, in addition to duties and powers that cannot be delegated pursuant to law, the By-Laws or Corporate Bodies Regulations, the Board of Directors shall have exclusive responsibility for the following:

  • general guidelines, as well as the adoption and changes to the Company's industrial, strategic and financial plans, within the framework of directives from UniCredit;
  • the appointment and dismissal of the Managing Director and/or the General Manager and Deputy General Manager(s) and of the Financial Reporting Officer;
  • assessments on the general performance of company management ( 10);
  • alignment of the By-laws with legal provisions;
  • corporate mergers and demergers in cases envisaged in articles 2505, 2505-bis and 2506 ter of the Civil Code;
  • capital reduction in the event of Shareholder withdrawal;
  • guidelines, as well as provisions in the By-laws, adopted by Directors to represent the Company;
  • the establishment of committees or commissions with advisory, decision-making or coordination functions;
  • the risk management policies, as well as the evaluation of the functioning, efficiency and effectiveness of the internal control system and adequacy of the organisational,

( 10) Taking into account the information received from authorised bodies, and periodically comparing results achieved with those planned. In this regard, the assessment was conducted monthly during the Year.

administrative and accounting structure within the framework of directives issued by UniCredit;

  • the purchase and sale of investments, companies and/or business units, save for the provisions in article 2361, paragraph 2 of the Civil Code;
  • the purchase and sale of property;
  • the approval of and amendments to internal regulations;
  • the appointment and dismissal of the heads of the Internal Audit, Compliance and Risk Control functions, after consulting with the Board of Statutory Auditors;
  • the establishment and organisation, also for establishing powers of signature, in Italy and abroad, of secondary offices, branches, agencies and representation offices, however named, as well as their closing.

In accordance with the Supervisory Regulations on Corporate Governance, the Corporate Governance Code, the provisions of the By-laws and the Corporate Bodies Regulations, the Board of Directors, among others:

  • (a) defines the nature and the level of risk consistent with the Bank's strategic objectives, including in its assessment all risks that could be relevant for the sustainability of Bank operations in the medium to long term; approves the business model while being aware of the risks to which this model exposes the Bank; formalises policies for the management of risks to which the Bank may be exposed, as well as the risk objectives and tolerance thresholds;
  • (b) defines and approves the Bank's organisational and corporate governance structure, checking the correct adoption and promptly taking corrective measures in the case of any shortcomings or inadequacies; in particular, the Board of Directors is required in this framework to guarantee a clear separation of duties and functions, the prevention of conflicts of interest, the company structure and governance models/guidelines;
  • (c) approves the accounting and reporting systems;
  • (d) approves policies and processes for the assessment of company operations, and, in particular, financial instruments, ensuring ongoing adequacy; establishes the Bank's maximum exposure limits for financial instruments or products that are uncertain or difficult to measure;
  • (e) approves the process for the development and validation of internal risk measurement systems not intended for regulatory purposes, periodically assessing their correct use; also approves the adoption of internal risk measurement systems for assessing capital requirements, periodically checking their validity and adopting – annually, and after consulting with the Board of Statutory Auditors – a formal resolution regarding compliance with the use of such systems;
  • (f) defines the process for the approval of new products and services, the start of new activities and entry on new markets;
  • (g) approves the company policy on outsourcing company functions;
  • (h) in order to mitigate the Bank's operational and reputational risks and encourage the dissemination of a culture based on internal controls, the Board of Directors approves a code of ethics which must be complied with by all members of company bodies and

employees. The code defines the principles of conduct (e.g. rules of professional conduct and rules to follow in dealings with clients) on which company activities must be based;

  • (i) approves internal systems for reporting violations;
  • (j) as regards ICT, the Board of Directors approves: (i) the development strategies of the information system and reference model for system architecture; (ii) the IT security policy; (iii) guidelines on the recruitment of personnel with technical functions and the procurement of systems, software and services, including the use of external suppliers and promotes the development, sharing and updating of ICT knowledge; (iv) the organisational and methodological framework for IT risk analysis; (v) the IT risk appetite, regarding internal services and services provided to customers, in compliance with risk objectives and the reference framework to determine risk appetite defined at a company level; (vi) company documents required by law for management and supervision of the information system; the Board shall be informed at least once a year on the adequacy of services provided and the support given by these services to developments in company operations in relation to costs incurred and, promptly, in the event of serious problems for company operations due to information system incidents and malfunctions;
  • (k) as regards business continuity: (i) defines the objectives and business continuity strategies of the service, ensuring adequate human, technological and financial resources; (ii) approves the business continuity plan and subsequent amendments as a result of technological and organisational change, accepting residual risks not managed by the business continuity plan, and also promoting development, periodic monitoring and updating following significant innovations, or any deficiencies/gaps or risks that may occur; (iii) appoints the business continuity plan manager; (iv) approves the annual plan for testing business continuity measures and examines the test results documented in writing;
  • (l) defines the criteria for identifying the most significant transactions to be submitted for prior examination by the Risks and Related Parties Committee, and decides on transactions with related parties and associated persons pursuant to procedures adopted in this regard;
  • (m) determines the remuneration/incentive systems in favour of key personnel and the network of financial advisors, and check that these systems do not increase business risks and are consistent with long-term strategies;
  • (n) prepares and submits the compensation and incentives policy to the Shareholders' Meeting, on an annual basis, and is responsible for its proper implementation;
  • (o) approves processes concerning the provision of investment services and the periodic testing of their adequacy.

The Board also ensures that:

  • (i) the Bank's structure is consistent with activities carried out and with the business model adopted, avoiding the creation of complex structures which are not justified by operating aims;

  • (ii) the implementation of the relevant framework for determining the Risk Appetite Framework ("RAF") is consistent with approved risk objectives and tolerance thresholds (where identified); in this regard, the Board of Directors periodically assesses the suitability and effectiveness of the RAF and the compatibility between actual risk and risk objectives;

  • (iii) the strategic plan, RAF, Internal Capital Adequacy Assessment (ICAAP) process, the budget and internal control system are consistent, also in view of changing internal and external conditions in which the Bank operates;

  • (iv) the quantity and allocation of capital and liquidity held is consistent with the risk appetite, risk governance policies and risk management process;
  • (v) where the Bank operates in jurisdictions lacking transparency or through especially complex structures, the Board assesses the related operational risks, especially of a legal, reputational and financial nature, identifying oversight measures to mitigate these risks and ensure they are effectively monitored;
  • (vi) the Board approves, at least once a year, the plan of activities (including the audit plan) and reviews the annual reports prepared by the company control functions (Compliance, Internal Audit and Risk Management). In this context, the Board also approves the longterm audit plan.

The Board of Directors also ensures the adoption of directives issued by UniCredit in exercising the power attributed to the latter - by relevant laws and regulations – to give instructions to various Group entities.

Lastly, the Board is exclusively responsible for reporting to shareholders at Shareholders' Meetings.

4.3.2 Meetings and functioning

The Board of Directors held fourteen meetings during the Year, with an average duration of two hours and thirty-six minutes and each lasting more than two hours. For details of the percentage of attendance by each Director, see the table in Section 4.2 above.

Twelve meetings have been scheduled for 2018, of which four had already been held at the date of approval of this Report.

The Chairman is responsible for planning the Board's schedule with regard to the agenda, as proposed by the Managing Director and General Manager. The Chairman shall also ensure that enough time is dedicated to items on the agenda in order to have a constructive debate, encouraging Directors to actively contribute to meetings.

Article 16 of the By-laws requires the Company's Board of Directors to be convened, also using telecommunication facilities, at the registered office of the Company or elsewhere, provided the venue is in Italy by the Chairman (or his/her representative), usually at least once every three months, and however any time deemed necessary by the Chairman, or if requested in writing by the Managing Director and General Manager or by at least two Directors of the Board of Directors. A Board meeting may also be convened on the proposal of a Statutory Auditor.

The Board of Directors shall be validly composed even without a call notice, provided that all Directors and Standing Auditors are present.

Article 16 of the By-laws envisages the possibility for participants of Board meetings to attend remotely, through audio-visual communication systems (video conference or conference call) where the conditions are in place to identify the attendees, allow their real-time participation in discussing the topics examined and to receive, transmit and examine any documents not previously seen.

Pursuant to the Corporate Bodies Regulations, notice of meetings must be given to all Directors and Statutory Auditors within a reasonable period of time, except in urgent cases. The notice should include, except in cases where this is not possible due to confidentiality issues, the items on the agenda so that the attendees can come prepared to the meeting. The Corporate Bodies Regulations also require documentation in support of proposals and any necessary information to be given to Directors at least three business days prior to the meeting (with the exception of the financial documents, that must be given at least one business day before the meeting), so that the Directors can give an informed opinion on the issues being decided. In this regard and with reference to the Year, the above term was complied with.

The Chairman is responsible for planning the Board's schedule with regard to the agenda, as proposed by the Managing Director and General Manager. The Chairman shall also ensure that adequate information – both in terms of quality and quantity – on items on the agenda is provided to all Board members, so as to allow the Board to make informed decisions on the business to be discussed and approved; the Chairman shall also ensure that enough time is dedicated to items on the agenda in order to have a constructive debate, encouraging Directors to actively contribute to meetings.

The Chairman of the Board of Directors, also at the request of one or more Directors, may request the Managing Director and General Manager that senior managers of the issuer and of Group companies, as well as Heads of relevant company departments, attend board meetings, in order to provide appropriate additional information on items on the agenda. In this regard and with reference to the year, senior managers attended Board meetings.

Pursuant to article 15 of the By-laws, the General Manager, if appointed, may take part, without voting rights, in Board meetings. If a Managing Director has not been appointed, the General Manager shall take part in Board meetings with the power to make proposals.

Pursuant to article 16 of the By-laws, the Chairman may request Deputy General Managers and other managerial staff to take part in Board meetings.

Apart from Board meetings, the Directors attend "off-site" meetings, in order to further examine and discuss strategic issues.

The Independent Directors meet at least once a year in a closed session.

In these meetings, an Independent Director appointed at the first meeting of Independent Directors acts as Chair.

4.3.3 Self-assessment

The Board of Directors started the annual self-assessment on the functioning of the Board and its committees, as well as on their size and composition. The self-assessment is conducted in compliance with provisions of the Corporate Governance Code and Supervisory Regulations on Corporate Governance, with the assistance of an external expert, Spencer Stuart.

4.3.4 Competing activities

The Company has not authorised any exceptions to the non-competition clause pursuant to article 2390 of the Civil Code.

4.4 Executive bodies and officers

In accordance with FinecoBank's Corporate Bodies Regulations, powers are delegated so that the Board is not stripped of its fundamental rights and prerogatives.

The Board establishes the content of the delegated powers in a detailed, clear and precise manner, also indicating the limits in terms of quantity and amount, as well as the means of exercising the delegated powers; this also allows the Board to specifically check that delegated powers have been correctly complied with, as well the possibility to exercise its overriding executive and evocation right.

Executive bodies and officers report to the Board of Directors and Board of Statutory Auditors at least every three months, on operations carried out as part of their powers.

4.4.1 Managing Director and General Manager

Pursuant to article 15 of the By-laws, the Board of Directors may appoint a Managing Director, determining the term of office and the respective duties and powers, a General Manager and one or more Deputy General Managers, who make up Head Office, together with other employees assigned to this function.

The Managing Director or – where not appointed – the General Manager shall oversee the Head Office.

The Managing Director shall take up the powers and duties of the General Manager if the latter has not been appointed.

If a Managing Director and General Manager are appointed, both positions must be held by the same person.

The Managing Director, or where not appointed, the General Manager shall be responsible for implementing the resolutions passed by the Board of Directors, with the assistance of the Head Office.

If a Managing Director has not been appointed, the General Manager shall take part in the meetings of the Board of Directors with the power to make proposals and without voting rights.

The Managing Director and other Directors with particular responsibilities, as well as the General Manager, where no Managing Director has been appointed, report to the Board of Directors on their activities, according to the procedures and time limits established by the Board, in accordance with law.

The Managing Director, or where not appointed, the General Manager as requested by the Managing Director, is responsible for implementing the resolutions passed by the Board of Directors, with the assistance of General Management.

On April 11, 2017 the Board of Directors confirmed the appointment of Alessandro Foti as Managing Director and General Manager, assigning him powers in all sectors of Bank operations. More information on powers granted is given in the document "Delegated powers" available for public consultation at the Milan Companies' Register.

The Managing Director and General Manager is responsible for managing the company and does not fall within the interlocking directorate scenario envisaged by the Corporate Governance Code (Application Criterion 2.C.5.).

4.4.2 Chairman of the Board of Directors

Pursuant to article 14 of the By-laws, the Board of Directors shall elect a Chairman from its members and – where appropriate – one or two Deputy Chairmen, one of whom will act as a stand-in.

By resolution of 11 April 2017, the Board of Directors appointed Enrico Cotta Ramusino as Chairman of the Board of Directors.

In accordance with article 10 of the By-laws, the Chairman of the Board of Directors chairs the Shareholders' Meeting, as well as directing and moderating discussions, establishing the voting procedures and confirming the results, in compliance with provisions of applicable regulations and procedures for Shareholders' meetings.

The Chairman of the Board of Directors has not been granted any management powers and therefore does not have any executive role. He/she does not have a specific role in the development of business strategies, is not the entity mainly responsible for company management, nor has directly or indirectly, significant investments in the Company's capital share.

For additional information, see Part A, § 2.1. of the Corporate Bodies Regulations available on the Company's website www.finecobank.com ("Governance/Company positions" section)

4.4.3 Reporting to the Board of Directors

Corporate Bodies Regulations require information flows between and within company bodies as an essential condition for achieving objectives of efficient management and effective control of the company.

To ensure continual and comprehensive information flows between and within company bodies, the Board is called on to approve and oversee the maintenance and update of a structured information flow system over time, that regulates the circulation of information and ensures the correct flow in a timely and comprehensive manner, whilst respecting the responsibilities of various bodies with supervisory and control functions. The Board of Directors analytically identified these flows, their content and timing in, among others, the "Document on company bodies and functions with supervisory tasks", which it approved. As regards transactions with related parties and associates, see "Procedures for the management of transactions with persons in conflict of interest" ("RPT Procedures") and information flows therein ( 11).

The Corporate Bodies Regulations identify persons required to submit information flows to company bodies and describe the minimum content and timing of main participation flows. To implement necessary organisational controls for the proper management of information flows and provide the necessary information on other aspects (forms, tasks and duties and other content), not covered in the Corporate Bodies Regulations, specific organisational procedures are adopted that specifically describe the activities and controls related to the "Management of the Board of Directors", the "Management of inside information", in relation to the complexity

( 11) The RPT Procedures are available at the following address on FinecoBank's website: https://finecobank.com/en/public/corporate/governance/parti-correlate.

of the information processed, as well "Procedures for the management of transactions with persons in conflict of interest".

In accordance with Article 21 of the By-laws, decisions made by those with delegated powers must be disclosed to the Board according to the procedures and frequency (at least quarterly) established by the Board. In particular, executive bodies and officers shall report to the Board of Directors and the Board of Statutory Auditors, at least on a quarterly basis, on the general performance of the company, the business outlook, and transactions that have a significant effect on the results of operations and financial position – with particular regard to transactions that could potentially give rise to conflict of interest – carried out by the Company and its subsidiaries.

In this regard, delegated bodies reported to the Board of Directors and the Board of Statutory Auditors, on at least a quarterly basis, on activities performed as part of their delegated powers.

4.5 Other executive directors

At the date of approval of this Report, no other Directors have been granted management powers besides the Managing Director and General Manager.

