REPORT ON THE CORPORATE GOVERNANCE AND OWNERSHIP STRUCTURE

pursuant to Article 123-bis of the Legislative Decree no. 58 of February 24, 1998 (traditional management and controlo model)

Name of Issuer: "FINECOBANK S.P.A."

Website: finecobank.com

Financial year of reference of the Report: January 1, 2024 / December 31, 2024

Date of approval of the Report: March 11, 2025

This is an English translation of the original Italian document. The original version in Italian takes precedence.

	Contents


	INTRODUCTION 12
1.	PROFILE OF THE ISSUER 13
1.1.	THE CORPORATE GOVERNANCE MODEL 14
1.1.1	16
1.1.2	Board of Directors 16
1.1.3	Board committees 17
1.1.4	Board of Statutory Auditors 18
1.1.5	EXTERNAL AUDITORS 18
2.	INFORMATION ON OWNERSHIP STRUCTURES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1 OF THE TUF) 20
A) TUF)	SHARE CAPITAL STRUCTURE (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER A) OF THE 20
B) 1,	RESTRICTIONS ON THE TRANSFER OF SECURITIES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH LETTER B) OF THE TUF) 21
C)	SIGNIFICANT HOLDINGS IN CAPITAL (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER C), OF THE TUF) 21
D)	SECURITIES CONFERRING SPECIAL RIGHTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER D), OF THE TUF) 23
E)	EMPLOYEE SHAREHOLDINGS: MECHANISM FOR EXERCISING VOTING RIGHTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER E), OF THE TUF) 23
F)	RESTRICTIONS ON VOTING RIGHTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER F), OF THE TUF) 23
G) THE TUF)	SHAREHOLDER AGREEMENTS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER G), OF 23
H) THE TUF)	CHANGE OF CONTROL CLAUSES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER H), OF AND ARTICLES OF ASSOCIATION PROVISIONS ON TAKEOVER BIDS (PURSUANT TO ARTICLE 104, PARAGRAPH 1-TER, AND 104-BIS, PARAGRAPH 1, OF THE TUF) 23
I)	DELEGATIONS TO INCREASE SHARE CAPITAL AND AUTHORISATIONS TO PURCHASE TREASURY SHARES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER M) OF THE TUF) 24
L)	MANAGEMENT AND COORDINATION ACTIVITIES (PURSUANT TO ARTICLE 2497 ET SEQ OF THE ITALIAN CIVIL CODE) 25
3.	COMPLIANCE (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER A) OF THE TUF) 26

emarket sdir scorage
CERTIFIED

4.	BOARD OF DIRECTORS 28
4.1	ROLE OF THE BOARD OF DIRECTORS 28
4.1.1	Duties 28
4.1.2	Competing activities 37
4.2.	APPOINTMENT AND REPLACEMENT (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER L),
PART 1,	OF THE TUF) 37
4.3 TUF)	COMPOSITION (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER D), AND D)-BIS OF THE 40
4.3.1	Diversity criteria and policies in the composition of the Board and the company
	organisation 46
4.3.2.	Maximum number of positions held in other companies 47
4.4	FUNCTIONING OF THE BOARD OF DIRECTORS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2,
LETTER D)	OF THE TUF) 51
4.5	ROLE OF THE CHAIRMAN OF THE BOARD OF DIRECTORS 53
4.6	EXECUTIVE DIRECTORS 55
4.6.1	Managing Directors: Managing Director and General Manager 55
4.6.2	The Chairman of the Board of Directors 56
4.6.3	Reporting to the Board of Directors by Directors/Delegated Bodies 56
4.6.4	Other executive directors 57
4.7	INDEPENDENT DIRECTORS AND LEAD INDEPENDENT DIRECTORS 57
4.7.1	Lead Independent Director 60
5.	PROCESSING OF COMPANY INFORMATION 61
6.	INTERNAL COMMITTEES OF THE BOARD OF DIRECTORS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER D) OF THE TUF) 64
6.1	CORPORATE GOVERNANCE AND ENVIRONMENTAL AND SOCIAL SUSTAINABILITY COMMITTEE 66
6.1.1	Composition and functioning of the Corporate Governance and Environmental and Social Sustainability Committee 66
6.1.2	Functions of the Corporate Governance and Environmental and Social Sustainability Committee 67
6.1.3	Activities performed 68
7.	SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS APPOINTMENTS COMMITTEE 72
7.1	SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS 72
7.2	APPOINTMENTS COMMITTEE 74

7.2.1	Composition and functioning of the Appointments Committee	74
7.2.2	Functions of the Appointments Committee	74
7.2.3	Activities performed	76
8.	REMUNERATION OF DIRECTORS REMUNERATION COMMITTEE	78
8.1	REMUNERATION OF DIRECTORS	78
8.2	REMUNERATION COMMITTEE	78
8.2.1	Composition and functioning of the Remuneration Committee (pursuant to Article 123-bis, paragraph 2, letter d) of the TUF)	78
8.2.2	Functions of the Remuneration Committee	79
9.	INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - RISK AND RELATED PARTIES COMMITTEE	81
9.1	CHIEF EXECUTIVE OFFICER	97
9.2	RISK AND RELATED PARTIES COMMITTEE	99
9.2.1	Composition and functioning of the Risk and Related Parties Committee (pursuant to Article 123-bis, paragraph 2, letter d) of the TUF)	99
9.2.2	Functions assigned to the Risk and Related Parties Committee	101
9.2.3	Activities performed	105
9.3	HEAD OF THE INTERNAL AUDIT FUNCTION	107
9.4	ORGANISATIONAL MODEL PURSUANT TO LEGISLATIVE DECREE 231/2001	111
9.5	AUDITING FIRM	112
9.6	FINANCIAL REPORTING OFFICER	114
9.7	COORDINATION BETWEEN THE PARTIES INVOLVED IN THE INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM	117
10.	DIRECTORS' INTERESTS AND RELATED-PARTY TRANSACTIONS	120
11.	BOARD OF STATUTORY AUDITORS	123
11.1	APPOINTMENT AND REPLACEMENT OF STATUTORY AUDITORS	123
11.2.	COMPOSITION AND FUNCTIONING OF THE BOARD OF STATUTORY AUDITORS (PURSUANT TO
	ARTICLE 123-BIS(2)(D) AND (D-BIS) OF THE TUF)	125
11.2.1	DIVERSITY CRITERIA AND POLICIES	130
11.2.2	SELF-ASSESSMENT	134
11.3	ROLE	134
12.	RELATIONS WITH SHAREHOLDERS AND OTHER RELEVANT STAKEHOLDERS	138
13.	SHAREHOLDERS MEETINGS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1,	LETTER C) OF THE

emarket sdir storage
CERTIFIED

	TUF)	142
13.1	LEGITIMATION, PROCEDURES FOR TAKING THE FLOOR AND VOTING	143
13.2	PROCEEDINGS OF SHAREHOLDINGS MEETINGS	144
13.3	SIGNIFICANT CHANGES IN CAPITALISATION AND COMPOSITION OF THE COMPANY STRUCTURE	144
14.	ADDITIONAL CORPORATE GOVERNANCE PRACTICES	145
15.	CHANGES SINCE THE END OF THE REPORTING YEAR	146
	CONSIDERATIONS ON THE LETTER OF DECEMBER 17, 2024 FROM THE CHAIRMAN OF THE
16.	CORPORATE GOVERNANCE COMMITTEE	147