4.6 Independent directors

At the date of approval of this Report, the Board of Directors had six independent Directors pursuant to article 3 of the Corporate Governance Code, as identified below.

Save for paragraph 4.2 above regarding the procedures and timing for checking the independence of directors, the Board of Directors: (i) pursuant to article 144-novies, paragraph 1-bis, of the Issuer Regulations and Application Criterion 3.C.4. of the Corporate Governance Code, assessed, at the first available opportunity after the appointment (i.e. in the meeting of 9 May 2017), that non-executive Directors met independence requirements and disclosed the results of its assessments in press release; (ii) assessed, before the approval of this Report, the continued independent status of the Directors. To enable the Board of Directors to assess the independence requirements of its members, each Director was asked to make a personal updated assessment of their independence status, taking into account the criteria in articles 147-ter, paragraphs 3 and 4, and 148 paragraphs 3 and 4 of the TUF and article 3 of the Corporate Governance Code, providing specific certification.

Subject to the opinion of the Appointments Committee (now the Appointments and Sustainability Committee) of 2 February 2018, the Board of Directors, in its meeting of 6 February 2018, verified the existence of the independence requirements for Directors, pursuant to article 148 of the TUF and article 3 of the Corporate Governance Code. In performing the above assessments, the Board of Directors applied (among others), all the criteria established by the Corporate Governance Code.

In this regard, and with particular reference to the independence requirements referred to in the Corporate Governance Code and By-laws, information on the direct or indirect relationships (loans, significant positions held, work as a paid employee and business/professional relations) of Board Directors with FinecoBank and the Parent Company were considered.

To verify the significance of the above relations, the Board of Directors decided to not only identify the financial parameters which if exceeded, "automatically" affect independence, but

also subjective and objective aspects, in overall terms. For this purpose the following criteria were identified: (i) the nature and characteristics of the relationship; (ii) the amounts of transactions in absolute and relative terms; (iii) the subjective profile of the relationship.

In particular, in evaluating the significance of the relationship, the Board considered the following information, where available:

  • (a) for loans, the amount in absolute terms of the loan granted, its impact in relation to system data and, where necessary, the financial status of the borrower;
  • (b) for professional/business relations, the characteristics of the transaction/relationship, the amounts involved and, where necessary, the financial status of the counter party.

In both cases, subjects involved (director or family member; FinecoBank or the Parent Company) were considered, and for relations with companies/entities, the type of "connection" with the director or family member (position held/controlling interest) was taken into account.

In view of the above, and as part of the verification process, the Board ascertained the independence requirements declared by Board Directors. In particular, with reference to Directors for whom information obtained indicated the existence of the above relations, the Board considered that the relations were not of an extent that could affect the independence requirements declared.

The results of the verification are as follows:

  • Independent directors pursuant to article 148 of the TUF and article 3 of the Corporate Governance Code: Francesco Saita, Patrizia Albano, Elena Biffi, Maria Chiara Malaguti, Gianmarco Montanari, Maurizio Santacroce;
  • Independent directors pursuant to article 148 of the TUF: Enrico Cotta Ramusino;
  • Non-independent directors pursuant to article 148 of the TUF and article 3 of the Corporate Governance Code: Alessandro Foti, Manuela D'Onofrio.

The Board of Statutory Auditors ascertained the correct application of the assessment criteria and procedures adopted by the Board of Directors for evaluating the independence of its members. In this regard, the results of checks carried out will be made known in the annual report to the shareholders' meeting, which will be published together with the Financial Statements as at 31 December 2017 in accordance with procedures and times established by law.

Meetings of the Independent Directors, as of Application Criterion 3.C.6 of the Corporate Governance Code, were held on 24 January and 5 December 2017. In particular, the Independent Directors met without the other Directors, to mainly discuss corporate governance issues (specifically the functioning of Boards and Committees).

4.7 Lead Independent Director

As the Code does not establish provisions for the appointment of this position, the Board of Directors has not appointed any independent Director as lead independent director ( 12).

( 12) Pursuant to Application Criterion 2.C.3. of the Corporate Governance Code, the Board of Director appoints an independent director as the lead independent director in the following cases: (i) if the chairman of the board of directors is the chief executive officer of the company; (ii) if the office of

5. PROCESSING OF COMPANY INFORMATION

In compliance with Stock Exchange Regulations and relative Instructions, as well as relevant provisions of the TUF and Issuer Regulations, which require Directors and Statutory Auditors to keep documents and information acquired in performing their duties confidential, the Corporate Bodies Regulations require the Board of Directors to define procedures for the internal management and disclosure of documents and information on the Company, also with reference to inside information.

In the meeting of 15 April 2014, the Board of Directors approved the procedure for the processing of inside information (hereinafter, the "Procedure for processing Inside Information").

The aim of the Procedure for processing Inside Information is to prevent the processing of Inside Information (as defined below) in a manner which is not prompt, is incomplete or inadequate and in any case may result in inconsistent disclosure.

In particular, the disclosure of Inside Information, as regulated by this Procedure, makes it possible to protect the market and investors, giving them adequate knowledge of matters concerning the Issuer, on the basis of which they may make investment decisions.

The Procedure for processing Inside Information also aims to prevent some persons or categories of persons from acquiring information which is not in the public domain in order to carry out speculative transactions on markets to the detriment of investors, that are not aware of this information.

The Procedure explains:

  • with reference to FinecoBank as the entity controlled by the listed issuer UniCredit, the process to assess inside information concerning UniCredit, as well as requirements for managing the List of Persons who have access to the inside information (the "UCI List");
  • with reference to FinecoBank as a listed issuer, the process to assess and disclose inside information concerning FinecoBank, as well as requirements for managing the List of Persons who have access to this information (the "Fineco List").

The Procedure regulates the management of company information (meaning all information and data concerning FinecoBank, UniCredit and/or other Group companies, which is not in the public domain, acquired by persons required to comply with the Procedure, in performing their duties), with particular reference to "Inside Information" as defined in article 181 of the TUF.

It establishes, firstly, the obligation for all persons that perform activities within the Group to keep company information acquired in performing their duties confidential and to use this information exclusively for carrying out their duties.

At present, the Procedure for processing Inside Information assigns:

  • (a) responsibility for assessing whether information is classified as inside information, also for the purpose of disclosure to the public,
  • as regards information relative to UniCredit, to the Planning, Finance and

chairman is held by the person that controls the issuer; (iii) if the issuer is part of the FTSE-Mib index when requested by the majority of independent directors.

Administration Department (hereinafter, the "UCI CFO"), assisted as necessary by the Group Investor Relation Department and the Legal & Compliance Department, for areas in their remit;

  • as regards information relative to the Company, to the Chief Financial Officer of FinecoBank (hereinafter, the "FinecoBank CFO") assisted, as required by heads of Investor Relations, Legal and Compliance, for areas in their remit. In any case, the FinecoBank CFO shall notify the UCI CFO of its assessments, to verify whether inside information relative to the Issuer may also have an impact on UniCredit.

In particular, the Procedure for processing Inside Information establishes that anyone who has inside information relative to UniCredit and/or FinecoBank and/or the Group shall promptly report the circumstance – as necessary – to the FinecoBank CFO and/or UCI CFO to allow for an assessment of the inside nature of the information disclosed and to take the necessary measures to correctly manage the information, including its prompt disclosure to the market, as applicable;

(b) appropriate, effective measures to ensure the confidentiality of information until it is disclosed to the public shall be adopted.

To this end, FinecoBank has established a "List of persons who have access to inside information" which is price sensitive, as regards the Company's shares, in compliance with applicable regulations. It has also established a process to add data to, update and maintain the List, identifying the Compliance Officer of the Company as the entity responsible for managing the FinecoBank List.

With reference to price sensitive information about UniCredit shares, the Issuer has assigned UniCredit to keep the UCI List, that shall add data to the list, notified as and when necessary by the Compliance Officer of the Issuer;

  • (c) the FinecoBank CFO shall be responsible for assessing disclosure to the public of information about the Company, and – in agreement with the UCI CFO – the opportunity to delay disclosure to the public of Inside Information, in cases specifically indicated by the Procedure for processing Inside Information;
  • (d) the FinecoBank CFO and Head of Investor Relations shall be responsible for preparing press releases in which Inside Information is disclosed, assisted by Company units involved and with the equivalent units at UniCredit (if UniCredit is also required to disclose the same information);
  • (e) the FinecoBank CFO shall be responsible for sending the prepared press release to the UCI CFO, so that he/she, if the Inside Information is also relevant for UniCredit shares, may submit it to the Board of Directors of the Parent Company for approval or, when relative to delegated transactions, to the Chairman, Managing Director, General Manager or one of the Deputy General Managers, for areas in their responsibility;
  • (f) the press release shall be disclosed, subject to approval from the Managing Director of the Issuer, via the "eMarket-SDIR" system, to Borsa Italiana and Consob.

As established by the procedure, if the press release concerns particularly significant events, the Head of Media Relations and Executive Communications, assisted by the Legal & Compliance Unit, informs Consob and Borsa Italiana before sending the press release.

Press releases are published on the Company's website before the opening of the market on the day after disclosure and are available on the site for at least five years from publication.

*******

In compliance with provisions set forth in article 114, paragraph 7 of the TUF and article 152 quinquies.1 and subsequent of the Issuer Regulations, and in order to reflect changes in laws resulting from the entry into force of Regulation (EU) No 596/2014 of the European Parliament and of the Council of April 16 2014, as amended by article 56 of Regulation (EU) No 2016/1011 – on market abuse and repealing Directive 2003/6/EC of the European Parliament and of the Council and Directives 2003/124/EC, 2003/125/EC and 2004/72/EC - and relative Commission Delegated Regulations (No 2016/522 and 2016/523), the Board of Directors approved the current version of the Code of conduct on internal dealing on 10 January 2018; the Code regulates the management, processing and disclosure of information relative to transactions on FinecoBank's listed shares and debt instruments (and on the derivatives and financial instruments connected to them) undertaken by insiders and by persons strictly related to them (hereinafter, the "Internal Dealing Code"). This procedure regulates disclosure obligations to be complied with and conduct to be observed by the above persons and by FinecoBank in order to ensure maximum transparency in disclosure to the market.

The main aim of the Internal Dealing Code is to improve transparency and uniformity in disclosure relative to financial transactions undertaken by the above persons, to give investors an idea of how these persons perceive the prospects of the company and/or the group it belongs to. Thus the Code does not directly address whether significant persons have acquired confidential information and used said information unlawfully (a conduct which instead constitutes the offence of insider trading), assuming that the undertaking of certain financial transactions by particular persons considered "significant" (i.e. by persons that, due to their position, are able to acquire information on matters of the company and the group it belongs to), is, per se, price sensitive.

The Internal Dealing Code identifies "Significant Persons" and "Closely-Related Persons" to the Significant Persons in compliance with the Issuer Regulations and establishes that "Material Transactions" (and thus which are subject to the disclosure obligations of the Internal Dealing Code) are transactions concerning the purchase, sale, underwriting or exchange of shares and debt instruments issued by FinecoBank (admitted to trading – or for which an application has been made for admission to trading – on a regulated market or an MTF), or derivatives or other financial instruments linked to those instruments carried out by the above persons, directly or through intermediaries, trusts or subsidiaries. The Internal Dealing Code also identifies some types of transactions, which are exempt from disclosure obligations.

The Internal Dealing Code also contains regulations on the management, processing and disclosure of information relative to these transactions. To this end it regulates:

  • (a) disclosure obligations of Significant Persons to the Company;
  • (b) disclosure obligations of Significant Persons and the Company to Consob;
  • (c) cases in which Significant Persons are prohibited from or limited in undertaking transactions on financial instruments.

In compliance with the Internal Dealing Code, the Bank's Compliance Officer is the Officer Responsible for providing information to the public and to Consob with regard to notices received from Significant Persons.

6. BOARD COMMITTEES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER D) OF THE TUF)

At the date of approval of this Report, three Board committees were established, with advisory, decision-making and coordination functions, and specifically: (i) a Risks and Related Parties Committee; (ii) a Remuneration Committee; (iii) an Appointments and Sustainability Committee.

None of the functions assigned to board committees by the Corporate Governance Code was assigned to the Board of Directors. Apart from the Appointments and Sustainability Committee, as of Sections 8 and 18, none of the other committees carry out multiple functions of two or more committees as provided for by the Corporate Governance Code (13) and functions are not assigned to various committees in a way that differs from provisions in the Code. Committee members are selected for their expertise and availability to carry out relative duties.

Save for a shorter term of office established on appointment, Committee members remain in office for the same time as the Board on which they are members. They may step down from their position on Committees, without stepping down from the Board of Directors.

If, for any reason whatsoever, a member no longer holds the position, the Board of Directors will replace the member. The expiry of the new member's term of office coincides with that of the outgoing member. If the Chairman of the Committee ceases to hold office, the Board of Directors will appoint a new Chairman with the decision to appoint the replacement member.

Committees meet regularly as scheduled and whenever deemed necessary due to particular requirements; the majority of members shall be present for Committee meetings to be duly established. Committee meetings may be held using telecommunication means, provided that each attendee can be identified by all the other attendees, and that each attendee is able to intervene in real time during discussions, and is able to receive, transmit and view the documents. The Secretary, who is not necessarily a Committee member, or if absent or incapacitated, a person appointed by the committee Chair to replace the secretary, shall take minutes of the meeting, which will include among others, the reasons for any disagreement expressed by Committee members. The Secretary shall retain the minutes of the meeting for consultation by Committee members who did not attend the meeting, as well as Directors and Statutory Auditors.

The Chair of each Committee shall report on the meeting during the first subsequent Board meeting.

Committees also have financial resources adequate for their duties, within the limits of the budget set by the Board, which are sufficient to guarantee operating independence; in cases of particular need, these limits may be extended. The Committees may be assisted by external experts.

The Shareholders' meeting determines the annual fees for Committee members and a fee for attending committee meetings. To carry out their duties, Committees have adequate tools and information flows, guaranteed by adequate functions, which enable them to make evaluations and have access to relevant company information.

( 13) In compliance with Consob indications and guidelines as of Communication no. DEM/10078683 of 24 September 2010, to adopt the Regulations on Related-party Transactions, the Company assigned its audit committee pursuant to the Corporate Governance Code to carry out the functions of the related-parties committee.

The committees established within the Board of Directors are described below.

6.1 Risks and Related Parties Committee

The Risks and Related Parties Committee was established on 17 June 2008 as the "Audit Committee". Over the years, the original name of the Committee, its structure and relative duties, changed, in line with developments in the legal and regulatory framework, and with industry best practices. With a resolution of April 11, 2017, the Board of Directors established an internal controls and risks committee, to oversee related-party transactions, pursuant to the Related-Parties Regulations, called the "Risks and Related Parties Committee"; this committee has functions and powers referred to in applicable Supervisory Regulations on Corporate Governance and the Corporate Governance Code.

In compliance with provisions in Application Criterion 4.C.1 of the Corporate Governance Code, the composition, functioning, organisation and activities of the Risks and Related Parties Committee are governed in the Corporate Bodies Regulations.

6.1.1. Composition

The Board of Directors appointed members of the Risks and Related Parties Committee on April 11, 2017, in compliance with provisions in article 16 of the Market Regulations (formerly article 37 of the repealed Regulation no. 16191/2007), according to which all members of the Committee must be non-executive, independent directors, as FinecoBank is managed and coordinated by UniCredit.

Furthermore, in accordance with Principle 7.P.4 of the Corporate Governance Code, under which at least one member of the committee is required to have an adequate experience in accounting and finance or risk management, the Board of Directors established that all members of the Committee, on their appointment, met the above requirements, and more in general, have the knowledge, expertise and experience to fully understand and monitor the Bank's risk strategies and guidelines.