Meeting:
Shareholders:	the owners of FinecoBank shares.
Borsa Italiana:	Borsa Italiana S.p.A.
FinecoBank CFO:	the Chief Financial Officer of FinecoBank.
Civil Code:	the Italian Civil Code approved by Royal Decree no. 262, of 16 March 1942, as amended.
New Corporate Governance Code:	the New Corporate Governance Code for listed companies approved in July 2018 by the Corporate Governance Committee and endorsed by Borsa Italiana, ABI, Ania, Assogestioni, Assonime and Confindustria. From January 1, 2021, the Corporate Governance Code was replaced by the New Corporate Governance Code.
New Corporate Governance Code:	the New Corporate Governance Code for listed companies approved in January 2020 by the Corporate Governance Committee and promoted by Borsa Italiana, ABI, Ania, Assogestioni, Assonime and Confindustria, applicable from the first financial year starting after December 31, 2020. The New Corporate Governance Code replaces the previous Corporate Governance Code approved in July 2018.
Board of Statutory Auditors:	the Board of Statutory Auditors of the Issuer.
Corporate Governance and Environmental and Social Sustainability Committee:	the Internal Committee of the Board of Directors established in accordance with Article 3 of the New Corporate Governance Code and the Supervisory Provisions on Corporate Governance.
Appointments Committee:	the internal committee of the Board of Directors established in compliance with Articles 3 and 4 of the New Corporate Governance Code and the Supervisory Regulations on Corporate Governance.
Remuneration Committee:	the internal committee of the Board of Directors established in compliance with Articles 3 and 5 of the New Corporate Governance Code and the Supervisory Regulations on Corporate Governance.
Risk and Related Parties Committee:	the internal committee of the Board of Directors established in compliance with Articles 3 and 6 of the New Corporate Governance Code and the Supervisory Regulations on

emarket sdir storage
CERTIFIED

	Corporate Governance, as well as pursuant to the regulations on related parties and associated persons.
Board/Board of Directors:	the Board of Directors of the Issuer.
CONSOB:	Commissione Nazionale per le Società e la Borsa (public authority regulating Italian financial markets) with headquarters in Rome, Via G.B. Martini no. 3.
Ministerial Decree 169/2020:	Decree no. 169 of November 23, 2020 of the Ministry of Regulation on requirements and suitability criteria for corporate officers of banks, financial intermediaries, credit consortium, electronic money institutions, payment institutions and depositor guarantee schemes
CRD Directive:	the CRD IV Directive as amended by Directive (EU) 2019/878 (known as CRD V) on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC.
CRD IV Directive:	Directive 2013/36/EU of the European Parliament and of the Council of June 26, 2013, on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, as modified in each instance (among others by CRD V and Directive 2024/1619/EU).
CRD V Directive:	Directive (EU) no. 878/2019/EU of the European Parliament and of the Council, of May 20, 2019, amending the CRD IV Directive as regards exempted entities, financial holding companies, mixed financial holding companies, remuneration, supervisory measures and powers and capital conservation measures.
Mifid II Directive:	Directive 2014/65/EU of the European Parliament and of the Council of May 15, 2014, on markets in financial instruments, enacted on January 3, 2018, and replacing the previous European regulations in this area.
Financial Reporting Officer / Manager in charge of preparing financial reports:	the manager in charge of preparing the corporate accounting documents appointed pursuant to Article 154-bis of the Consolidated Finance Act (hereinafter TUF), with the duties provided for by current regulations (including that of certifying, with a specific report, that the sustainability report

	referred to in the management report has been prepared in accordance with the relevant regulations).
Supervisory Regulations:	the Supervisory Regulations for Banks set out in Bank of Italy Circular No. 285 of December 17, 2013 and subsequent updates.
Supervisory Regulations on Corporate Governance:	the Supervisory regulations for banks on organisation and corporate governance as per Bank of Italy Circular no. 285 of December 17, 2013, Part I, Title IV, Chapter 1 and subsequent amendments.
Issuer or FinecoBank or Bank or Company or also Parent Company:	FinecoBank S.p.A., an issuer of securities to whom the Report refers, registered in the Register of Banks and Parent Company of the FinecoBank Banking Group Banking Group Register no. 3015, with registered office in Piazza Durante 11, Milan, Headquarters in Via Rivoluzione code and Milan-Monza-Brianza-Lodi Companies Register no. 01392970404, Economic and Administrative Index (REA) no. 1598155, member of the National Guarantee Fund and the Interbank Fund for the Protection of Deposits.
Group Entities or Entities:	the Italian or foreign companies, directly or indirectly controlled by FinecoBank, belonging to the FinecoBank Banking Group.
Year:	the financial year of reference of the Report.
ESRS:	the sustainability reporting principles defined in the Commission Delegated Regulation (EU) 2023/2772 of July 31, 2023.
EXM:	the Euronext Milan stock exchange (previously MTA, Mercato Telematico Azionario) organised and managed by Borsa Italiana, where FinecoBank shares are also traded.
Fineco Asset Management Designated Activity Company or FAM:	the Irish company wholly owned by FinecoBank and engaged in the management of collective investment undertakings.
GDPR:	EU Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016 (General Data Protection Regulation) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC.

emarket sdir storage
CERTIFIED

Global Policy:	Global Policy for the management of transactions with persons in potential conflict of interest of the FinecoBank Group
Group or FinecoBank Group:	the group consisting of the Parent Company FinecoBank and its Subsidiaries; currently corresponding to the FinecoBank Banking Group.
FinecoBank Banking Group or Banking Group:	the group consisting of the Parent Company FinecoBank as well as its Entities.
BCE Guide:	Guide to fit and proper assessment and replaces the previous version updated in May 2018. The purpose of the Guide is to explain in more detail the policy guidelines, supervisory practices and processes applied by the European Central Bank in assessing the suitability of members of the management bodies of significant credit
Instructions accompany the Stock Exchange Regulations:	instructions on Regulations for Markets organised and managed by Borsa Italiana, in force at the date of approval of this Report.
MTA:	the Mercato Telematico Azionario (now Euronext Milan - EXM) organised and managed by Borsa Italiana on which FinecoBank was admitted to listing on July 2, 2014.
Joint EBA and ESMA Guidelines:	the joint guidelines of September 26, 2017 of ESMA and the EBA on the assessment of the suitability of members of corporate bodies and key personnel under CRD IV and 2021.
Paragraph:	the paragraphs of this Report.
Fit & Proper Policy:	the policy concerning the rules adopted by the Bank on the verification of the suitability requirements for corporate functions, pursuant to the applicable legislation and regulations, approved by the Board of Directors on March 16, 2021 and subsequently amended.
Assonime Principles:	19, 2021, which together with the relevant annotations outline roles and responsibilities in defining policy and

emarket sdir storage
CERTIFIED

	managing dialogue with investors in general, in line with the functions and tasks that the New Corporate Governance Code assigns to those involved in the governance system.
Corporate Bodies Regulations:	the Regulations approved by the Board of Directors governing the functioning and responsibilities of the Auditors and related information flows, in compliance with laws, regulations and the Articles of Association. The www.finecobank.com About Us/Corporate/Governance/Company Boards
Stock Exchange Regulations:	the Regulations for Markets organised and managed by Borsa Italiana, in force at the date of approval of this Report.
Issuer Regulations:	the Regulations issued by CONSOB with resolution no. 11971 of May 14, 1999 (as amended), on issuers.
Market Regulations:	the Regulations issued by CONSOB with Resolution no. 20249 of December 28, 2017 (as amended), lays down the rules on markets.
Related-Party Regulations:	the Regulations issued by CONSOB with resolution no. 17221 of March 12, 2010 (as amended), containing provisions on transactions with related parties.
Report:	this Report on corporate governance and ownership structures that companies are required to prepare pursuant to Article 123-bis of the Consolidated Finance Act (hereinafter TUF).
Subsidiaries:	Italian and foreign companies controlled directly and/or indirectly by FinecoBank, pursuant to Article 2359 of the Italian Civil Code, Article 93 of the TUF and Article 23 of the Consolidated Banking Act (hereinafter TUB), whether or not they belong to the Banking Group.
External Auditors:	KPMG S.p.A., with registered office in Milan, Via Vittor Pisani 25, VAT No. 00709600159, tax code and registration number in the Milan Register of Companies 00709600159, R.E.A. 512867, a company registered in the special register of statutory auditors, appointed to perform the statutory audit counts and the certification of conformity of the Issuer's sustainability reporting.
Articles of Association:	the Articles of Association of the Company in force at the

	website).
TUB:	Legislative Decree no. 385 of September 1, 1993, as amended (Consolidated Banking Act/TUB).
TUF:	Legislative Decree no. 58 of February 24, 1998, as amended (Consolidated Finance Act/TUF).

INTRODUCTION

The Report was drafted pursuant to Article 123-bis of the TUF, in compliance with the update of which was prepared by the Technical Secretariat of the Corporate Governance Committee with the coordination of Borsa Italiana S.p.A. (10th edition, December 2024), as well as the Supervisory Provisions on Corporate Governance. The information in this Report refers to the 2024 financial year, unless otherwise indicated.

The Report, approved by the Company's Board of Directors by resolution of March 11, on the website of the authorised storage mechanism managed by Spafid Connect S.p.A. ().

The Report was submitted to the Independent Auditors for the verifications of competence in order to express an opinion on the consistency of the financial statements and compliance with the law pursuant to Article 123-bis, paragraph 4, of the TUF. The results of the activity carried out by the Independent Auditors are reported in the reports drawn up by the latter pursuant to Article 14 of Legislative Decree No. 39 of January 27, 2010 and Article 10 of Regulation (EU) 537/2014, attached to the Company's annual financial statements and consolidated financial statements for 2024.

PROFILE OF THE ISSUER FinecoBank is one of the leading FinTech banks in Europe, founded in 1999 as a digital bank with the aim of simplifying and making investment opportunities accessible. Listed on the FTSE MIB(1), FinecoBank offers a business model that is unique in Europe, combining the best technology with a large network of personal financial advisors. Established from the outset as a company geared towards long-term sustainable growth, Fineco operates by pursuing its corp support customers in their responsible approach to their financial life in order to create the conditions for a more prosperous and fairer society simplification and innovation, offering customers excellent services and products at fair pricing within the three integrated business areas: banking, investing and brokerage. It also offers a single platform for all banking, credit, trading and investment services through transactional and advisory functions developed using proprietary technology. FinecoBank provides one of the most widely used brokerage services in Europe and is one of the leading players in Private Banking in Italy, offering advanced and tailor-made advisory services. Fineco Asset Management Designated Activity Company (a wholly owned subsidiary of FinecoBank) was founded in Dublin in 2018, with a mission to develop innovative investment solutions in partnership with top international asset managers. held by the former parent company, FinecoBank (formerly subject to management and

It should be noted that, with effect from May 11, 2019, following the sale of the shares subsidiary FAM), exercising management and coordination over the group in accordance with the applicable regulations.

With regard to sustainability, the Group bases its strategy on three main pillars: efficiency, innovation and transparency, guiding the path to sustainable growth.

Fairness and transparency towards all stakeholders, including through fair pricing, underpin the creation of long-term sustainable values for all its stakeholders.
Efficiency is the distinctive feature of the Bank and characterises every activity: thanks to its proprietary back-end systems, internal development and automated processes, Fineco benefits from a lean and efficient cost structure as well as rapid time-to-market for new products and services.
Innovation is the path taken by Fineco to achieve its mission: from the outset a pioneer in anticipating clear structural trends generated by the increasing

⁽¹ ) FinecoBank was admitted to listing on the MTA on July 2, 2014. Since April 1, 2016, FinecoBank has been included in the FTSE-MIB index and since March 2017 it shares have been included in the STOXX Europe 600 Index. With effect from October 25, 2021, the equity markets of Borsa Italiana S.p.A. have changed their name: the Mercato Telematico Azionario (MTA) became Euronext Milan (EXM).

digitalisation of customers and consumers, who increasingly choose their banks according to the quality of services offered.

The constant look to the future that guides business choices is also the cornerstone of its approach to sustainability. For this reason, an ESG target plan has been adopted since 2020, most recently updated in 2023 through the definition of objectives and targets to be pursued in the three-year period 2024-2026. The ESG Multi-Year Plan (MYP ESG) 2024-2026, approved by the Board of Directors in December 2023, aims to combine business growth and financial strength with social and environmental sustainability, creating long-term value for all stakeholders. The environmental objectives and targets of the MYP ESG 2024 environmental management system certified under the EMAS Regulation. In 2024, the Bank obtained the renewal of its Environmental Certification under the EMAS Regulation.

Adherence to United Nations sustainability initiatives, namely the Principles of the Global Compact, the Principles for Responsible Banking and the Principles for Responsible Investment, has enabled the Group to increasingly integrate sustainability risks and factors into business choices for all stakeholders. In terms of customer offerings, from 2021 the Bank is committed to providing investment funds with an ESG Rating and to expanding the range of ESG-rated financial products over time. Fineco Asset Management is committed to integrating ESG criteria into its activities as a collective manager.

Of equal importance to the Group is the relationship with its people, so several initiatives have been taken to ensure a fair and inclusive working environment where everyone can express their potential to the full. As proof of this commitment, in 2023 Fineco obtained the Gender Equality Certification in accordance with UNI:PdR 125/2022 with a positive outcome again for the audits in 2024 and the recognition as a Top Employer Italy. The focus on ESG issues is an integral part of Corporate Governance. In fact, there are Sustainability Committees at board and management level, as well as a dedicated structure to define and oversee the sustainability strategy. 1.1. The corporate governance model

It should be noted that the Bank has prepared and published, pursuant to Legislative website About Us/Corporate Governance/Shareholders' Meeting section, to which reference should be made for a more detailed exposition of the information, required by the ESRS reporting standards, pertaining to ESG profiles also connected to corporate governance, as well as for more details on the profiles inherent

The corporate governance system adopted by the Company is based on principles recognised by international best practices as fundamental for good governance: the central role of the Board of Directors, the objective of pursuing sustainable success, as

and long-term activities, the proper management of conflicts of interest, an effective internal control system and transparency in relations with the market, particularly with regard to reporting on corporate management decisions.

with current legal and regulatory provisions, also taking into account the recommendations of the New Corporate Governance Code. The Company is also subject to the Supervisory Regulations issued by the Bank of Italy and the Supervisory Regulations on Corporate Governance. Pursuant to these regulations, with effect from January 1, 2022, FinecoBank has been under the direct prudential supervision of the European Central Bank and the Single Resolution Board.