At the date of approval of this Report, the composition of the Risks and Related Parties Committee was as follows:

Name Executive Non
executive		 Indep.
Code		 Indep.
TUF		 %
(*)		 (**)
Francesco Saita X X X 100% C
Gianmarco
Montanari		 X X X 87%
as from 11 April
2017, i.e. from
his appointment
as director		 M
Maurizio Santacroce X X X 100%
as from 11 April
2017, i.e. from		 M
his appointment
as director
------------- Members no longer in office during the Year -------------
Pietro
Angelo
Guindani		 X X X 100%
Until the end of
the term of office
on 11 April 2017		 M
Mariangela Grosoli X
X
X
75%
M
Until the end of
the term of office
on 11 April 2017
No. of Committee meetings: 12
(*) This column shows the percentage attendance at Committee meetings (no. of attendances / no. of meetings held
during actual period office of the person concerned during the Year).

(**) This column shows the position of the director on the Committee ("C": Chairman; "M": member).

All the members of the Risks and Related Parties Committee will end their term of office at the time of the next Shareholders' Meeting called to approve the Financial Statements as at 31 December 2019.

6.1.2. Functioning

The Committee shall meet, also by telecommunication means, as often as necessary to perform its functions, and at the request of any of its members or the Chairman of the Board of Statutory Auditors. Committee meetings are convened by notice of call sent by the Chairman of the Committee, also through the Secretary of the Committee, usually at least three days before the scheduled date of the meeting. In urgent circumstances, as determined by the Chairman of the Committee, meetings may be convened with one day's notice.

The notice can also be sent by fax or email and shall indicate the date, time and venue of the meeting, and the list of items to be discussed.

The Committee shall be considered duly established with the presence of the majority of its members in office and with the absolute majority vote of those present for resolutions.

In the event the Chairman is absent or incapacitated, the most senior member of the Committee shall act as Chair.

The Financial Reporting Officer, Internal Audit Officer, Chairman of the Board of Statutory Auditors and a Statutory Auditor nominated by the former may attend Committee meetings; Directors and senior managers of the Company may also be requested to take part in meetings for specific issues, as well as external auditors.

The Chairman of the Board of Directors and the Managing Director and General Manager of the Company may take part in meetings.

The Corporate Bodies Regulations also establish the rules for temporary replacement of a Committee member with reference, in particular, to cases where the Committee is called on to give an opinion on transactions with related parties and/or associates.

In this regard, the Regulations, after making it clear that, for each transaction considered, members of the Risks and Related Parties Committee must be different from the counterparty and parties related thereto, establishes that, in the event a member of the Committee is a counterparty of the transaction (or a person associated to the counterparty), they must promptly inform the Chairman of the Board of Directors and the Chairman of the Committee, and refrain from taking part in any further work of the Committee concerning the relevant transaction.

In this event, the Chairman of the Board of Directors, after consulting with the Chairman of the Risks and Related Parties Committee, immediately replaces the member who is in conflict of interest by appointing, after having contacted him/her, another independent and unconnected member of the Board of Directors.

In case of transactions with related parties and/or associated persons whose completion is urgent and for which the Committee is involved in the negotiation and diligence phases and/or when issuing an opinion, the Chairman of the Risks and Related Parties Committee, after having acknowledged the urgency of the transaction and established the unavailability of the majority or of all members to meet or to carry out the required activities in time for the transaction to be concluded, shall promptly notify the Chairman of the Board of Directors.

In any case, this notice shall be given no later than the day following the day when the Chairman of the Committee received notice of the unavailability of the majority or of all members.

The Chairman of the Board of Directors, after consulting with the Managing Director and General Manager to assess the actual urgency of the transaction, shall immediately re-establish the Risks and Related Parties Committee by appointing the required number of Independent Directors, following the same procedure adopted for the temporary replacement of a member in case of a conflict of interest (appointment of the replacement(s) from independent members of the Board of Directors).

The above shall also apply if the unavailability of the majority is due to the resignation of a member of the Committee.

6.1.3 Duties and Responsibilities

The role of the Committee is to provide information, advice, make proposals and enquiries, with a risk-oriented approach, when defining guidelines for the entire internal control system, and to assess its effectiveness and efficiency, so that main risks are properly identified, as well as appropriately measured, managed and monitored, without prejudice to the Board of Director's power to make all relevant decisions.

The Committee helps to promote a corporate culture that values the control function, steering it towards a risk-oriented approach.

The Committee's mission also includes evaluating the correct use of accounting standards in preparing financial statements, and overseeing the effectiveness of audits and the activities of external auditors.

The Committee is also responsible for related-party transactions in accordance with the Related-Party Regulations, pursuant to applicable Supervisory Regulations on Corporate Governance.

The Risks and Related Parties Committee, among other things:

(a) in relation to the model for outsourcing audits adopted by the Bank (see Section 11.2

below):

  • ensures ongoing compliance with service levels covered by the external audit agreement, assisting the Board of Directors and appointed Director in assessing the adequacy of the service and ensuring that audit activities carried out by the Internal Audit unit are primarily based on continuously updated risk-assessment analyses;
  • monitors compliance with the Group Internal Audit Framework;
  • (b) identifies and proposes to the Board of Directors, the Compliance, Internal Audit and Risk Management Officers to be appointed, assisted by the Appointments and Sustainability Committee;
  • (c) helps identify internal control system guidelines, based on a risk-oriented approach, so that the main risks concerning the Company are correctly identified and adequately measured, managed and monitored, making assessments and recommendations to the Board of Directors on compliance with the principles the internal controls and business organisation system must be aligned with, and the requirements to be met by the Compliance, Internal Audit and Risk Management functions, bringing any weaknesses and consequent corrective actions to adopt to the attention of the Board;
  • (d) reports to the Board of Directors, at least every six months, when the annual financial statements and the half-yearly financial statements are approved, on activities carried out and the adequacy of the Company's Internal Control and Risk Management System;
  • (e) previously reviews activity schedules (including the Internal Audit plan) and the annual reports of the Compliance, Internal Audit and Risk Management functions submitted to the Board;
  • (f) examines the periodic reports and audit reports produced by the internal audit function, and evaluating any findings, following actions taken to remedy deficiencies/anomalies identified, as well as the adoption of corrective measures proposed and the adoption of suggested recommendations;
  • (g) carries out adequate preliminary activities to support the assessments and decisions of the Board of Directors as regards the management of risks arising from detrimental events which come to the knowledge of the Board of Directors;
  • (h) contributes, through assessments and opinions, to the definition of the company's policy on outsourcing control functions;
  • (i) verifies that the Compliance, Internal Audit and Risk Management functions conform exactly to the indications and guidelines of the Board and assists the latter in preparing the coordination documents required by Supervisory Regulations;
  • (j) evaluates the proper use of accounting standards for preparing the financial statements, in conjunction with the company financial reporting officer and external auditors;
  • (k) examines the process of preparing interim reports required by law, as well as the annual financial statements, based on reports of relevant department heads;
  • (l) evaluates applications of external auditors, including the amount of their fees;
  • (m) oversees the audit process, reviewing the audit work plans and findings contained in audit report and any letter of recommendations;

  • (n) meets with the external auditors at least once a year;

  • (o) examines reports received from the Board of Statutory Auditors, from the Supervisory Board pursuant to Legislative Decree no. 231 of 8 June 2001, and the Regulatory Authorities, assessing the findings and ensuring that any abnormal situations and possible deficiencies are remedied;

  • (p) may request the Internal Audit function to make assessments on specific operating areas, informing the Chairman of the Board of Statutory Auditors, the Chairman of the Board of Directors and the Supervisory Director, at the same time;
  • (q) expresses its opinion on the corporate governance report to the Board of Directors, for in order to describe the main features of the Internal Control and Risk Management system, and evaluate its adequacy;
  • (r) formulates preliminary opinions (binding, where appropriate) on procedures for the identification and management of transactions with related parties and/or associated persons carried out by the Company as well as on relevant changes;
  • (s) formulates preliminary, reasoned opinions, when explicitly required, also in the interest of carrying out transactions with related parties and/or associated persons to be completed by the Bank, and on the appropriateness and substantial fairness of the relative terms and conditions;
  • (t) in case of material transactions with related parties and/or associated persons, the Committee is involved – if considered necessary, through one or more of its members – in the negotiation and preliminary phases, receiving complete and prompt information flows, and may request information from and make observations to appointed bodies and persons in charge of conducting the negotiation or preliminary phase.

With particular reference to risk management and control duties, the Committee assists the Board:

  • in defining and approving strategic guidelines and risk management policies; as regards the Risk Appetite Framework (RAF), the Committee makes evaluations and suggestions so that the Board, as required by Supervisory Regulations, may define and approve risk objectives (Risk Appetite) and the tolerance threshold (Risk Tolerance);
  • in checking the correct adoption of risk governance strategies and policies, and the Risk Appetite Framework (RAF);
  • in defining policies and processes for evaluating company activities, including verification that the price and conditions of transactions with customers are consistent with the business model and risk strategies.

Without prejudice to the duties of the Remuneration Committee, the Risks and Related Parties Committee is involved in the process to identify the Bank's key personnel (see EBA guidelines of 27 June 2016 on "sound remuneration policies pursuant to article 74, paragraph 3, and article 75, paragraph 2, of Directive 2013/36/EU and on disclosure pursuant to article 450 of (EU) Regulation No 575/2013", § 101) and ensures that remuneration and incentive system incentives are consistent with the RAF, considering in particular risks, capital and liquidity.

The Risks and Related Parties Committee and Board of Statutory Auditors exchange all information of mutual interest and, where appropriate, coordinate to develop their duties.

6.1.4 Activities performed

During the Year, the Committee carried out the duties assigned to it by the Board of Directors, with an advisory role as regards issues concerning the internal control and risk management system.

The Committee met twelve times, with each meeting lasting on average three and a half hours, analysing the results of activities carried out by the control functions (audit, compliance and risk management), with in-depth analysis of quarterly reports prepared by the functions. Minutes of each meeting were taken by the appointed Secretary.

In particular, the Committee examined the new version of Procedures for the management of transactions with persons in conflict of interest, providing an opinion to the Board of Directors. Besides these activities and analysis of the control function reports previously submitted, the Committee also reviewed administration and accounting procedures, as well as the accounting standards used to prepare the 2016 Financial Statements and the Interim Report (meeting with the external auditors, for this purpose), and the Corporate Governance Report submitted to the Board of Directors on 7 March 2017. The Committee spent a part of some of the meetings to fully review significant issues, such as the progress of audit findings (with a particular focus on overdue status), procedures of incentive systems used by the Bank for employees and financial advisors authorised to offer products off Bank premises, considering significant risk factors, reviewing requests from Supervisory Authorities, proposals for amendments to the RAF and the "demand item model" and updates to the liquidity investment policy, the project to align with new requirements of MiFID II and a review of Compliance and Audit plans for 2018, also discussing major topics in this regard. Moreover, the Committee also reviewed the Contingency Plan submitted to the Board of Directors for further amendments, on issuer risk in bonds, prepared by the CRO and the risk management function, in response to issues raised by the Committee.

As regards transactions with related and/or associated parties, in cases specifically envisaged by internal procedures, the Committee provides preventive and justified opinions on the Bank's interest in carrying out the transactions and on the appropriateness and substantial fairness of the relative conditions.

In compliance with the above, non-committee members took part in Committee meetings on request of the Committee, as regards individual items on the agenda.

12 Committee meetings have been scheduled for the current year, of which 4 have already taken place.

7. REMUNERATION COMMITTEE

Without prejudice to Section 6 above, at the date of approval of this Report, the composition of the Remuneration Committee was as follows:

Name Executive Non Indep. Indep. % (**)
executive Code TUF (*)
Gianmarco Montanari X X X 100% C
as from 11 April
2017, i.e. from
his appointment
as director
Elena Biffi X X X 100% M
as from 11 April
2017, i.e. from
his appointment
as director
Enrico
Cotta
Ramusino		 X X 100% M
as from 11 April
2017, i.e. from
his appointment
as director
------------- Members no longer in office during the Year -------------
Gianluigi Bertolli X X X 100% C
until the end of
the term of
office on 11
April 2017
Mariangela Grosoli X X X 80% M
until the end of
the term of
office on 11
April 2017
Girolamo Ielo X X X 100% M
until the end of
the term of
office on 11
April 2017
No. of Committee meetings: 11
(*) This column shows the percentage attendance at Committee meetings (no. of attendances/ no. of meetings held
during actual period office of the person concerned during the Year).

(**) This column shows the position of the director on the Committee ("C": Chairman; "M": member).

All the members of the Remuneration Committee will end their term of office at the time of the next Shareholders' Meeting called to approve the Financial Statements as at December 31, 2019.

For further information on the establishment, duties and functioning of the Remuneration Committee: (i) see the section "Remuneration Committee" of the "Annual Compensation Report" published in the "2018 FinecoBank Compensation Policy" – pursuant to article 123-ter of the TUF, article 84-quater of the Issuer Regulations (last amended by resolution 18214 of 9 May 2012) and provisions in Title IV, Chapter 1, Table 15 of Bank of Italy Circular no. 263; (ii) see the Corporate Bodies Regulations of FinecoBank (Part B, § 1.2.).

Six Committee meetings have been scheduled for the current year, of which three have already been held.

8. APPOINTMENTS AND SUSTAINABILITY COMMITTEE

The Appointments and Sustainability Committee was established on 13 May 2014 as the "Remuneration and Appointments Committee". For reasons of efficiency and simplification of the governance structure, the Company had considered it appropriate to make use of the option allowed by the Corporate Governance Code to combine the functions of its Appointments Committee and Remuneration Committee into one committee. However, in line with Supervisory Regulations on Corporate Governance, the Board of Directors, in the 2017 Qualitative/Quantitative Profile, had recommended, among others, establishing two separate special Board committees for "appointments" and "remuneration". With a resolution of 11 April 2017, the Board of Directors had established an independent committee for appointments, called the "Appointments Committee". With a subsequent resolution of 1 March 2018, the Board of Directors extended the duties of the Committee to include sustainability, subsequently changing the name to the current "Appointments and Sustainability Committee". For further information, see Section 18 of the Report.

8.1. Composition

On 11 April 2017, the Board of Directors appointed the members of the current Appointments and Sustainability Committee, who are all executive, independent directors pursuant to the TUF and Corporate Governance Code, and have adequate experience and expertise as evaluated and ascertained by the Board of Directors on their appointment.

At the date of approval of this Report, the composition of the Appointments and Sustainability Committee was as follows:

Name Executive Non
executive		 Indep.
Code		 Indep.
TUF		 %
(*)		 (**)
Elena Biffi X X X 100%
as from 11 April
2017, i.e. from
her appointment
as director		 C
Patrizia Albano X X X 100%
as from 11 April
2017, i.e. from
her appointment
as director		 M
Francesco Saita X X X 100%
as from 11 April
2017, i.e. from
his appointment
as director		 M
------------- Members no longer in office during the Year -------------
Gianluigi Bertolli X X X 100% C
until the end of
the term of
office on 11
April 2017
Mariangela Grosoli X X X 80%
until the end of
the term of
office on 11
April 2017		 M
Girolamo Ielo X X X 100%
until the end of
the term of
office on 11
April 2017		 M
No. of Committee meetings: 8

(*) This column shows the percentage attendance at Committee meetings (no. of attendances/ no. of meetings held during actual period office of the person concerned during the Year).

(**) This column shows the position of the director on the Committee ("C": Chairman; "M": member).