FinecoBank, in its capacity as Parent Company of the FinecoBank Banking Group, in accordance with Article 61 of the TUB and the Supervisory Regulations, issues rules for the companies belonging to the Group in the interest of its stability. To this end, FinecoBank has drawn up Group Managerial Golden Rules (GMGR) for Corporate Governance, in order to fully perform its management and coordination role, as well as implementing a management system and regulating key processes between the Parent Company and its subsidiaries. In its institutional role, FinecoBank also ensures the coordination of the activities of the subsidiaries through a management system based on central and local). These competence lines operate transversally across the Parent Company and the Group Companies, with the aim of directing, coordinating and controlling the operations and risks of the Group as a whole. FinecoBank adopts a traditional administration and control system based on two bodies

supervision and company management, and the Board of Statutory Auditors, responsible for overseeing compliance with laws, regulations and the Articles of Association, sound The Managing Director and General Manager performs the role of management body in accordance with the Supervisory Regulations. The statutory audit of the accounts and the attestation of conformity of the sustainability reporting are entrusted to a statutory auditing company, in application of the relevant legal provisions.

At the date of approval of this Report, the governance of FinecoBank also included the following Board of Directors Committees:

Risk and Related Parties Committee;
Remuneration Committee;
Appointments Committee; and
Corporate Governance and Environmental and Social Sustainability Committee.

The diagram below illustrates governance structure of FinecoBank(2):

1.1.1

through its decisions of the company.

the meeting and voting quorums envisaged by law and the Articles of Association, based on the specific matters to be discussed.

profit distribution. It appoints the Directors, the Statutory Auditors and the External Auditors, setting their remuneration. It also resolves on remuneration and incentive policies and practices envisaged by the applicable regulations. 1.1.2 Board of Directors

Association, capital increases and mergers and demergers.

Holders of voting rights and for whom the Company has received notice from the intermediary holding the relative account, within the deadlines established by applicable laws (record date, the seventh open trading day prior to the date convened for the Meet

In accordance with the Articles of Association, the Board of Directors is the body assigned all the powers, within the framework of the company purpose, that are not

⁽²

Association, and that exclusively oversees the management of the company. For this purpose, the Board of Directors is given full powers for the ordinary and extraordinary management of the Company.

Members of the Board of Directors have the professional standing, integrity and independence required by the Articles of Association and by applicable laws and regulations. They also meet the competence, correctness and dedication of time requirements, as well as complying with the limits on the number of positions held as established by the applicable regulations and/or the Articles of Association.

As established in the Articles of Association, members of the Board of Directors are -year term of office, save for a shorter d on a list voting system, to guarantee an adequate number of members of the Board of Directors elected by the minority shareholders.

The Board of Directors elects a Chairman from its members and, where considered appropriate, one or two Deputy Chairmen, one of whom will act as a stand-in. The Chairperson and Deputy Chairperson(s) remain in office for the entire duration of the Board of Directors. The Board of Directors also appoints a Secretary, who is not necessarily a board member. The Board may establish committees or commissions with advisory, decision-making or coordination functions, in compliance with applicable laws and regulations. 1.1.3 Board committees

The Board of Directors may also appoint a Managing Director, establishing the term of office and relative duties and powers, as well as a General Manager and one or more Deputy General Managers, who constitute the Executive Management. In accordance appointed Mr. Alessandro Foti as Managing Director and General Manager of the Bank.

For further information on the Board of Directors, see Section 4

To promote an efficient information and consultation system in order for the Board of Directors to evaluate issues to the best of its ability, four Board committees, with examining, advisory, proposing and coordination functions, were established at the date of approval of this Report, in compliance with the Supervisory Regulations on Corporate Governance and the principles and recommendations of the New Corporate Governance Code; more specifically: (i) a Risk and Related Parties Committee; (ii) a Remuneration Committee; (iii) an Appointments Committee; and (iv) a Corporate Governance and Environmental and Social Sustainability Committee.

For further information on the Corporate Governance and Environmental and Social

Sustainability Committee, the Appointments Committee, and the Risk and Related Parties Committee, see Paragraphs 6.1, 7, 8 and 9 respectively

1.1.4 Board of Statutory Auditors Board of Statutory Auditors comprises three statutory and two stand-in auditors. The Statutory Auditors to guarantee the presence of a Standing Auditor and an Alternate Auditor elected by the minority, as well as compliance with the provisions on gender balance.

The auditors remain in office for three years, they may be re-elected and their term ends the third year of their appointment. The Board of Statutory Auditors performs the functions assigned to it by law and other applicable regulations. For the entire period Board of Statutory Auditors also exercises all powers and carries out all duties provided for by special laws; with regard to disclosure in particular, the Directors are required to report on a quarterly basis, pursuant to Article 150 of the TUF, according to the procedures in Article 15 of the Articles of Association. The Board of Statutory Auditors, Internal control and audit committee 39 of January 27, 2010, carries out all the other activities envisaged by that decree.

The members of the Board of Statutory Auditors meet the requirements of professional standing, integrity and independence laid down by the applicable law and regulations and the Articles of Association. They also meet the competence, correctness and dedication of time requirements, as well as complying with the limits on the number of positions held as established by the applicable regulations and/or the Articles of Association. At least two Statutory Auditors and one Stand-in Auditor are registered auditors. 1.1.5 External Auditors

For further information on the Board of Statutory Auditors, see Section 11

The legal auditing of the accounts and the declaration of conformity of the sustainability report are carried out in accordance with the applicable provisions of the law, by a party that meets the requirements of current legislation.

The External Auditors represent the external control body responsible for auditing the accounts. In particular, during the financial year, the External Auditors are required to verify that the company accounts have been properly kept and that the operating events have been correctly recorded in the accounting records, to express an opinion on the financial statements and consolidated financial statements in a specific report, and to express their conclusions on the compliance of the sustainability report with the

applicable reference legislation in a specific attestation report.

For further information on the External Auditors, see Section 9.5

* * *

The duties and operating procedures of corporate bodies are governed by law, by the Articles of Association and by decisions taken by competent bodies.

governance system, see the specific Paragraphs of this Report.

2. INFORMATION ON OWNERSHIP STRUCTURES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1 OF THE TUF)

a) Share Capital Structure (pursuant to Article 123-bis, paragraph 1, letter a) of the TUF)

As at December 31, 2024, the share capital, fully subscribed and paid up, amounted to each.