All the members of the Appointments and Sustainability Committee will end their term of office at the time of the next Shareholders' Meeting called to approve the Financial Statements as at 31 December 2019.

8.1. Functioning

The Committee shall meet when convened by its Chairman, whenever he/she deems necessary, or upon the request of one of its members.

Committee meetings are convened with at least five days' notice. The notice convening the meeting can also be sent by fax or email and shall indicate the venue, date and time of the meeting, and the list of items to be discussed; the notice is sent by the Chairman, also through the Committee Secretary. In urgent circumstances, as determined by the Chairman of the Committee, meetings may be convened with one day's notice. The Committee meeting shall be valid even without a call notice, provided that all members are present; meetings may be held using telecommunication means.

The Committee shall be duly established with the presence of the majority of its members in office and with the absolute majority vote of those present for resolutions. The Chairman of the Board of Directors and the Managing Director and General Manager of the Company may take part in meetings. The Chairman of the Board of Statutory Auditors shall also be invited to the meetings, and may delegate another Statutory Auditor to attend.

The Committee may, when deemed appropriate, invite other individuals from within the Company to attend the meetings, in relation to the corporate functions and organisations concerned by the issues at hand, including members of other committees within the Board of Directors, or external parties, whose presence may facilitate the Committee in performing its functions.

If the Appointments and Sustainability Committee is required to urgently give an opinion on areas in its remit, the Committee Chairman, acknowledging the urgency of the matter and unavailability of the majority or of all members to meet or carry out requested activities in time, shall promptly notify said unavailability to the Chairman of the Board of Directors. In any case, this notice shall be given no later than the day following the day when the Chairman of the Committee received notice of the unavailability of the majority or of all members. The Chairman of the Board of Directors, after consulting with the Managing Director and General Manager to evaluate the urgency of the decision, shall make up the number of Committee members, contacting and indicating another independent member of the Board of Directors. The above shall also apply if the unavailability of the majority is due to the resignation of a member of the Committee.

8.2. Duties and Responsibilities

Save for Section 18 of the Report, the Appointments and Sustainability Committee is assigned duties and responsibilities in compliance with the Supervisory Regulations and Corporate Governance Code. Specifically, the Appointments and Sustainability Committee has an advisory role assisting the Board as follows:

  • (i) supporting the Board of Directors in the appointment and co-option of directors according to the times indicated in applicable Supervisory Regulations on Corporate Governance;
  • (ii) providing opinions for the Board on proposals made by the Chairman or by the Managing Director and General Manager to the Board, concerning:
  • drafting policies to appoint Company Directors (including the qualitative and quantitative profile established by the Supervisory Regulations on Corporate Governance);
  • appointing the Managing Director and/or the General Manager and other key management personnel;
  • defining any succession plans for the Managing Director, the General Manager and other key management personnel;
  • selecting candidates to the position of FinecoBank Director, in the event of cooptation, and if lists are presented by the Board, of candidates to the position of independent director to be submitted for the approval of the Shareholders' Meeting of the Company, also based on any recommendations received from shareholders;
  • appointing members of Board Committees;
  • overseeing various stages of the self-assessment process;
  • (iii) assisting the Risks and Related Parties Committee in the process to identify and propose officers of the Compliance, Internal Audit and Risk Management control functions, to appoint;
  • (iv) supporting the Board of Directors in verifying conditions as of article 26 of the TUB (requirements of company officers).

8.3. Activities performed

During the Year, the Committee met eight times. Committee meetings, with minutes taken by the appointed Secretary, lasted on average two hours.

During the meetings, the Committee – based on information and necessary clarifications from FinecoBank departments, acknowledging applicable regulations and documents supporting proposals – was requested to given an opinion, among others, on: (i) the appointment of members of FinecoBank boards and of the company recently established under Irish law and wholly owned by the former (see Sections 2 and 3 above); and (ii) checks on requirements being met by company officers.

During the Year, the Committee also monitored internal governance events/processes including the board's self-assessment, compliance with independence requirements, with applicable laws on interlocking, the process to check candidates for the position of director, contact with the Supervisory authorities as regards requirements for administration and control bodies, the approval of succession plans for professional development, as well as the appointment process and activities of key management personnel.

In compliance with the above, non-committee members took part in Committee meetings on request of the Committee, as regards individual items on the agenda.

Six Committee meetings have been scheduled for the current year, of which two have already taken place.

9. REMUNERATION OF DIRECTORS

For the information requested regarding the remuneration of executive directors, non-executive directors and key management personnel and concerning indemnities for Directors in the event of resignation, dismissal or termination of employment following a public purchase offer (as of article 123-bis, paragraph 1, letter i) of the TUF, see the chapter "Remuneration paid to members of the Management and Control Bodies, General Managers and other Key Management Personnel" contained in the "Annual Compensation Report" published – as part of the "2018 FinecoBank Compensation Policy" – according to article 123-ter of the TUF, article 84-quater of the Issuer Regulations (as amended by resolution 18214 of 9 May 2012) and provisions in Title IV, Chapter 1, Table 15 of Bank of Italy Circular no. 263.

10. CONTROL AND RISKS COMMITTEE

The functions that the Corporate Governance Code assigns to the Control and Risks Committee have been assigned to the Risks and Related Parties Committee.

11. INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM

The internal control system is a fundamental part of the overall governance system of banks. It has a central role in the organisation and ensures the effective monitoring of risk, so as to guarantee that operations are in line with company strategies and policies and based on principles of sound and prudent management.

An efficient and effective internal control system forms the basis for creating value in the medium and long term, for safeguarding the quality of operations and for a correct perception of risk and appropriate allocation of capital.

The Company's internal control system is based on the principles of the Corporate Governance Code, applicable regulations and best practices, and:

  • concerns control functions and positions, involving within their area of responsibility, the Board of Directors, the Risks and Related Parties Committee, the Internal Control and Risk Management System Director, the Board of Statutory Auditors, as well as company functions with specific internal control duties;
  • establishes procedures for entities involved in the internal control and risk management system to work together.

On 15 April 2014, the Board of Directors, in compliance with Stock Exchange Regulations and relative Instructions, approved: the memorandum describing the management control system adopted by FinecoBank and certified that the Company had adopted a management control system that could promptly and periodically give managers sufficiently in-depth information on the economic and financial situation of the company and main group subsidiaries, and provide for the following: (i) the monitoring of main key performance indicators and risk factors of companies and main group subsidiaries; (ii) the production of data and information with particular reference to financial information, according to analysis profiles that are adequate for the type of business, organisational complexity and specific information needs of management; (iii) the processing of forward-looking financial data for the industrial plan and budget, as well as the monitoring of company objectives being achieved, based on deviation analysis.

Board of Directors and Risks and Related Parties Committee

The guidelines of the internal control and risk management system (hereinafter, the "Internal Control and Risk System") are established by the Board of Directors. Accordingly, the Board ensures that the main risks to which the Bank is exposed are adequately identified, measured, managed and monitored.

In this context, the Board of Directors revises and updates the Risk Appetite Framework (or "RAF") on an annual basis, and in line with schedules for the budget process and definition of the financial plan, in order to guarantee a business development that has a correct risk profile and complies with national and international regulations.

During the Year, the Board approved the new "2017 FinecoBank Risk Appetite" (replacing the same document for 2016), which sets out the risk profile in relation to three areas (capital adequacy, profitability and risk, monitoring of specific risks such as credit risk, operational risk, market risk and funding and liquidity), defining reference metrics for each one.

The definition process, revised from the previous version, is structured so as to guarantee

consistency with the budget, while the performance indicator (hereinafter, the "KPIs" or "Key Performance Indicators") were revised to include simple, comprehensible metrics.

FinecoBank's Risk Appetite Framework not only includes the list of relevant metrics, but also the targets, triggers and reference limits: (i) targets represent the extent of risk the Bank is prepared to undertake to achieve its budget objectives and defines constraints for business development; (ii) triggers represent alarm thresholds which activate the analysis of possible mitigation actions and must be reported to the Chief Executive Officer; (iii) limits are the values that must not be exceeded; if exceeded, the Board of Directors must be informed.

As regards competencies, the Corporate Bodies Regulations establish that the Board is responsible for the Internal Control and Risk System, and provides guidelines for and assesses the adequacy of the system, appointing from its members:

  • the director for establishing and maintaining an effective internal control and risk management system (hereinafter, the "Designated Director");
  • an internal Committee called the Risks and Related Parties Committee consisting entirely of independent directors, which assists the Board of Directors, based on adequate preliminary activities, in its assessments and decisions concerning the internal control and risk management system, as well as the approval of periodical financial reports.

The Board of Directors, with the prior approval of the Committee:

  • (a) establishes the guidelines of the Internal Control and Risk Management System, assesses its consistency and adequacy in relation to the company's business and risk profile at least annually, as well as its effectiveness, in terms of its ability to take into account the evolution of business risks and their interaction, assigning the Designated Director the task of establishing and maintaining an effective Internal Control and Risk System; (see the Corporate Bodies Regulations, page 12)
  • (b) appoints, after consulting with the Board of Statutory Auditors, an Internal Audit Manager (hereinafter, the "Head of Internal Audit"), who ensures that the Internal Control and Risk system is functioning and adequate and that internal audit activities are carried out independently and in such a way as to guarantee their effectiveness and efficiency;
  • (c) approves, at least annually, the work plan prepared by the Head of Internal Audit, after consulting with the Board of Statutory Auditors and obtaining approval from the Risks and Related Parties Committee and Director;
  • (d) assesses, after consulting with the Board of Statutory Auditors, the results of the external auditors in the audit opinion letter and report on audit findings.

The Board of Directors assesses, among others and at least annually, the adequacy, functioning and effectiveness of the Internal Control and Risk System, assisted by the Risks Committee, based on:

  • reports from the Heads of: the Compliance function, Risk Management function and Internal Audit function;
  • reporting from the Financial Reporting Officer on the proper use of accounting standards and their consistency for preparing consolidated financial statements;
  • all useful information on the monitoring of overall company risk which is provided by relevant units and/or the External Auditors.

The Board globally monitors main company risks, assisted by the Risks Committee (see Section 6.1 above).

In accordance with Supervisory Regulations on internal control systems, the Bank – in February 2018 – carried out the annual assessment on the adequacy of the internal control and risk management system as regards business characteristics and the risk profile undertaken, as well as effectiveness. As regards the results of this assessment process, the Internal Control and Risk Management System was found to be "Mostly Satisfactory" on a scale of four levels in increasing order: "Unsatisfactory", "Nearly Satisfactory", "Mostly satisfactory" and "Adequate" since, although there were some areas of improvement for which corrective actions have been identified, the components as a whole generated an overall satisfactory level as regards system functioning.

In this context, the Risks and Related Parties Committee, based on results of the above checks, and on additional projects being implemented, assessed the Internal Control and Risk Management System, considering it adequate for the size and complexity of the Bank as regards the business and operating environment and also adequate, within reasonable limits, for preventing or in any case avoiding, in a prompt manner, any material misstatements in the financial statements.

The Board of Directors also: (i) defines the objectives and business continuity strategies of the service, ensuring adequate human, technological and financial resources; (ii) approves the business continuity plan and subsequent amendments as a result of technological and organisational developments, accepting residual risks not managed by the business continuity plan, and also promotes development, periodic monitoring and updating following significant innovations, or any deficiencies/gaps or residual risks; (iii) appoints the business continuity plan manager; (iv) approves the annual plan for testing business continuity measures and examines the test results documented in writing.

Specifically, the Bank's Business Continuity and Crisis Management system provides for a plan to manage events, incidents and crises and the business continuity plan, for which the manager is appointed by the Board of Directors.

In emergency/crisis situations, the Board is informed (by the Managing Director and General Manager, or by the Company Business Continuity Manager) of the trend of the crisis and in the event of serious problems for company operations due to serious incidents or malfunctions.

It is also informed, at least annually, of the planning and outcomes of controls on the adequacy of the Plans, as well as controls of business continuity measures (tests).

During the Year, the business continuity plan, which was appropriately revised, was approved by the Board of Directors and subsequently verified in test sessions, to guarantee its effectiveness and adequacy.

With specific reference to non-compliance risk (14), the Board of Directors, after consulting with the Board of Statutory Auditors, approves risk management policies, evaluates, at least once a year and with the technical support of the Risks and Related Parties Committee, the adequacy of the organisational structure, the quality and amount of resources of the Compliance function and

( 14) Non-compliance risk may be defined as the risk of incurring legal or administrative sanctions, financial losses or sustaining reputational damage, as a result of non-compliance with financial and banking laws, regulations, codes of conduct and good practices.

analyses periodic reports on its controls on non-compliance risk management.

Moreover, the Board of Directors has general responsibility for management and control of the information system, with a view to an optimal use of technological resources supporting company strategies (ICT governance). In this respect, it:

  • approves the information system development strategies and architectural model, the sourcing strategies and IT risk propensity, in accordance with the risk objectives and reference framework for determining risk propensity at a company level;
  • approves the IT security policy;
  • approves guidelines on the recruitment of personnel with technical functions and the procurement of systems, software and services, including the use of external suppliers;
  • promotes the development, sharing and updating of ICT knowledge within the company.

With specific regard to supervisory responsibility for ICT risk analysis, the Board:

  • approves the organisational and methodological reference framework for ICT risk analysis, promoting the appropriate consolidation of information on technological risk within the ICT function and integration with risk measurement and management systems (concerning in particular, operational, reputational and strategic risks);
  • approves the ICT risk propensity, having considered internal services and services to clients, in accordance with the risk objectives and reference framework for defining risk propensity at a company level.

With reference to the above responsibilities, the Board is informed at least annually of the adequacy of services provided in relation to costs sustained and of the ICT risk situation with regard to risk propensity.

Board of Statutory Auditors

The Board of Statutory Auditors of FinecoBank monitors the effectiveness, completeness, adequacy, functioning and reliability of the internal control and risk management system, and of the Risk Appetite Framework, in line with requirements of the Corporate Governance Code and the Supervisory Regulations.

It also monitors compliance with the Internal Capital Adequacy Assessment Process (ICAAP) and the completeness, adequacy, functioning and reliability of the business continuity plan.

With specific reference to the Board of Statutory Auditors being able to take on supervisory board functions pursuant to Legislative Decree no. 231 of 8 June 2001, the Company considered it appropriate to assign these functions to a specifically established Body (see Section 11 of the Report).

The Board of Statutory Auditors establishes appropriate working relations with the Risks and Related Parties Committee to carry out joint activities, in compliance with specific areas of responsibility.

To carry out its duties, the Board of Statutory Auditors may be assisted by the company's internal control departments and functions to carry out and plan checks and necessary assessments. To achieve this, it receives regular adequate information flows or information on specific situations/company performance. Given this close connection, the Board of Statutory Auditors is specifically consulted about decisions regarding the appointment and dismissal of

heads of company control functions (Compliance, Risk Management and Internal Audit), and also about defining the essential elements of the control system's overall architecture (powers, responsibilities, resources, data flows and handling conflicts of interest). Regarding own activities, Auditors may request the Internal Audit department to carry out specific audit activities in operational areas and on company operations. The Board of Statutory Auditors verifies and investigates the causes of and remedies for operational irregularities, performance anomalies, and shortcomings in the organisational and accounting structure. Particular attention must be paid to compliance with regulations on conflicts of interest.

Control functions

FinecoBank's internal control system is based on four types of controls:

  • (i) level one controls ("line controls"): these are controls relative to individual activities and are carried out according to specific operational procedures based on a specific internal regulation. These processes are monitored and continuously updated by "process supervisors" who put in place suitable controls to guarantee the correct performance of daily activities by staff concerned, as well as compliance with delegated powers. Formalised processes concern units that have contacts with customers and Company units that are exclusively internal;
  • (ii) level two controls: these are controls related to daily operations connected with the process to measure quantifiable risks and are carried out by units other than operating units, on an ongoing basis. The Risk Management function controls market, credit and operational risks, as regards compliance with limits assigned to operating functions and the consistency of operations of individual production areas with established risk/yield objectives; the Compliance function controls non-compliance risks;
  • (iii) level three controls: these controls are typical of internal auditing, based on analysis of information obtained from databases or company reports, as well as on-site controls. The purpose of these controls is to check the functioning of the overall internal control system and identify any anomalous trends, or infringements of procedures or regulations. These controls are assigned to the Internal Audit function, which operates at a central level, at UniCredit, based on a specific service agreement;
  • (iv) institutional supervisory controls: these refer to controls by Company bodies, including in particular the Board of Statutory Auditors and Supervisory Body pursuant to Legislative Decree no. 231 of 8 June 2001.

The Risk Management function

The Risk Management function prevents and monitors different components of Bank risks. In particular the Risk Management Function controls credit, market and operational risk to which the Bank is exposed. Risk Management also involves monitoring business, reputational and liquidity risk.

The risk control function:

(i) is involved in defining the RAF, risk governance policies and various stages comprising the risk management process, as well as establishing operating limits for various types of risk. In this context, it proposes quantitative and qualitative parameters necessary to define the RAF, which refer to stress scenarios and, in the case of changes to the bank's

internal and external operating context, modifications to these parameters;

  • (ii) checks the adequacy of the RAF and on an ongoing basis the adequacy of the risk management process and operating limits;
  • (iii) is responsible for developing, validating and maintaining the independence of risk measurement and control systems in order to report periodically to Control Bodies, the Board of Directors and UniCredit;
  • (iv) defines the metrics to use to assess operational risk in line with the RAF, coordinating with the compliance function, ICT function and business continuity function;
  • (v) defines procedures for assessing and controlling reputational risk, coordinating with the compliance function and with company functions that are most exposed;
  • (vi) assists company bodies in assessing strategic risk, monitoring significant variables;
  • (vii) ensures the consistency of risk control and measurement systems with processes and methodologies to assess company activities, coordinating with company units concerned; develops and adopts indicators that can identify anomalies and inefficiencies in risk control and measurement systems;
  • (viii) analyses the risks of new products and services and risks from entering new operating and market segments;
  • (ix) gives prior opinions on the consistency of material transactions with the RAF, and obtains the opinion of other functions involved in the risk management process, depending on the nature of the transaction;
  • (x) monitors actual risk undertaken by the Bank, on an ongoing basis, and consistency with risk objectives, as well as compliance with operating limits assigned to operating units in relation to the undertaking of different types of risk;
  • (xi) checks the adequacy and effectiveness of measures taken to remedy inefficiencies identified in the risk management process.

The Risk Management function also develops the ICAAP – Internal Capital Adequacy Assessment Process – in compliance with Basel II requirements, updates to Basel III requirements and indications from the Parent Company UniCredit.

The function also carries out monitoring and reports to company bodies (Managing Director and General Manager, Board of Directors, Risks and Related Parties Committee and Board of Statutory Auditors).

Reporting to company bodies consists of the quarterly report on the Bank's risk exposure.

The Compliance Function

The Compliance function monitors non-compliance risk management ( 15) with a risk-based approach, referring to all company operations and ensuring that internal procedures are appropriate for preventing this type of risk.

( 15) Non-compliance risk may be defined as the risk of incurring legal or administrative sanctions, financial losses or sustaining reputational damage, as a result of non-compliance with financial and banking laws, regulations, codes of conduct and good practices.

The Compliance function assists/supports management and Company employees in managing non-compliance risk and monitoring the correct performance of business operations to ensure compliance with current regulations, internal procedures and applicable best practices.

For an effective management of non-compliance risk, the Company shall have a Compliance function. This function must be independent, with a sufficient number and quality of human and technical resources for duties to perform, and may deal freely with Senior Management and company bodies; it shall have access to all resources and company information and may report any matter directly to higher hierarchical levels, if necessary.

In February 2016 the Board of Directors approved the insourcing, with effect from 1 April 2016, of the Compliance function, previously centralised at the parent company UniCredit based on a specific outsourcing agreement and with a unit (hereinafter, the "Compliance Officer Unit") at FinecoBank, responsible for applying the methods for assessing and monitoring non-compliance risk.

In this regard, the Compliance Officer unit was reorganised and renamed the Compliance unit, the Compliance Officer was appointed (also acting as Head of the AML and Anti-terrorism Department and Head of Local Anti-Corruption), and two new teams were set up: Advisory & Regulators and Risk Assessment & Controls, that work alongside the department for AML and financial sanctions (AML Department).

The role and requirements of the Compliance function are regulated in specific global rules issued by UniCredit and implemented by the Company.

The mission of the Compliance reference unit is to support the Company, Company Bodies and personnel in managing the risks of non-compliance with regulations as regards all company operations, checking that internal procedures are adequate in preventing this risk.

The above is in compliance with the provisions of Supervisory Regulations and according to Global Compliance Rules and Group methods.

In particular, the risk of non-compliance with regulations is managed through:

  • (a) Proactive and on-request advice
  • the ongoing identification of laws applicable to the Bank and consequent noncompliance risks; the definition of the relative impact on company processes and procedures, including the information system (ICT Compliance);
  • an ex ante assessment of compliance with regulations applicable to products, processes, organisational structures, the incentive system, training modules and, in particular, innovative projects (including operations in new business lines and geographic areas) that the Bank intends undertaking – also through participation in specifically designated committees – as well as the prevention and management of conflicts of interest in various activities carried out by the Bank, with reference to employees and staff;
  • providing opinions and prior assessments on compliance issues, requested by various internal units in relation to external regulations and assisted by them in analysing and interpreting the regulations;

  • assessments, for the areas under its responsibility, of the Bank's remuneration policy and in particular of remuneration/incentive systems for personnel and the personal financial advisors network authorised for cold calling;

  • participation, where required, in Group projects and work groups according to competency profiles.

  • (b) Communication
  • promotion of a culture based on compliance with internal and external regulations and international best practices, through the adoption (subject to alignment in order to cover specific characteristics of Fineco) of Global Compliance Rules (Policies and Operational Regulation) issued by the Parent Company UniCredit, the preparation of Circulars and Service Orders, notes, memoranda, opinions and communications, and through personnel training activities;
  • cooperation with other Bank functions and, in particular, with functions that oversee risk management and control (starting with Internal Audit and Risk Management), in order to improve overall consistency and ensure mutually adequate and ongoing information flows;
  • definition of FinecoBank's annual training plan, in line with UniCredit guidelines.
  • (c) Interaction with authorities
  • management of relations with Authorities together with other relevant functions (such as involvement in consultations concerning new legal and regulatory developments, assistance for preparing comments on bills, monitoring requests and inspections by the Authorities and relative corrective actions).
  • (d) Monitoring, surveillance and reporting
  • assessment of the non-compliance risks identified (compliance risk assessment), also through level two controls, the definition of corrective actions to mitigate these, monitoring the actions and starting procedures involving relevant higher hierarchical levels (escalation) to solve critical issues identified;
  • verification of the effectiveness of organisational alignments (structures, processes and procedures, operational and commercial) recommended to prevent the risk of non-compliance with regulations.

The function is directly responsible for non-compliance risk management in the case of regulations that are more significant as regards non-compliance risk, i.e. on banking and the provision of investment services, the management of conflicts of interest, transparency in customer relations and, more in general, on consumer protection and regulations for which strategic oversight at the Bank is not already provided for.

With reference to other regulations for which specific types of strategic oversight (e.g. occupational safety, tax laws, etc.) are provided, the Bank, based on an assessment of the adequacy of specialist controls for managing non-compliance risk profiles, adopted the indirect coverage model, whereby:

  • the specialist unit adopts the risk assessment methodologies and second level controls defined by the Compliance function;
  • the Compliance function verifies that units operate in compliance with the methodologies and procedures provided over time, ensuring suitable control of non-compliance risk and establishes and validates reporting, with the aim of providing an overall view of noncompliance risk.

In performing its duties, the Compliance function has access to all Bank operations, at both a

central and peripheral level, and to all information considered significant, also through direct interviews with personnel.

Lastly, the Bank, as an issuer on the FTSE-Mib index, has an internal system for employees to report any irregularities or violations of applicable regulations and internal procedures (whistleblowing), in line with applicable national and international best practices, guaranteeing a specific, confidential information channel, and the anonymity of the whistle-blower.

11.1 Director in charge of the Internal Control and Risk Management System

To comply with the recommendation in Principle 7.P.3 of the Corporate Governance Code, and with Regulations on the Prudential Supervision of Banks issued by the Bank of Italy, the Managing Director and General Manager Alessandro Foti has been appointed Internal Control and Risk Management System Director.

As part of the internal control system, the Managing Director and General Manager, acting as Internal Control and Risk Management System Director, is tasked with and is responsible for the following:

  • (i) identifying the main business risks, and ensuring effective risk management and the execution of instructions from the Board of Directors in the presence of a defined, managed and monitored Internal Control System;
  • (ii) defining the means and methods for implementing the control and risk system, using guidelines from the Board of Directors, undertaking the design, management and monitoring of the internal control and risk management system, establishing operating limits for different types of risk and facilitating the development and dissemination of a culture of risk, assisted by relevant functions; the Managing Director and General Manager is responsible for the annual assessment of the Internal Control and Risk System;
  • (iii) ensuring the overall adequacy of the Control and Risk System, its actual functioning, amendments to take into account changes in operating conditions and the legal and regulatory framework; the Managing Director and General Manager and his/her first-line managers are called upon to provide a professional judgement on matters relating to the Internal Control System referring to their activities, taking into account the level of compliance with regulations, procedures and controls;
  • (iv) establishing and overseeing the adoption of the process to approve investments in new products, the distribution of new products or services or start of new activities or entry on new markets, or the adoption of processes and methods to evaluate company operations, in particular financial instruments, overseeing ongoing updates;
  • (v) defining and overseeing the implementation of company policy on the outsourcing of company functions;
  • (vi) defining internal information flows to ensure that company control bodies are fully aware of and can govern risk factors and compliance with the Risk Appetite Framework;

  • (vii) authorising, within the Risk Appetite Framework and where a tolerance threshold has been defined, the risk appetite being exceeded, within the tolerance threshold limit, reporting to the Board of Directors and identifying the management actions necessary to return the risk to within the established limit;

  • (viii) implementing follow-up measures for the control and risk system after controls have been carried out, adopting necessary corrective measures or actions if inefficiencies or anomalies are identified, or after the introduction of new products, activities, services or processes that are significant;

  • (ix) submitting proposals to the Chairman of the Board of Directors to appoint or remove from office the Head of Internal Audit, ensuring that the Manager has adequate resources to carry out his/her responsibilities;
  • (x) promoting the development, periodic control of the Business continuity plan and its updating, approving the Annual plan to control business continuity measures and examining results of tests documented in a written form;
  • (xi) ensuring the completeness, adequacy, functionality (in terms of effectiveness and efficiency) and reliability of the Bank's information system.

The Managing Director and General Manager implements the ICAAP (Internal Capital Adequacy Assessment Process), ensuring it conforms to the strategic guidelines and RAF and meets the following requirements: (a) it considers all relevant risks; (b) it includes forwardlooking valuations; (c) it uses appropriate methodologies; (d) it is distributed to internal units; (e) it is adequately formalised and documented; (f) it identifies the roles and responsibilities assigned to company functions and units; (g) it is managed by an adequate number of competent resources, in a hierarchical position appropriate for complying with planning; (h) it is an integral part of management activities.

As regards credit and counterparty risk in particular, the Managing Director and General Manager, in line with strategic guidelines, approves specific guidance to guarantee the effectiveness of the system to manage risk mitigation techniques and compliance with the general and specific requirements of these techniques.

With specific reference to internal risk measurement systems to define capital requirements, the Managing Director and General Manager has the following duties:

  • responsibility for the structure and functioning of the selected system; to perform this duty, members shall have an adequate knowledge of relevant aspects;
  • issuing instructions so that the selected system is developed based on identified guidelines, assigning duties and responsibilities to company functions and ensuring the formalization and documentation of risk management process stages;
  • ensuring that risk measurement systems are part of decision-making processes (use tests);
  • considering observations made following the validation process and internal audits.

With specific reference to non-compliance risk, the Managing Director and General Manager ensures the effective management of this risk, also establishing suitable policies and procedures for compliance with applicable regulations to be observed within the Bank, verifying, in cases of violations, whether appropriate remedies have been implemented, and establishing reporting flows to ensure that the Bank's company bodies are fully informed about procedures to manage non-compliance risk.

Assisted by the Compliance function, the Managing Director and General Manager identifies and evaluates at least annually, the main non-compliance risks to which the Bank is exposed, and plans relative management measures, also reporting at least once a year to the Board of Directors on the adequacy of non-compliance risk management.

Pursuant to the Regulations of the Board of Directors, the Managing Director and General Manager promptly reports to the Risks and Related Parties Committee (or Board of Directors) on issues and critical aspects identified while carrying out his/her activities or notified, also reporting them to the Chairman of the Board of Directors, so that the Risks and Related Parties Committee (or the Board of Directors) may take appropriate measures.

As a result of the Italian Revenue Agency upholding the application to access "compliance cooperative" conditions as of articles 3 and 7 of Legislative Decree no. 128 of 5 August 2015, in July 2017, and after informing the Board of Directors of the Bank, the tax risk management and control system is reported on a continual basis to the tax administration in order to monitor the effectiveness and adequacy of any changes to the scope of company processes. To confirm the high level of sensitivity concerning tax risks, the Board approved FinecoBank's tax strategy during 2017, adopting the guidelines and principles of the Bank in managing tax issues and in particular related risk (concerning both sanctions and reputation), in line with its own strategic objectives and in accordance with OECD recommendations.

11.2 Head of the Internal Audit Function

The Internal Audit function, pursuant to Supervisory Regulations for banks is independent of other company functions and reports directly on its activities to the Board of Directors (also through the Risks and Related Parties Committee) and to the Board of Statutory Auditors on a quarterly basis; it also attends Risks and Related Parties Committee meetings, which are usually held monthly. As already indicated (see Section 6.1.3), FinecoBank's Internal Audit function is outsourced to UniCredit based on a specific service agreement which governs procedures for performing activities.

The Internal Audit function operates in compliance with the audit mandate, of which the latest version was approved by the Board of Directors on 20 September 2016; This document defines its mission, responsibilities, organisational positioning, independence, duties and authority. The Internal Audit function is an independent unit established by the Board of Directors of the Bank and is an integral part of the Internal Controls System, in which level three controls are carried out. The Internal Audit function carries out independent activities and guarantees assurance and advice in order to evaluate, give added value to and improve the Company's Internal Controls System. The Internal Audit function assists the Company in achieving its objectives, providing a systematic, structured approach to evaluating and improving the adequacy of Company operations, by evaluating and improving the effectiveness of governance, risk management and control processes.

The methodology used is based on the following main stages: (i) definition of the "Audit Universe", i.e. organisational and process analysis to identify elements involved in audit activities; (ii) risk assessment, i.e. identifying, assessing and measuring risks to which elements of the "Audit Universe" are exposed; (iii) definition of the annual and long-term audit plan, which establishes the objectives, types and frequency of audits and resources to use based on risk assessment results. For the personal financial advisors network, planning is based on a combined assessment using a risk-based approach while also considering the frequency of audits.