The Board of Directors, partially exercising the authority granted to it pursuant to Article 2020, April 28, 2021, April 28, 2022, and April 27, 2023, resolved on February 5, 2025, to increase the share capital, as follows:

(i) 6th tranche of the plan and 4th tranche share);
(ii) 5th tranche of the plan and 3rd tranche share);
(iii) with effect from March 31, 2025, by a 4th tranche of the plan and 2nd and 3rd tranche share);
(iv) 3rd tranche of the plan and 2nd tranche share);
(v) with effect from 2nd tranche of the plan and 1st tranche share);
(vi) - 2nd and 4th tranche of the plan).
(vii) - 1st and 2nd tranche of the plan).

Ordinary shares are registered and are admitted for trading on the Euronext Milan (formerly MTA). No additional classes of shares, participatory instruments, convertible or exchangeable bonds and, in general, financial instruments granting the right to subscribe

to newly issued shares were issued.

Shares are indivisible and joint ownership is governed by law.

Each ordinary share carries the right to one vote in ordinary and extraordinary obligations in accordance with law.

For equity-based incentive plans, which involve free share capital increases approved Article 84-bis of the CONSOB Issuer Regulations(3), as well as the Remuneration Report prepared in accordance with Article 84-quater of the CONSOB Issuer Regulations(4) .

b) Restrictions on the transfer of securities (pursuant to Article 123-bis, paragraph 1, letter b) of the TUF)

c) Significant holdings in capital (pursuant to Article 123-bis, paragraph 1, letter c), of the TUF)

Article 84-bis	of the CONSOB Issuer Regulations(3), as well as the Remuneration Report prepared in accordance with Article 84-quater		of the CONSOB Issuer Regulations(4)
b)	Restrictions on the transfer of securities (pursuant to Article 123-bis, paragraph 1, letter b) of the TUF)
securities.	As at the date of approval of this Report, there were no restrictions on the transfer of
c) c), of the TUF)	Significant holdings in capital (pursuant to Article 123-bis, paragraph 1, letter
below.	Article 120 of the TUF, as well as other information available to the Company, the direct or indirect significant holdings in the share capital as at December 31, 2024, are detailed
pursuant to Article 119-bis	The table does not include entities that are exempt from the disclosure requirements	of the Issuer Regulations.
Declarer or entity at the top of the ownership chain	Direct shareholder	No. of ordinary shares (*)	% Share of ordinary capital	% Share of voting capital
	BlackRock Advisors	3,884,389	0.636%	0.636%
BlackRock Inc.	(UK) Limited

⁽³ ) Below is the web address of FinecoBank's website where the disclosure documents are available (namely,Annex II to the Report on the remuneration policy and compensation paid - Share-based compensation plans for FinecoBank staff): www.finecobank.com About

⁽⁴ www.finecobank.com About Us/Corporate/ . Moreover, the information pursuant to Article 84 www.finecobank.com About

	BlackRock Asset	397,585	0.065%	0.065%
	Management Canada Limited
	BlackRock Asset Management Deutschland AG	3,927,325	0.643%	0.643%
	BlackRock Asset Management North Asia Limited	3,894	0.001%	0.001%
	BlackRock Financial Management, Inc.	108,211	0.018%	0.018%
	BlackRock Fund Advisors	7,657,164	1.253%	1.253%
	BlackRock Institutional Trust Company	7,772,895	1.272%	1.272%
	BlackRock International Limited	323,536	0.053%	0.053%
	BlackRock Investment Management (Australia) Limited	223,138	0.037%	0.037%
	BlackRock Investment Management (UK) Limited	30,161,141	4.936%	4.936%
	BlackRock Investment Management, LLC	609,615	0.100%	0.100%
	BlackRock Japan Co., Ltd	374,800	0.061%	0.061%
	Total	56,089,279	9.180%	9.180%
SCHRODERS PLC	Schroder Investment Management Limited	8,408,277	1.376%	1.376%
	SCHRODERS & CO LTD	1,236,548	0.202%	0.202%
	Schroder Investment Management North America Ltd	21,012,367	3.439%	3.439%
	SCHRODERS (C.I.) LTD	38,887	0.006%	0.006%
	Schroder Investment Management	165,576	0.027%	0.027%
Wellington	Total	30,861,655	5.051%	5.051%
Management Group LLP	Wellington Management International Ltd	1,369,615	0.224%	0.224%
	Wellington Management Company LLP	20,702,993	3.388%	3.388%

	Wellington Management Europe GmbH	4,232,853	0.693%	0.693%
	Wellington Management Hong Kong Ltd	4,322,838	0.708%	0.708%
	Total	30,628,299	5.013%	5.013%
FMR LLC	Fidelity Management & Research Company LLC	21,781,687	3.565%	3.565%
	Fidelity Investment Management Ltd	291,635	0.048%	0.048%
	FIAM LLC	3,160,233	0.517%	0.517%
	Fidelity Institutional Asset Management Trust Company	2,646,987	0.433%	0.433%
	Fidelity Management		0.414%	0.414%
	Trust Company	2,529,613

d) Securities conferring special rights (pursuant to Article 123-bis, paragraph 1, letter d), of the TUF)

At the date of approval of this Report, FinecoBank had not issued any shares conferring special control rights, nor adopted article of association provisions allowing multiple or increased voting rights.

e) Employee Shareholdings: mechanism for exercising voting rights (pursuant to Article 123-bis, paragraph 1, letter e), of the TUF)

There is no employee share ownership scheme in which voting rights are exercised by representatives of the employees.

f) Restrictions on voting rights (pursuant to Article 123-bis, paragraph 1, letter f), of the TUF)

There are no restrictions on voting rights.

g) Shareholder agreements (pursuant to Article 123-bis, paragraph 1, letter g), of the TUF)

The Issuer is not aware of any shareholder agreements pursuant to Article 122 of the TUF.

h) Change of control clauses (pursuant to Article 123-bis, paragraph 1, letter h), of the TUF) and articles of association provisions on takeover bids (pursuant

to Article 104, paragraph 1-ter, and 104-bis, paragraph 1, of the TUF)

With the exception of the agreements signed as part of the so-called smooth transition, exit from the UniCredit Group, the Company has not entered into any significant agreements that become effective, are amended or terminate in the event of a change of control of the contracting company(5) .

Details of the change of control provisions contained in the above agreements, signed as part of the smooth transition in change of control matters, are provided in the Information document relating to significant transactions with related parties between FinecoBank S.p.A. and UniCredit S.p.A. 5 and in accordance with the format in Annex 4 of the Related-Party Regulations, www.finecobank.com About Us/Corporate/Governance/Related Parties and Associated Persons concerning the passivity rule pursuant to Article 104, paragraphs 1 and 1-bis of the TUF,

nor do they envisage application of the neutralisation rules laid down in Article 104-bis, paragraphs 2 and 3 of the TUF.

* * *

i) Delegations to increase share capital and authorisations to purchase treasury shares (pursuant to Article 123-bis, paragraph 1, letter m) of the TUF)

to carry out free increases in share capital, aimed at implementing the incentive plans has not been assigned the power to issue equity-based financial instruments.

authorised the purchase and disposal of a maximum of 203,773 treasury shares to service the 2021 incentive system for FinecoBank personal financial advisors identified as key personnel.

authorised the purchase and disposal of a maximum of 260,779 treasury shares to service the 2022 incentive system for FinecoBank personal financial advisors identified as key personnel.

authorised the purchase and disposal of a maximum of 246,015 treasury shares to service the 2023 incentive system for FinecoBank personal financial advisors identified as key personnel.

⁽⁵ ) FAM has not entered into any agreements that qualify as significant pursuant to Article 123 bis, paragraph 1, letter h) of the TUF.

authorised the purchase and disposal of a maximum of 256,740 treasury shares to service the 2024 incentive system for FinecoBank personal financial advisors identified as key personnel.

On January 21, 2025, the Board of Directors resolved to submit a proposal to the authorisation of the purchase and disposal of a maximum of 244,189 treasury shares to service the 2025 incentive system for FinecoBank personal financial advisors identified as key personnel.

As at December 31, 2024, the Company held 81,200 treasury shares corresponding to 0.01% of the share capital.

l) Management and coordination activities (pursuant to Article 2497 et seq of the Italian Civil Code)

As at the date of approval of this Report, FinecoBank was not subject to any management and coordination pursuant to Article 2497 and following of the Civil Code.

* * *

The information required by Article 123-bis, paragraph 1, letter i) of the TUF is contained in the Report on remuneration policy and compensation paid, published in accordance with Article 123-ter of the TUF(6) .

* * *

The information required by Article 123-bis, paragraph 1, letter l) of the TUF regarding the appointment and replacement of directors is given in the Paragraph of this Report concerning the Board of Directors (Section 4.2).

⁽⁶ www.finecobank.com

TUF)

COMPLIANCE (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 2, LETTER A) OF THE Since its listing, FinecoBank has adhered to the Corporate Governance Code, aligning conduct to the principles contained therein, where applicable. The Code is aligned with the main international practice and sets out the corporate governance standards (based on transparency, accountability and a long-term perspective) and best practices recommended by the Corporate Governance Committee, which apply to the listed companies are required to set out the reasons for non-compliance with one or more recommendations contained in its principles or application criteria in the Report on corporate governance and ownership structures.

On January 31, 2020, the Corporate Governance Committee approved and published the new Corporate Governance Code for Listed Companies, the application of which by the member companies took place as of the first financial year after December 31, 2020, informing the market in the Corporate Governance Report published in 2022. On December 15, 2020, the Board of Directors of FinecoBank resolved to adopt the New Corporate Governance Code, with effect from January 1, 2021. For the purposes of alignment to the new Code, on the same date and with the same effective date, the Board approved an updated version of the Corporate Bodies Regulations(7). This Report therefore takes into account the principles and recommendations of the New Corporate Governance Code, which in addition to the standards of transparency, responsibility and long-term perspective already adopted by the previous Corporate Governance Code, as well as the best practices for listed companies are based on four fundamental engagement, proportionality and simplification. The New Corporate Governance Code also applies the comply or explain principle. For details of the practical implementation of the principles and recommendations of the New Corporate Governance Code, see the respective paragraphs of this document, which, as mentioned in the introduction, have Report on corporate governance and proprietary structures.

For the sake of completeness, please also refer to Annex 2 to the Report, which

The New Corporate Governance Code is available on the Corporate Governance https://www.borsaitaliana.it/comitato-corporategovernance/codice/2020.pdf.

For additional information on the corporate governance structure of FinecoBank, in Report is published together with financial information, data and documents of interest

⁽⁷ ) The text of the Corporate Bodies Regulations, as amended over time in accordance with the About Us/Corporate/Governance/Company Boards

to shareholders.

* * *

The Issuer is not subject to provisions of law outside Italy that affect its corporate governance structure(8) .

⁽⁸ governance structure.

4.1.1 Duties

BOARD OF DIRECTORS 4.1 Role of the Board of Directors Under the current regulations for companies with shares listed on regulated markets and in accordance with the recommendations in the New Corporate Governance Code, the supe monitors their ongoing implementation.

Article 17 of the Articles of Association requires the Board of Directors to have the broadest powers for the management of the Company, except for powers reserved by

In particular, in addition to duties and powers that cannot be delegated according to law, the Articles of Association or the Corporate Bodies Regulations, the Board of Directors has exclusive responsibility for the following:

determination of the criteria for the direction and coordination of Group companies and for executing the instructions of the Bank of Italy in the context of the legal and regulatory powers of the Parent Company, to give instructions to Group members, and to check that those instructions are effectively carried out;
amendment of the business, strategic and financial plans of the Company and the Group, in the context of its instructions given as Parent Company;
appointment and dismissal of the Managing Director and/or the General Manager and Deputy General Manager(s), the Financial Reporting Officer and key management personnel;
assessments of the general performance of company operations(9);
updating the Articles of Association to bring them into line with regulatory provisions;
mergers by incorporation of Companies and demergers in the cases provided for under Articles 2505, 2505-bis and 2506-ter of the Civil Code;
reduction of share capital following the withdrawal of Shareholders;
indication of the Directors, in addition to those identified by the Articles of Association, that can represent the Company;
establishment of committees or commissions with advisory, decision-making or coordination functions;

⁽⁹ ) By considering the information received from executive bodies and officers, and periodically comparing the results achieved with those planned. In this regard, the assessment was conducted monthly during the financial year.

risk management policies, as well as the evaluation of the functioning, efficiency and effectiveness of the internal control system and adequacy of the organisational, administrative and accounting structure;
purchase and sale of investments, companies and/or business units, as well as decisions concerning investments or disinvestments that modify the composition of the Banking Group, subject to the provisions in Article 2361, paragraph 2 of the Civil Code;
purchase and sale of property;
approval and amendment of the main internal regulations;
the appointment and removal of the heads of the Internal Audit, Compliance, Risk Management and Anti-Money Laundering functions (of the Bank and the Group), as well as their replacement, after consulting the Board of Statutory Auditors;
establishment and structuring of branches, agencies and representative offices in Italy or abroad, also for the purpose of allocating signing powers.

Subject to the legal and regulatory powers applicable from time to time, also in accordance with Supervisory Regulations on Corporate Governance and the New Corporate Governance Code, and in line with the provisions of the Articles of Association and the Corporate Bodies Regulations, the Board of Directors, among other things:

(a) strategic objectives, including in its assessment all risks that may be relevant for the sustainable success(10)of the Bank and the Group; reviews and approves the business model, bearing in mind the risks to which the model exposes the Bank and the Group; formulates policies for the management of risks to which the Bank and the Group may be exposed, as well as the risk objectives and tolerance thresholds, periodically reviewing them to ensure their effectiveness and supervising the actual functioning of risk management and control processes in compliance with current legal and regulatory provisions; (b) defines corporate strategies taking into account the following areas: i) monitoring
and managing impaired loans and approving policies for their management; ii) the possible adoption of new business models, applications, processes or products, including through partnerships or outsourcing, related to the provision of technology-intensive financial services (FinTech); iii) the risks of money laundering and terrorist financing, having regard, inter alia, to the activity carried out, the clientele and the geographical areas concerned; iv) sustainable finance objectives and, in particular, the integration of environmental, social and governance (ESG) factors, including the management of associated risks, impacts and opportunities,