The audit measures carried out on the Bank and on the personal financial advisors network may include: (i) audit processes aimed at verifying the effective and efficient performance of

activities and proper monitoring of risks implicit in the process being audited; (ii) audit of the personal financial advisors network, carried out within the operating points of the sales network, with the objective of verifying the definition and functioning of level 1 and 2 controls on main company processes impacting the personal financial advisors network. Remote audit activities are carried out predominantly with the support of anomaly indicators, together with subsequent on-site analysis to complete the activity; (iii) specific assessments referring to individual behaviours or types of behaviours in order to identify the causes and responsibilities for specific events, accidents or conduct (e.g., measures for cases of fraud and disloyalty belong to this type).

After completing audits and based on findings, the Internal Audit function makes suggestions to relevant company structures. It also informs other company control functions of any inefficiencies, weaknesses and irregularities identified during audits of specific areas or matters within their remit. Actions to remedy identified anomalies and inefficiencies are monitored by a systematic audit tracking process, and if particular risk situations and/or weaknesses in the internal control system are noted, by specific follow up.

The Internal Audit function may also provide advisory services which, while not compromising its independence, aim to provide added value and support the Bank in achieving its objectives, by offering advisory support on the design, functioning and improvement of the internal control system.

The Internal Audit function achieves its mission and carries out activities in accordance with the Group Internal Audit Framework, which include the Code of Ethics, approved by the Company's management bodies and which are based on international standards for professional auditing.

The Company has outsourced the Internal Audit function to UniCredit, through a services agreement, the last version of which was signed on 19 December 2014. Under this agreement, the Chief Audit Executive manages the agreement and this position is assigned to the Head of Internal Audit (hereinafter, the "Chief Audit Executive"), with the same duties and responsibilities as those in Application Criterion 7.C.5 of the Corporate Governance Code.

The Chief Audit Executive:

  • develops a flexible, annual audit plan, through an appropriate evaluation of future risks which considers aspects concerning emerging trends and risks, significant organisational changes and main services, processes, operations and areas of attention for risks or controls, special duties or projects identified by Senior Management, the Risks and Related Parties Committee and Board of Directors;
  • reports directly to the Board at regular intervals, also through the Risks and Related Parties Committee and to Senior Management, summarising the results of audit activities and the implementation status of management action plans;
  • carries out special investigations, also of its own initiative, of potential fraud and in the event of fraud at the Company and on other risk events, reporting the results to Senior Management and to the Board, also through the Risks and Related Parties Committee;
  • ensures Internal Audit personnel that are qualified with adequate knowledge, expertise, experience and professional certification, so as to meet the requirements of this mandate;

  • informs the Board of aspects to evaluate Internal Audit performance, including emerging trends and best practices in internal auditing;

  • ensures adequate audit coverage, at overall costs that are reasonable, considering the activities of External Auditors and Supervisory Boards;

  • communicates in an appropriate and transparent way with the Supervisory Authorities as regards audit activities.

The Internal Audit function is also responsible, coordinating with other control functions, for ensuring an adequate approach to managing risks and controls at a Group level and a process to systematically evaluate the Internal Controls System; this duty and coordination with other control functions shall not compromise the independence of the Internal Audit function.

Under the agreement, the Risks and Related Parties Committee and the Board of Statutory Auditors of the client may request the contractor to provide complete disclosure on activities carried out to perform the agreement, to promote activities assigned to the Board of Directors and Board of Statutory Auditors by applicable primary and secondary laws and regulations.

In particular, in order to provide company bodies and Senior Management with an overall evaluation of the internal control system, the Chief Audit Executive prepares the quarterly report "Internal Audit Activities and Results (IAAR)". In addition to an assessment of the internal control system, the IAAR contains summary information on audit activities performed, on the main risks identified and on the implementation status of Management's action plans. An update on the progress of the annual plan is also provided on a periodic basis. The Chief Audit Executive also submits Audit Reports with a "critical" or "unsatisfactory" assessment directly to the Board of Statutory Auditors and to the Risks and Related Parties Committee; in any case, it may send additional audit reports to the Risks and Related Parties Committee and the Board of Statutory Auditors which, regardless of the overall assessment, contain significant shortcomings.

With specific reference to planning activities, the Head of the Internal Audit Function has drawn up:

  • FinecoBank's 5-year audit plan based on mandatory audits and on the risk assessment of FinecoBank's Audit Universe (AU). This plan, revised annually based on the risk assessment, ensures efficient and effective coverage of the AU, in line with the Bank's risks;
  • the annual audit plan, which is part of the long-term audit plan, based on results of the Risk Assessment of the Audit Universe, Group Audit Guidelines, requests from the Supervisory Authorities and from company bodies, follow up activities and mandatory audits carried out at regular intervals.

IT auditing activities are included in these plans. On 7 March 2017, the Board of Directors of the Company appointed Patrizia Verdesca as Head of Internal Audit of FinecoBank, effective as from 13 March 2017, pursuant to article 7 of the Corporate Governance Code.

The Head of Internal Audit, in compliance with Application Criterion 7.C.5 of the Corporate Governance Code for Listed Companies is not responsible for any operating area and does not report hierarchically to any operating area manager. The Head of Internal Audit also has direct access to all information useful for carrying out duties.

11.3 Compliance programme pursuant to Legislative Decree no. 231 of 8 June 2001

On 15 March 2010, the Board of Directors approved FinecoBank's Organisation Management and Control Model (hereinafter, the "Model"), pursuant to Legislative Decree no. 231 of 8 June

2001, on "Provisions for the administrative liability of company bodies, Companies and associations also without legal status" (hereinafter "Legislative Decree 231/2001"). This document was subsequently amended to take into account subsequent regulations and the current version was approved by the Board of Directors by resolution of 16 October 2017.

The Model comprises:

  • (i) a general part, of seven chapters, describing: the scope and purposes of the Model; the applicable regulatory framework; the description of the management and control system adopted by FinecoBank to mitigate the risk of commission of offences pursuant to Legislative Decree 231/2001; the functioning of the body appointed to supervise the functioning of and compliance with the Model; the disciplinary system and related penalties; the information and training plan to be adopted in order to guarantee knowledge of the measures and provisions of the Model; the criteria for updating and adapting the Model;
  • (ii) a special part, with decision protocols and schedule of sensitive processes.

The Model includes the following attachments, which are an integral part:

  • Attachment 1 containing the "List of predicate offences and individual criminal offences";
  • Attachment 2 containing the "Code of ethics pursuant to Legislative Decree 231/01" which sets out the rules to guarantee that the conduct of Model recipients is always based on criteria of fairness, collaboration, loyalty, transparency and mutual respect, and also to avoid a conduct that may constitute the criminal offences and predicate administrative offences;
  • Attachment 3 "Information flows to the Supervisory Board".

Furthermore, on 11 May 2012, the Board of Directors resolved to adopt the Integrity Charter and Code of Conduct of the UniCredit Group (last updated by resolution of 4 July 2017), along with the supplementary FinecoBank regulations; The document combining these (hereinafter, the "Code"), integrates current regulations on banking, investment services and employment, identifying the fundamental principles of conduct for those working for the company. The Code therefore concerns all persons performing activities on behalf of the Company: members of supervisory, management and control bodies of the Company, employees, personal financial advisors authorised for cold-calling, outsourcers.

In accordance with provisions in article 6, paragraph 1 of Legislative Decree 231/2001, the Company has also established a specific body (hereinafter, the "Supervisory Board") to monitor the functioning of and compliance with the Model, and its continual updating.

For this purpose, the Supervisory Board, among other things: (i) has independent powers to act and carry out controls, and independent spending powers, (ii) periodically reports to the Risks and Related Parties Committee on the Model's functioning, and (iii) gives the Board of Directors, on an annual basis, a written report on the implementation status of the Model, and in particular, on controls carried out and on critical aspects and anomalies identified.

The Supervisory Board was appointed by the Board of Directors on 11 April 2017, for a term of three years; subsequently the composition was modified on 16 October 2017, by resolution of the Board of Directors, decreasing the number of "internal members" from three to two, with the outgoing Head of Internal Audit, who still participates in meetings as a permanent attendee, and the appointment of a new external member, replacing the Chairman of the Board of Statutory Auditors. Accordingly, at the date of approval of this Report, the composition of the Supervisory

Board was as follows.

NAME AND SURNAME CATEGORY
Marianna Li Calzi (Chairman)
Salvatore Messina Member of the UniCredit Compliance
Programme Supervisory Board
Andrea Pepe Head of Legal & Corporate Affairs
Silvio Puchar Head of Compliance

The Model adopted by the Company, as described above, is available on the Issuer's website: www.finecobank.com, https://images.fineco.it/pub-

fineco/pdf/popup/modello_organizzazione_gestione.pdf?v=1.

11.4 External Auditors

The Shareholders' Meeting of 16 April 2013 appointed Deloitte & Touche S.p.A., pursuant to article 16, paragraph 1 of Legislative Decree no. 39 of 27 January 2010, (i) to audit the financial statements of the Issuer for the years from 31 December 2013 to 31 December 2021 (included), including the auditing of the company's accounts, and (ii) the limited auditing of interim reports from 30 June 2013 to 30 June 2021 (included). From the financial statements as at December 31, 2017, first year of presentation of the consolidated financial statements, the External Auditor is empowered also to audit the consolidated financial statements of the Company.

11.5 Financial Reporting Officer

As established by article 28 of the By-laws and subject to the mandatory opinion of the Board of Statutory Auditors, the Board of Directors appoints the Officer responsible for preparing the financial reports (hereinafter, the "Financial Reporting Officer"), pursuant to article 154-bis of the TUF.

The Financial Reporting Officer is selected by the Board of Directors from executives of the Company that have specific expertise, in administrative and accounting terms, of lending, finance, securities or insurance. This expertise, verified by the Board of Directors, shall be gained from professional experience in a position of adequate responsibility for a suitable period of time and in like-for-like companies. The Financial Reporting Officer shall also meet the good standing requirements of laws in force for positions indicated in the By-laws. If the Officer no longer meets the good standing requirements, he/she shall be removed from office.

As provided for by article 154-bis of the TUF, the Financial Reporting Officer is responsible for: (i) preparing adequate administrative and accounting procedures for preparing financial statements and as well as any other kind of financial disclosure; (ii) including a written statement with the documents and notices required by law or disclosed to the market, containing information and data on the financial position and performance of the Company, that said information and data is truthful; (iii) arranging for the preparation of the financial statements, interim reporting and (iv) within relative areas of responsibility, representing the Bank in

relations with the international financial community.

By resolution of 13 May 2014, subject to approval from the Board of Statutory Auditors and in compliance with article 154-bis, paragraph 1 of the TUF and article 28 of the By-laws, the Board of Directors of the Company appointed Lorena Pelliciari (already the Chief Financial Officer of the Bank) as the Financial Reporting Officer of the Company, assigning her the duties established in article 154-bis of the TUF described above. This appointment became effective from 2 July 2014 (date of listing on the MTA). By resolution of April 11, 2017, the Board of Directors confirmed Lorena Pelliciari as Financial Reporting Officer of the Company for a three-year period.

Lorena Pelliciari has gained considerable experience as Chief Financial Officer of FinecoBank and therefore has an excellent knowledge of processes for preparing the Company's accounting and financial documents. She therefore meets the professional standing requirements established in article 28 of the By-laws.

The Board of Directors also gave Lorena Pelliciari the following powers, in order for her carry out her duties as Financial Reporting Officer:

  • (i) having free access to all information considered relevant for her duties, within the Company;
  • (ii) taking part in Board Meetings dealing with issues in her area of responsibility;
  • (iii) engaging with the Company's administrative and control bodies;
  • (iv) approving company procedures, when they have an impact on the financial statements or other documents which are certified;
  • (v) being involved in the design of information systems that have an impact on the financial position and performance of the Company;
  • (vi) using the internal auditing, organisation and compliance function to map and analyse processes within her area of responsibility and carry out specific controls;
  • (vii) using information systems;
  • (viii) updating, amending and supplementing, also with the assistance of external advisors, procedures on: (a) the standardisation of information flows to the Financial Reporting Officer; and (b) the preparation of financial statements and all other types of financial disclosure.

Lastly, the Board of Directors, in exercising its supervisory powers, established that the Financial Reporting Officer shall report at least quarterly to the Board of Directors on activities carried out, as well as on any critical aspects identified.

Financial reporting process

As regards the main characteristics of the Internal Control and Risk System in relation to financial reporting, including the reporting of consolidated information, under article 154-bis of the TUF, the Financial Reporting Officer of FinecoBank is responsible for preparing and adopting adequate administrative and accounting procedures for the preparation of the financial statements, as well as all other forms of financial reporting to the market.

The Financial Reporting Officer, along with the Managing Director and General Manager, in a report on the financial statements (including the consolidated financial statements) and

condensed half-year financial statements shall also certify:

  • the adequacy and actual adoption of administrative and accounting procedures;
  • compliance with applicable international accounting standards endorsed by the European Community pursuant to Regulation (EC) No 1606/2002;
  • the consistency of accounting records;
  • the accurate representation of the financial position and performance of the Company;
  • the inclusion in the Directors' report on operations of reliable analysis of the company's performance, operations and situation, along with a description of main risks and uncertainties to which it is exposed.

As established by article 28 of the By-laws, the Board of Directors ensures that the Financial Reporting Officer has adequate powers and resources to carry out the duties established by current regulations, and to comply with administrative and accounting procedures. In carrying out his/her duties, the Financial Reporting Officer may be assisted by all Bank units.

11.6 Coordination of entities involved in the internal control and risk management system

Procedures for interaction among company functions and entities involved in the risk management and control system have been planned to prevent overlapping or gaps as far as possible, or to alter, even in substance, the main responsibilities of company bodies as concerns the risk management and control system.

Specifically, the Company has significantly consolidated cooperation among control functions, through specific formalised information flows on internal regulations and through managerial committees dedicated to control issues.

Interaction among level two and level three control functions is part of a more general framework of ongoing, proactive cooperation, which is mainly formalized in specific regulations/internal regulations and includes:

  • involvement in the process to define and/or update internal regulations on risks and controls;
  • the exchange of information flows, documents or data, as well as access to all resources or company information in line with the control requirements of functions;
  • involvement in board and managerial Committees, systematically or on request;
  • involvement in working parties, which are set up from time to time for risk and control issues.

The purpose of improved interaction between control functions and continual reporting to company bodies is to ultimately establish a corporate governance system that guarantees sound and prudent management, also through a more effective monitoring of risk, at all company levels.

To ensure coordination and interaction among various functions and bodies with control duties (required by company, accounting or supervisory regulations), the Board of Directors, after examination by the Risks and Related Parties Committee, issued a specific document "Document on Bodies and functions with supervisory tasks" – sent to all areas involved –

outlining duties and responsibilities of the various bodies and control functions and methods of coordination/collaboration, as well as information flows between them pursuant to Supervisory Regulations on Corporate Governance.

12. DIRECTORS' INTERESTS AND RELATED-PARTY TRANSACTIONS

By resolution of 6 June 2017, the Board of Directors approved "Procedures to manage transactions with parties in conflicts of interest", governing procedures with related parties and associated persons (hereinafter, the "Procedures").

The Procedures were previously reviewed and approved by the Risks and Related Parties Committee.

The Procedures address governance issues, the scope of the procedures and the procedural and organisational profiles relative to managing transactions with related parties, associated persons and corporate officers pursuant to applicable regulations, as regards the operations of the Issuer.

The Procedures cover the following:

  • the identification, updating and ongoing monitoring of persons in conflict of interest;
  • the management of transactions with persons in conflict of interest, with reference to, among others:
  • the identification of transactions;
  • management of the decision-making process;
  • reporting and transparency obligations.