⁽¹⁰ sustainable success, see the Sustainability Report prepared pursuant to Legislative Decree About

into business decision-making processes; v) the risks, in particular legal and reputational, arising from any related or instrumental activities carried out; vi) the definition and proper implementation of funding policies, also with reference to the type of savers/investors concerned, including planning and choices regarding compliance with regulations on the Minimum Requirement for own funds and Eligible Liabilities (MREL); (c) examines and approves the business plan of the company and the related group,

also on the basis of an analysis of issues relevant to the generation of value in the long term, periodically monitoring its implementation11;
(d) structure, verifies its correct implementation and promptly takes corrective measures in the case of any shortcomings or inadequacies; it also defines the nd governance models/guidelines; more specifically, the Board of Directors is called upon in this respect to ensure a clear distinction of tasks and functions and the prevention of conflicts of interest(12); (e) checks the proper implementation of the overall corporate governance structure,
and of the organisational structure of the Bank as approved by the Board of Directors; promptly adopts corrective measures to address any deficiencies or inadequacies in these general administrative and accounting structure and of the organisational, administrative and accounting structure of the Group companies, with particular reference to the internal control system and the management of conflicts of interest; (f) approves the accounting systems and financial and sustainability reporting (g) approves policies and processes for the assessment of company operations, and, instruments or products that are uncertain or difficult to measure;
(corporate reporting);
in particular, financial instruments, ensuring their continued adequacy; it also

⁽¹¹⁾ The Board of Directors examined and discussed the 2024-2026 Multi-Year Plan at its meetings held on September 21, October 10, November 7 and 16, 2023, also analysing the most important issues with the support of the competent structures; the document was approved by the Board at its meeting on December 14, 2023. The Plan incorporates the 2024-2026 ESG Multi-Year Plan, the latter of which was submitted for prior review to the Corporate Governance and Environmental and Social Sustainability Committee at its meetings of November 2 and December 6, 2023. With particular reference to sustainability profiles, see Section 1 (Issuer Profile) above. During the financial year, the Board of Directors constantly monitored the implementation of the 2024-2026 MYP, based on the information provided by the relevant structures.

⁽¹² accounting structure, which is prepared by the Managing Director (in particular for the internal control system and risk management), also in relation to FAM, see Section 9 below.

(h) approves the process for the development and validation of internal risk measurement systems not used for regulatory purposes, periodically assessing their correct use; it also approves the adoption of internal risk measurement systems for assessing capital requirements, periodically checking their validity, and adopting a formal resolution annually, and after consulting the Board of Statutory Auditors regarding compliance with the requirements for the use of those systems; (i) assesses, with the support of the Risk and Related Parties Committee, the (j) with the support of the Risk and Related Parties Committee, describes, in the the reference national and international models and best practices), expresses its
advisability of adopting measures to ensure the effectiveness and impartial judgement of the other corporate functions involved in the controls, verifying that they have adequate professional skills and resources;
corporate governance report, the main characteristics of the Internal Control and Risk System and the methods of coordinating the parties involved in it (specifying overall assessment on the adequacy of the Internal Control and Risk System and gives account of the choices made with regard to the composition of the supervisory board set up pursuant to Legislative Decree no. 231 of June 8, 2001; (k) approves, reviews and updates (including at the request of the Supervisory (l) also with regard to the Group recovery plan, adopts, at the request of the
Authority pursuant to the provisions of the relevant laws and regulations) the sustainability and financial position in severe stress conditions;
Supervisory Authority, the changes to be made to the business, organisational structure or corporate form of the Bank or Banking Group, and the other measures necessary to achieve the purposes of the plan, as well as the elimination of the causes underlying early intervention pursuant to the provisions of, respectively, Articles 69-sexies, paragraph 3, letter c) and 69-noviesdecies, paragraph 1, letter b) of Legislative Decree no. 38 TUB (m) assesses whether to adopt a measure envisaged in the Group recovery plan or to (n) approves the stress Guidelines on (o) approves the policy on resolution governance that defines the governance rules (p) with the support of the Risk and Related Parties Committee, assigns the
refrain from adopting it even if the circumstances so require, in accordance with the provisions of the same recovery plan;
supervisory functions under Article 6, paragraph 1, letter b) of Legislative Decree no. 231 of June 8, 2001 to the control body or to an ad hoc body. If the body is other than the Board of Statutory Auditors, the Board of Directors will assess the

advisability of appointing at least one non-executive director and/or a member of the Board of Statutory Auditors and/or a person with legal or control functions within the Company, in order to ensure coordination among the various parties involved in the internal control and risk management system;

(q) with reference to banking, financial, investment and insurance products and services (i) defines the process for the approval of new products and services, commencement of new business and entry into new markets; (ii) approves and updates policies containing guidelines on Product Governance requirements; (iii) monitors the process of governance of financial instruments, and also checks that the compliance function reports systematically include information about the financial instruments produced by the intermediary, the services offered and the distribution strategy; (iv) approves proposals for unilateral amendments pursuant to Article 118 of the TUB, with the support of the Risk and Related Parties Committee; (r) approves a policy illustrating and justifying the choices on the various relevant proportionality and with the actual exposure to the risk of money laundering (so-
issues in terms of organisational structures, procedures and internal controls, adequate verification and data retention, consistent with the principle of called anti-money laundering policy), pursuant to the provisions of the Bank of Italy Bank of Italy AML Provision
(s)
(t) controls, approves a Code of Ethics, Code of Conduct and/or similar instruments to be complied with by members of corporate bodies and employees of the Bank and the Group, ensuring their implementation and monitoring compliance by the recipients with the support of the competent Group structures. The code defines the principles of professional conduct (e.g. rules of ethics and rules to be observed in relations with customers), also by indicating unacceptable conduct (including the use of false or inaccurate information and the commission of financial or tax activities; (u) approves the internal whistleblowing systems; (v) approves policies, with the support of the Corporate Governance and (w) it also has general responsibility for management and control of the information
Environmental and Social Sustainability Committee, to promote diversity and inclusiveness;
system, with a view to the optimal use of technological resources supporting company strategies (ICT governance).
- (i) it defines and approves the ICT strategy, in consideration of the evolution of

operations, processes and organisation; in this context it approves the reference model for the architecture of the information system;