They also define:

  • procedures for the management of transactions with persons in conflict of interest;
  • the organisational structures of FinecoBank and the Parent Company involved and their relative role;
  • internal and external information flows, also to the market;
  • monitoring and control activities, and methods to update the Procedures.

The Procedures to manage transactions with persons in conflicts of interest, in line with the Global Policy and Global Process Regulation issued by UniCredit, are adopted for transactions undertaken by FinecoBank with parties in the "Combined Perimeter" which means related parties and associated persons of UniCredit ("UniCredit Perimeter"), of FinecoBank ("FinecoBank Perimeter") and of other banks and intermediaries supervised by UniCredit ("Banks and Supervised Intermediaries Perimeter") combined.

The FinecoBank perimeter includes persons defined as "Consob Related Parties", pursuant to the Related-Parties Regulations, and "Associated Persons", or related parties identified as such pursuant to the Bank of Italy Circular no. 263 of 27 December 2006, as well as persons connected to them, in addition to persons who are included in the Perimeter on a voluntary and discretionary basis and not in accordance with current regulations.

In compliance with Related-Parties Regulations, the Procedures identify, as regards the materiality threshold, material transactions, non-material transactions and minor transactions.

As regards transactions with members of the Single Perimeter, the Procedures require specific information flows to:

  • the FinecoBank oversight unit;

  • the Board of Directors and Board of Statutory Auditors;

  • the Risks and Related Parties Committee;

  • the Compliance Function;
  • the CFO;
  • The Parent Company central oversight unit (i.e. UniCredit).

The full text of the Procedures, to which reference is made for further details, is available on the Issuer's website: www.finecobank.com https://finecobank.com/en/public/corporate/governance/parti-correlate.

* * *

Save for the principle in article 2391 of the Civil Code concerning the interests of company directors and procedures for transactions with related parties and associated persons, FinecoBank is a banking company and therefore complies with article 136 of the TUB, according to which officers cannot take on any obligation, directly or indirectly, with the bank they manage, direct or control, unless approved unanimously by the supervisory body and with the favourable vote of members of the controlling body, without prejudice to the requirements of the Civil Code regarding the interests of company Directors.

Accordingly, corporate officers are required to report the names of individuals or companies with whom the establishment of relations might constitute an indirect obligation substantially related to bank officers.

13. APPOINTMENT OF STATUTORY AUDITORS

In accordance with the recommendations in Criterion 8.C.1 of the Corporate Governance Code, Statutory Auditors shall be chosen from qualified, independent persons, also on the basis of criteria in the above Code with reference to directors.

In compliance with laws and regulations applicable to listed companies, article 23 of the Bylaws requires the Board of Statutory Auditors to be appointed by the Shareholders' Meeting, on the basis of lists of candidates submitted by Shareholders (each list shall contain the names of the candidates numbered progressively), according to the procedure described below.

Shareholders can submit a list for the appointment of Auditors, provided that when they submit the list they hold, alone or in conjunction with other presenting shareholders, at least the minimum percentage of share capital established by laws and regulations in force at the time. Ownership of the minimum shareholding required is calculated based on the shares registered for each shareholder on the day when the lists are filed at the Company; relative certification may be submitted after the lists have been filed, provided this is within the deadline for publication of the lists.

Each party entitled to vote (as well as (i) entitled persons belonging to the same group, intended as a party, which need not be a corporation, exercising control pursuant to article 2359 of the Civil Code and any subsidiary controlled by, or under the control of the said party, or (ii) shareholders who are party to a shareholders' agreement as per article 122 of the TUF, or (iii) entitled persons who are otherwise associated with each other in a material relationship pursuant to current and applicable statutory or regulatory provisions) may submit individually or with others only one list, just like each candidate can be included in only one list, or otherwise be considered ineligible.

Lists shall be divided in two sections, containing respectively up to three candidates for the position of Statutory Auditor and up to two candidates for the position of Stand-in Statutory Auditor.

At least the first two candidates for the position of Statutory Auditor and the first candidate for the position of Stand-in Statutory Auditor in the respective lists must be entered in the Register of Auditors and have experience as statutory auditors.

Each list for the position of regular statutory auditor and alternate statutory auditor must include a number of candidates of the less represented gender such to ensure such list satisfies at least the minimum gender balance required by the applicable laws and regulations.

In order to be valid, the lists must be filed at the Registered Office or Head Office, also by means of remote communication and in accordance with procedures stated in the notice of call which allows for the identification of parties filing the lists, no later than twenty-five days before the date of the Shareholders' Meeting (or within a different deadline according to applicable laws) and must be made available to the public at the registered office, on the Company's website and through other channels provided for under current laws at least twentyone days prior to the date of the Shareholders' Meeting (or within a different deadline according to applicable laws).

Minority shareholders who are not affiliated with the Shareholders concerned shall be entitled to extend the deadline for presenting lists in the circumstances and according to the procedures in applicable laws and regulations.

Each eligible voter may vote for one list only.

The members of the Board of Statutory Auditors shall be elected as follows:

  • (a) 2 (two) Statutory Auditors and 1 (one) Stand-in Auditor are taken from the list that has obtained the highest number of votes cast by entitled persons, in the order in which they appear on the list;
  • (b) the remaining Statutory Auditor and Stand-in Auditor shall be taken from the list that has obtained the most votes after the one referred to in (a) and the first candidates of the relevant section shall be appointed as the Statutory Auditor and Stand-in Auditor, respectively.

The Chairmanship of the Board of Statutory Auditors will go to the first candidate of the minority list of Statutory Auditors receiving the most votes.

If, in accordance with the deadlines and procedures set forth above, only one list or no list has been presented, or the lists do not contain the required number of candidates to be elected, the Shareholders' Meeting shall pass a resolution for the appointment or completion of the Board of Statutory Auditors by relative majority. If there is a tie vote between several candidates, a runoff election shall be held between them with a further vote of the Shareholders' Meeting. The Shareholders' Meeting shall be required to ensure compliance with the provisions of applicable laws and regulations concerning gender balance.

In the event the death, resignation, withdrawal or removal from office for any other reason of a Statutory Auditor, he/she shall be replaced by the Stand-in Statutory Auditor, from the same list as the outgoing Auditor, in the order in which they appear on the list, complying with the minimum number of members entered in the Register of Auditors who have been engaged in auditing activities, and in compliance with gender balance principles. If this is not possible, the outgoing Auditor shall be replaced by the Stand-in Statutory Auditor meeting the specified requirements, drawn from the minority list which obtained the most votes, following the order in which they appear on the list. Where the appointment of Auditors is not carried out using the list voting system, the Stand-in Statutory Auditor shall take over pursuant to statutory provisions. Should it be necessary to replace the Chairman, the Stand-in Statutory Auditor taking over shall also serve as Chairman. The Shareholders shall appoint or replace Auditors in meetings called in accordance with article 2401, paragraph 1 of the Civil Code in compliance with the principle of adequate representation of minority shareholders and gender balance. Where the appointment of the Stand-in Statutory Auditor in lieu of the Statutory Auditor is not confirmed by the Shareholders' Meeting, he/she shall return to his/her position as Stand-in Auditor.

14. COMPOSITION AND FUNCTIONING OF THE BOARD OF STATUTORY AUDITORS

Pursuant to article 23 of the By-laws and in compliance with current rules and regulations, at least 2 Statutory Auditors and 1 Stand-in Auditor must have been entered in the Register of Auditors for at least three years and have at least three years' experience as a statutory auditor. Auditors who are not entered in the Register of Auditors must have gained at least three years' experience in:

  • (a) professional activities as a certified public accountant or lawyer, rendered primarily to the banking, insurance and financial sectors;
  • (b) performing university teaching on subjects relating to in the legal field banking, commercial, tax and financial markets law and – in the business / finance field – banking operations, business economics, accountancy, economics of the securities market, economics of financial and international markets, corporate finance;
  • (c) performing managerial duties in public entities or public administrations, in the credit, financial and insurance sector or in the provision of investment services or in collective asset management, as both defined by the TUF.

All Auditors must meet the eligibility, professional competence and integrity requirements provided for by law and any other applicable regulations.

Furthermore, in application of the recommendations in Application Criterion 8.C.1 of the Corporate Governance Code, the Auditors of FinecoBank must meet the independence requirements in article 3 of the Corporate Governance, as well as the requirements in article 148, paragraph 3 of the TUF.

In application of article 144-novies of the Issuer Regulations and the above Criterion, the Board of Directors and the Board of Statutory Auditors are responsible for evaluating whether members of the Board of Statutory Auditors meet the requirements specified above: (i) following appointment, the outcome of which shall be disclosed to the market by means of a press release; (ii) on an annual basis, reporting the results thereof in the annual corporate governance report.

The Company's Board of Statutory Auditors currently in office was appointed by the Shareholders' Meeting held on 11 April 2017 and shall remain in office until approval of the 2019 Financial Statements.

The Auditors were appointed based on a list voting system, pursuant to article 23 of the By-laws and in compliance with applicable laws and regulations. In particular, the following lists of candidates for appointment to the Board of Statutory Auditors were presented:

  • List no. 1, presented by UniCredit (owner of a total of 215,066,403 ordinary shares representing 35.39% of the share capital): (a) Barbara Aloisi, Marziano Viozzi and Giuseppe Grazia for the position of Statutory Auditor; (b) Federica Bonato and Marzio Duilio Rubagotti for the position of Stand-in Auditor;
  • List no. 2, presented by UniCredit (owner of a total of 16,347,439 ordinary shares representing 2.6901% of the share capital): (a) Stefano Fiorini and Paola Carrara for the position of Statutory Auditor; (b) Elena Spagnol and Giorgio Mosci for the position of Stand-in Auditor.

The following documents were filed and published along with the two lists, according to established times and procedures:

  • (vi) a statement from shareholders other than shareholders that hold, even jointly, a controlling or relative majority interest, certifying the absence of any connection and/or significant relations with the latter as provided for by article 147-ter, paragraph 3 of the TUF and article 144-quinquies of the Issuers Regulation, also having examined Consob recommendations in its Communication no. DEM/9017893 of 26 February 2009;
  • (vii) exhaustive information on the personal and professional characteristics of the candidates included in the list (curriculum vitae) and the list of administration, management and control positions they hold in other companies, which are relevant pursuant to law);
  • (viii) statements whereby individual candidates irrevocably accepted the position (subject to their appointment) and certified, under their responsibility, that there were no grounds for their ineligibility or incompatibility to stand as candidate, and that they met the requirements of applicable laws, regulatory provisions, the By-Laws and Corporate Governance Code.

The lists, together with the above documents, were filed on the Company's website ("Governance/Shareholders' Meetings" section).

The Shareholders' meeting of 11 April 2017 therefore appointed the Board of Statutory Auditors (comprising three Statutory Auditors and two Stand-in Auditors) for the 2017-2019 period as follows:

  • from the list submitted by UniCredit, which was voted by the majority of shareholders, Barbara Aloisi and Marziano Viozzi were appointed as Statutory Auditors, and Federica Bonato was appointed as Stand-in Auditor;
  • from the list presented by a number of asset management companies and institutional investors, which was voted by the minority of Shareholders, Stefano Fiorini was appointed as Statutory Auditor and Elena Spagnol as Stand-in Auditor.

For the percentage of votes for the above lists in relation to voting capital, see the summary report on voting, available on the Company's website ("Governance/Shareholders' Meeting" section).

The Board also confirmed the annual fees it had already established for the previous term of office of the Board of Statutory Auditors, also based in information from the outgoing Board of Statutory Auditors, to enable shareholders and candidates to evaluate their adequacy. In this context, the fees are commensurate with activities required, the significance of the role hold as well as the size and sector of the company.

On 4 September 2017, Stefano Fiorini resigned from his position as Chairman of the Board of Statutory Auditors of the Bank, with immediate effect, and in compliance with laws and the Bylaws, the Stand-in Auditor Elena Spagnol, also from the minority list, took over the position of Statutory Auditor and Chairman of the Board of Statutory Auditors, on the same date, until the next Shareholders' Meeting.

The table below provides relevant information about each member of the Board of Statutory Auditors in office as of the date of this Report.

Position Members Born in Date of first
appointment
*		 In office since In office until List
**		 Indep.
Corporate
Governan
ce Code		 Participation in
Board of
Statutory
Auditors'
meetings
***		 Number of
other
positions
****
Chairman Elena
Spagnol		 1968 11.04.2017 04.09.2017 First
shareholders'
meeting
(Shareholders'
meeting of 11
April 2018)		 m X 9/9
(100%)		 1
Statutory
Auditor		 Barbara
Aloisi		 1967 17.04.2012 11.04.2017 Shareholders'
meeting for the
approval of the
Financial
Statements as
at 31.12.2019		 M X 29/30
(96%)		 9
Statutory
Auditor		 Marziano
Viozzi		 1946 16.04.2013 11.04.2017 Shareholders'
meeting for the
approval of the
Financial
Statements as
at 31.12.2019		 M X 29/30
(96%)		 3
Stand-in
Statutory
Auditor		 Federica
Bonato		 1955 15.04.2014 11.04.2017 Shareholders'
meeting for the
approval of the
Financial
Statements as
at 31.12.2019		 M X -- 4
------------- Auditors no longer in office during the Year -------------
Chairman Stefano
Fiorini		 1969 11.04.2017 11.04.2017 04.09.2017 m X 9/9
(100%)		 -
Chairman Gian-Carlo
Noris
Gaccioli		 1951 14.04.2008 15.04.2014 11.04.2017 -- X 12/12
(100%)		 --
Stand-in
Statutory
Auditor		 Marzio
Duilio
Rubagotti		 1965 8.05.2012 15.04.2014 11.04.2017 -- X -- --
Quorum required to present lists during the last appointment: 1%

* The date of first appointment of each Statutory Auditor means the date when the statutory auditor was appointed for the first time (ever) to the Board of Statutory Auditors of the Company.

** This column indicates the list on which each Auditor was presented ("M": member from the majority list; "m": member from the minority list).

*** Percentage attendance at meetings (no. of attendances/ no. of meetings held during the actual period office of the person concerned during the Year).

**** Number of offices pursuant to article 148-bis of the TUF and relevant provisions implementing the Issuer Regulations.

Diversity policies

Save for applicable laws and regulations, the Board has adopted a specific policy with general guidelines on the structure, composition and remuneration of company bodies of investees and of procedures to appoint company officers, issued by UniCredit in its capacity as a steering, coordination and control body, in order to define principles, guidelines and rules to manage officers that shall be appointed in particular to the company boards of subsidiaries at a Group level.

In this regard, the process regulated by the policy establishes, among others, some guidelines on company bodies and requirements of relative board members, in order to achieve a balance between internal and internal members and gender, and a composition that can effectively

oversee all company operations in terms of management and controls, also considering the dimensions and complexity of the organisational structure of the specific company. In this context, the policy, among other things, establishes criteria for professional standing, integrity, independence and gender for members of control bodies.

With reference to FinecoBank, the principles and rules of this policy shall apply considering the provisions of national and EU laws and regulations on requirements for auditors, and, more in general, on the composition of the Board of Statutory Auditors, overall.

A breakdown of the members in office of the Board of Statutory Auditors by age and gender is provided below.

Members of the Board of Statutory Auditors meet the requirements of applicable laws and regulations. Save for indications below, on 15 December 2017, the Company was informed of the positive decision of the European Central Bank (ECB) on the suitability of its Board of Statutory Auditors.

As regards the personal and professional profile of each Auditor, see the information published on FinecoBank's website (www.finecobank.com, "Governance" Section).

Members of the Board of Statutory Auditors have not provided advisory services to the Issuer.

After appointment, the Board of Statutory Auditors checks that each member meets the independence requirements of the TUF and the Corporate Governance Code and forwards the outcomes to the Board of Directors.

During the meeting held on 30 January 2018, the Board of Statutory Auditors verified the independence of its members in accordance with the Corporate Governance Code and article 148 of the TUF and article 144-novies of the Issuer Regulation, and forwarded outcomes to the Board of Directors.

In the assessment of independence requirements, no additional criteria were used apart from criteria in article 148, paragraph 3 of the TUF, in applicable industry regulations (if any), and in the Corporate Governance Code. Outcomes were published in a notice to the market.

The Statutory Auditors are subject to the limit on the number of positions held pursuant to article 144-terdecies of the Issuer Regulations. To the best of the Company's knowledge, none of the members of the Board of Statutory Auditors exceeds the limits on the number of board mandates referred to in article 144-terdecies of the Issuer Regulations, at the time of writing. In addition to the above, the table shows the overall number of positions held by Auditors in office at the date of approval of this Report. The limit on the total number of positions held as Auditors, in line with the Directive CRD IV and principles outlined in the document "Guide to fit and proper assessments", published by the European Central Bank (ECB) on 15 May 2017, was considered in view of requirements applicable to positions held in the same group, to positions held in non-commercial organisations (that are not relevant for the total number of positions), and statements provided by auditors.

Name Total number of positions held by the
Auditors		 Number of relevant
positions held
Elena Spagnol
Chairman		 2 non-executive positions 2 non-executive positions
Barbara Aloisi
Statutory Auditor		 10 non-executive positions 6 non-executive positions (1
)
Marziano Viozzi
Statutory Auditor		 4 non-executive positions 4 non-executive positions

( 1 ) Considering the impact of positions in the same group and positions with a term of office that ends with the approval of the Financial Statements as at December 31, 2017, the total number of positions complies with established limits.

Auditors shall also take into account provisions of article 36, Decree law no. 201 of 6 December 2011, converted with amendments into Law no. 214 of 22 December 2011 with provisions on "personal crossholdings in the credit and financial markets" it is forbidden for "those who hold offices in the management, control and supervisory bodies and the top officers of firms or groups of firms engaged in credit, insurance and financial markets, to accept or exercise similar positions in competing firms or groups of firms" (interlocking ban). Those who hold incompatible offices must notify the option exercised within 90 days of the appointment. Otherwise, on expiry of this deadline, they shall be removed from both offices. As regards the above, incompatibility due to interlocking does not apply to any of the Auditors in office.

The special authorisation procedure as of article 136 of the TUB applies, in the case of obligations of any kind or sale transactions undertaken by members of the Board of Statutory Auditors, directly or indirectly, with the bank in which they hold a position.

Statutory Auditors that have an interest in a specific transaction of the Issuer, on their own or on others' behalf, shall promptly inform other Statutory Auditors and the Chairman of the Board of Auditors in detail as to the nature, terms, origin and extent of their interest.

* * *

In accordance with Article 24 of the By-laws, and in order to properly perform its tasks, and in particular meet its obligation to promptly inform the Bank of Italy, and other Supervisory Authorities if required, on management irregularities or violations of the law, the Board of Statutory Auditors has broadest powers provided for by applicable laws and regulations.

The Board of Statutory Auditors, without prejudice to any other or more specific duty and power assigned to it by primary and secondary laws and regulations in force, monitors compliance with laws, regulations and the By-laws, as well as correct administration, adequacy of organisational and accounting arrangements of the Bank, the risk management and control system, as well as the functioning of the overall internal control system, external auditing of the accounts, the independence of external auditors and financial reporting process. The Board of Statutory Auditors works in close cooperation with the corresponding body of UniCredit.

In performing its duties, the Board of Statutory Auditors liaises with the Internal Audit function and the Risks and Related Parties Committee, through ongoing communication and the exchange of information, as well as by taking part in meetings of the above mentioned Committee.

* * *

The Chairman of the Board of Directors ensures that Auditors may take part, after their appointment and during their term of office, in the most appropriate way, in initiatives to give them adequate knowledge of the sector in which the Issuer operates, of company dynamics and their evolution, principles of correct risk management as well as applicable legal and selfregulatory framework. During the Year, all Statutory Auditors took part in "induction and training courses" referred to in section 4.2.2. of this Report, and in specific cases in external courses.

* * *

The Board of Auditors met thirty times during the Year. Each meeting lasted on average two hours. 15 meetings of the Board of Statutory Auditors have been scheduled for 2018, of which 4 had already taken place at the date of approval of this Report.

For further information on the establishment, duties and functioning of the Board of Statutory Auditors, see the chapter "Board of Statutory Auditors" of FinecoBank's company bodies Regulations, available on the Issuer's website.

15. RELATIONS WITH SHAREHOLDERS

The Company considers it fitting in its own interests and a duty for the market engage with its shareholders and institutional investors, in compliance with the procedure for disclosing company documents and information to the market, and in general in compliance with laws and regulations that govern the disclosure of inside information applicable to listed companies.

In this context, the Company, in compliance with article 9 of the Corporate Governance Code, considers the Shareholders' Meeting an important opportunity for Shareholders and Directors to engage, and consequently adopts measures that encourage shareholders to take part in the Shareholders' Meeting and exercise their right to vote. In this respect, save for Paragraph 16, below, Shareholders' Meeting are held on single call, in accordance with article 7 of the Bylaws, unless the Board of Directors establishes that meetings are to be held in more than one session.

Pursuant to article 135-undecies of the TUF, the Company may appoint, for each Shareholders' Meeting, with information given in the notice of meeting, a person (company-appointed representative), that shareholders may appoint to act as proxy with instructions to vote on all or some items on the agenda, according to terms and procedures established by law.

Pursuant to Application Criterion 9.C.1 of the Corporate Governance Code, relations with institutional investors are instead overseen by the Investor Relator. In this regard, on 6 October 2016, Stefania Mantegazza was identified as Head of Investor Relations of the Company (Investor Relator).

The Investor Relator reports continually to Company's Senior Management on requirements concerning disclosure to the financial market and in particular to investors.

The Investor Relator is therefore the point of contact between the Issuer and the market and works with the entire company to maintain and promote compliance with regulations on corporate reporting.

* * *

The Company has created a specific section on its website www.finecobank.com – which is easily identifiable and accessible – with information on the Company that is significant for shareholders, to enable them to exercise their rights in an informed manner. In particular, the section includes updated information on the Company and services offered, key documents on corporate governance, as well as all press releases on main company events, in addition to financial and accounting data. Information on the website is updated as promptly as possible, to guarantee the transparency and effectiveness of disclosure to the public.

16. SHAREHOLDERS MEETINGS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER C) OF THE TUF)

In compliance with regulatory and legal provisions in force, the Ordinary Shareholders' Meeting, pursuant to the By-laws, is convened at least once a year, within 120 (one hundred and twenty) days from the end of the financial year, to resolve on items in its remit as established by laws in force and the By-laws. The Extraordinary Shareholders' Meeting is convened whenever there is a need to resolve on items in its remit as established by the applicable regulations.

The Shareholders' Meeting is convened as one session in compliance with laws in force, however in order to maintain adequate organisational flexibility, the By-laws establish that the Board may convene several sessions for individual Shareholders' Meetings.

Meetings are convened according to law, by notice published on the Company's Internet Site, as well as by other procedures required by law. The Agenda is established according to law and the By-laws, by the person with powers to convene Shareholders' Meetings.

Before the deadline for publishing the notice convening the meeting, based on each item on the agenda – or another term established by law – the Board of Directors shall make available to the public a report on each item on the Agenda.

The Agenda may be supplemented – according to the circumstances, procedures and terms established by laws in force – by shareholders that, even jointly, represent at least 2.5% of the share capital. Shareholders that request an item on the agenda to be added shall prepare a report stating the reasons for proposals to resolve on new items. Shareholders may also submit further proposals for resolutions on items already on the Agenda, giving relative reasons.

The Shareholders' Meeting meets at the Registered Office of the company or at another venue in Italy, indicated in the notice of meeting, and resolves with the majorities established by laws in force.

Quorums are not established in the By-laws, therefore in order for the Shareholders' Meeting to be duly established and for resolutions to be passed, laws in force shall be observed.

Pursuant to the By-laws, and in line with laws in force on remuneration and incentive policies and practices issued by Consob, and, for banks and banking groups, issued by the Bank of Italy, the Ordinary Shareholders' Meeting establishes the fees of the bodies it appoints, and also approves: (i) remuneration policies for Board Directors, employees and persons working for the company on a self-employed basis; (ii) remuneration plans based on financial instruments; (iii) payments agreed on in the event of the early termination of employment or early termination of an appointment, including the limits established for said fees in terms of annual fixed remuneration.

When approving remuneration policies, the Shareholders' Meeting may increase the limit of the ratio between variable and fixed remuneration up to a maximum of 2:1 or, if lower, to the maximum allowed by applicable laws in force. The Shareholders' Meeting votes on the Company's policy on the remuneration of Board Directors, the General Manager and Key Management Personnel, and the procedures used to adopt and implement this policy.

16.1 Legitimation, procedures for taking the floor and voting

Pursuant to applicable regulations, referred to in article 8 of the By-laws, persons may take part in the shareholders' meeting and exercise their voting rights following notification sent to the Company, within the legal established time limits, by the intermediary authorised by law to

keep the accounts, based on entries in accounting records relative to the end of the accounting day of the seventh open market day prior to the date established for the Shareholders' Meeting convened as a single session, or as a first session if the Board of Directors has planned for further sessions to take place.

The By-laws enable shareholders to take part in the Shareholders' Meeting using telecommunication means and to exercise voting rights digitally. The decision to activate these means is to be taken by the Board of Directors for each Shareholders' Meeting.

Pursuant to article 8 of the By-laws, each shareholder who may take part in Shareholders' Meetings can be represented by written proxy by another person, who is not necessarily a shareholder, provided this complies with legal provisions. Voting by proxy may also be authorised by a document signed digitally pursuant to laws in force and notified to the Company at the email address and according to procedures indicated in the notice of meeting, or by another procedure established by current laws in force.

In compliance with the Application Criterion 9.C.2 of the Corporate Governance Code, which recommends the involvement of directors in Shareholders' Meetings as an important opportunity for director/shareholder engagement, all directors usually take part in the Shareholders' Meetings of the Company. On these occasions, the Board of Directors, in particular, reports on past and planned activities and ensures shareholders are given sufficient information on items necessary for them to make informed decisions during shareholders' meetings.

The Board reports to the Shareholders' Meeting on past and planned activities within the context of the Directors' Report on Operations. It acts to ensure shareholders are given sufficient information on items necessary for them to make informed decisions during shareholders' meetings, in particular making sure that reports of Directors and additional information are made available in the times required by provisions of applicable laws and regulations.

16.2 Proceedings of shareholdings' meetings

In accordance with the recommendations of the Corporate Governance Code (Application Criterion 9.C.3), as proposed by the Board of Directors, the Shareholders' Meeting adopted regulations for the orderly and functional proceedings of shareholders' meetings (hereinafter, the "Regulations for Shareholders' Meetings"). The Regulations for Shareholders' Meetings are available on the Company's website ("Governance/Documents" section).

Under article 8 of the Regulations for Shareholders' Meetings, persons who are entitled to take part in shareholders' meetings may take the floor as regards each item to discuss. Persons intending to take the floor shall request permission from the Chairman, submitting a written request with details of the issue the request refers to, after the Chairman has read the items on the Agenda and before he declares discussions, the request to take the floor refers to as closed. The Chairman may authorise requests to take the floor to be made with a show of hands, and in this case persons take the floor in the alphabetical order of their surnames.

Article 10 of the By-laws also establishes that the Chairman is assisted by a Secretary, selected by the attendees, who may also be a non-shareholder, by majority of those attending. In addition to cases provided for by law, when the Chairman considers it appropriate, a notary may perform the function of Secretary, selected by the Chairman.

16.3 Significant changes in capitalisation and ownership structure

The capitalisation of FinecoBank went up by approximately €1,953,000.00 during the Year compared to the previous year, to a figure of €5,187,000.00 as at 31 December 2017.

With reference to changes in the ownership structure during the Year:

  • on 24 April 2017, BlackRock Inc. notified that it had exceeded the material threshold of 5%;
  • on 4 July 2017. Wellington Management Group LLP notified that it had fallen below the 5% threshold.

No proposals were made to the Shareholders' Meeting for amendments to the By-laws regarding the percentages established for the exercise of the shares and the prerogatives imposed for the protection of non-controlling interests.

17. ADDITIONAL CORPORATE GOVERNANCE PRACTICES

Corporate governance practices – in addition to those already indicated above – and besides obligations provided for by laws or regulations, include the Company adopting a system for the internal reporting of violations (whistle-blowing), in compliance with Supervisory Regulations on Corporate Governance (Part I, Title IV, Chapter 3, Section VIII).

In this context, the Company has appointed the head of the compliance function as the person responsible for the whistle-blowing process, with necessary autonomy and independence from control functions; this position ensures proper management of the procedure and reports directly and without delay to company bodies on information reported, where relevant.

18. CHANGES AFTER THE END OF THE YEAR

By resolution of 1 March 2018, the Board of Directors – complying with the principle's and recommendations of the Corporate Governance Code – assigned to the Appointments Committee supervisory functions concerning sustainability related to FinecoBank operations and the dynamics of interaction with all stakeholders, changing the name of the Committee to the "Appointments and Sustainability Committee".

In particular, this Committee – in addition to duties and functions as of Section 8 of this Report, to which reference is made – carries out the following functions assisting the Board:

  • monitoring the sustainable growth strategy of the Company over time, based on relevant Group and international guidelines and principles;
  • evaluating risks that could be significant in the medium/long term (Application Criterion 1.C.1. of the Corporate Governance Code); in particular, the Committee monitors activities to identify risks connected with sustainability, environmental and social issues;
  • formulating proposals concerning plans, objectives, rules and company procedures on social and environmental issues, monitoring implementation over time;
  • monitoring the positioning of the Company in relation to financial markets as regards sustainability issues and relations of the latter with all stakeholders.

Apart from the above, at the date of approval of this Report, no changes in the corporate governance structure had occurred after the end of the reporting period.

19. CONSIDERATIONS ON THE LETTER OF 13 DECEMBER 2017 OF THE CHAIRMAN OF THE CORPORATE GOVERNANCE COMMITTEE

The Chairman of the Board of Directors received and informed the Board, during the meeting of 1 March 2018, of recommendations in the letter of 13 December 2017 of the Chairman of the Corporate Governance Committee. The contents of this letter were reported to the Appointments and Sustainability Committee, the Risks and Related Parties Committee and Remuneration Committee, in meetings of 26, 27 and 28 February 2018 respectively.

The Directors, having examined the issues and the principles of the letter, took into consideration the general system and the rules of corporate governance adopted by the Company (including the new assignments on the sustainability of the committee in charge of appointments, in line with the principles of the Corporate Governance Code), believe that the Company's governance is consistent with the considerations referred to in the letter and they had no further considerations to make or initiatives to take.

More from FinecoBank

Report Publication Announcement 2025
Dec 11
Earnings Release 2025
Dec 4
Earnings Release 2025
Dec 4
Regulatory Filings 2025
Nov 11
Regulatory Filings 2025
Nov 11
Investor Presentation 2025
Nov 5
Earnings Release 2025
Nov 5
Earnings Release 2025
Nov 5
Capital/Financing Update 2025
Nov 3
Capital/Financing Update 2025
Nov 3
View all filings →

Talk to a Data Expert

Have a question? We'll get back to you promptly.