(ii) it approves the bank's organisational and governance structure with reference to the information system, ICT and security risk management and business continuity, ensuring the clear distinction of tasks and responsibilities of corporate bodies and functions;
(iii) ) it approves (a) the action plans prepared by the body with management function for the implementation of the ICT strategy; (b) the information security policy; (c) the guidelines on recruitment of personnel with technical functions and on the acquisition of systems, software and ICT services, including the use of third parties and outsourcing;
(iv) promotes the development, sharing and updating of ICT knowledge within the company.
(v) ensures that the ICT and security risk governance and control system is constantly adapted, also in terms of qualitative and quantitative sizing of personnel and available financial resources, to the operational needs of the ICT function and the processes for managing ICT and security risks and for implementing the ICT strategy;
(vi) with regard to the exercise of supervisory responsibility for ICT and security risk management: (a) it approves the organisational and methodological reference framework for ICT risk analysis, promoting the appropriate consolidation of information on technological risk within the ICT function and integration with risk measurement and management systems (concerning in particular, operational, reputational and strategic risks); (b) it reviews the framework at least annually, also in the light of experience gained during its implementation and monitoring, with a view to continuous improvement; (c) it approves the ICT risk propensity, having considered internal services and services to customers, in accordance with the risk objectives and framework for defining the risk propensity at a company level. (d) it is also informed in a clear and timely manner, and in any event at least annually, of the IT and security risk situation with respect to the risk appetite, including the results of the risk assessment;
(vii) it approves the corporate documents required by law for the management and control of the information system, including those listed in Circular No. 285 of the Bank of Italy, Part One, Title IV, Chapter 4, All. A;
(vii) it approves the annual investment plan for IT development;
(ix) it is informed: (a) at least once a year, about the adequacy of the services provided and the support of these services to the evolution of the company's operations in relation to the costs incurred ("ICT adequacy and cost summary report"); (b) periodically on the application and adequacy of

the action plans for the implementation of the ICT strategy; (c) promptly, in the event of serious problems for business operations resulting from incidents and malfunctions of the information system; and is updated on the impact, corrective measures and additional controls following such events; and (d) about the initiation and progress of ICT projects, considered individually or in aggregate and according to their size and importance and the risks associated with them, on a periodic basis and, where appropriate; (x) approves the Data Governance policy at Group level, including roles and

responsibilities also in relation to the Risk Data Aggregation and Risk Reporting framework, guaranteeing the implementation of suitable organisational solutions including the adequate sizing of the structures in charge and adequate training, in compliance with the provisions of the relevant external regulations as well as the recommendations of the competent authorities. It is also informed about the progress of the BCBS-239 programme on a regular basis; (y) with regard to business continuity: (i) set the objectives and business continuity
strategies, ensuring adequate human, technological and financial resources for the achievement of predefined objectives; (ii) approve the business continuity plan and subsequent amendments as a result of technological and organisational changes, accepting the residual risks not managed by the business continuity plan; (iii) is on business continuity measures; (iv) appoints the manager responsible for the business continuity plan; (z) it defines the criteria for identifying the most significant transactions to be submitted (aa) takes decisions on the transactions of the Company and those of its subsidiaries,
for prior examination by the Risks and Related Parties Committee, and decides on transactions with related and connected parties, according to the relevant procedures;
where those transactions have a significant strategic, economic, capital or financial impact for the Company; to that end, it establishes general criteria for identifying significant transactions(13);

⁽¹³ or financial perspective. With reference to the significant transactions carried out by the subsidiaries, the Board of Directors has approved and implemented the Global Policy Regulations which establish the criteria for identifying significant transactions from a strategic or operational or financial perspective in order to report them to the Board of Statutory Auditors in accordance with the applicable regulations. In particular, all critical and significant transactions and, in any (i) new entry into, or strengthening of an existing position in, a strategic sector/market; (ii) definition/modification of shareholding structures with third parties with which there are governance agreements; (iii) decisions affecting strategic investments; (iv) decisions that have a significant influence on the organisational structure of the Company or the Group; (v) the

(bb) determines the remuneration/incentive systems for key personnel and the personal financial advisors network, and checks that these systems do not increase business risks and are consistent with long-term strategies;
(cc) the remuneration and incentives policy and is responsible for its proper implementation;
(dd) after consultation with the Appointments Committee, appoints the Directors of FinecoBank, with the approval of the Board of Statutory Auditors in the case of coopting; where provided for in the Articles of Association, it identifies candidates for the position of Director of FinecoBank, when lists are submitted by the Board to (ee) defines the Policy for verifying the suitability requirements of corporate officers and
after consulting the Board of Statutory Auditors and obtaining the opinion of the Appointments Committee;
(ff) with the support of the Appointments Committee, identifies in advance its own optimal qualitative and quantitative composition, identifying and justifying the ideal characteristics (including professionalism and possible independence) of the candidates for the office of director considered appropriate for these purposes; and subsequently verifies, again with the support of the Appointments Committee, the correspondence between the qualitative and quantitative composition deemed optimal and the actual composition resulting from the appointment process, informing the market; (gg) after consulting the Appointments Committee, defines the Policy for the (hh) promotes dialogue, in the most appropriate forms, with the shareholders and with
appoints the corporate officers meaning the members of the boards of directors, boards of statutory auditors and supervisory boards in the subsidiaries. It also appoints members of the corporate bodies of minority shareholdings upon proposal from the Managing Director and after consulting the Appointments Committee;
the other relevant stakeholders of the Company. In this context, it approves on proposal from the Chairman, formulated in agreement with the Managing Director and General Manager after examination by and opinion from the Corporate Governance and Environmental and Social Sustainability Committee, a policy for managing dialogue with shareholders in general, taking into account the engagement policies adopted by institutional investors and asset managers. The

exceeding of income/capital/financial thresholds in relation to the type of transaction carried out; (vi) (vii) new legal proceedings and changes to previous proceedings that give rise to contingent liabilities that exceed the threshold established

Chairman also ensures that the Board of Directors is in any case informed, within the next meeting, on the development and significant content of dialogue held with all shareholders;

(ii) after consultation with the Risk and Related Parties Committee, approves the Bank in the management of tax matters and, in particular, of the associated risk. In addition, at least once a year, and after the reporting to the Risk and Related Parties Committee, it is informed about the state of the internal control system for tax risk within the annual report on the tax risk situation. (ii) the implementation of the framework for determining the Risk Appetite Framework (iii) the strategic plan, the RAF, the Internal Capital Adequacy Assessment Process

The Board of Directors also ensures that:

(i) the creation of complex structures which are not justified by operational objectives;
identified); periodically assesses the suitability and effectiveness of the RAF and the compatibility of the actual risk with the risk objectives; (iv) the quantity and allocation of Group capital and liquidity are in line with the risk (v) where the Bank operates in jurisdictions lacking transparency or through especially
(ICAAP), the stress testing plan, the budget and internal control system are consistent, also bearing in mind the changing internal and external conditions under which the Bank and Group operate;
appetite, risk governance policies and the risk management process of the Group;
complex structures, the Board assesses the related operational risks, especially of a legal, reputational and financial nature, identifying oversight measures to mitigate those risks and ensure they are effectively controlled.

Furthermore, the Board approves, at least once a year, the plan of activities (including the audit plan) and reviews the annual reports prepared by the corporate control functions (Compliance, Internal Audit and Risk Management). With particular reference to the latter function, the Board of Directors assesses, at least once a year, its activity and the adequacy of the human and technical resources assigned to it, also in the light of the periodic audit carried out by the Internal Audit function. In this context, the Board also approves the long-term audit plan.

The Board of Directors ensures that instructions are given to the subsidiaries during the year, in the exercise of its powers of direction and coordination as provided for in the relevant legal and regulatory provisions.

Meetings.

4.1.2 Competing activities

The Company has not authorised any exceptions to the non-competition clause pursuant to Article 2390 of the Civil Code.

4.2. Appointment and replacement (pursuant to Article 123-bis, paragraph 1, letter l), part 1, of the TUF)

With reference to the provisions inherent to the presentation of the list by the Board of Directors, it should be noted that, during the 2025 financial year, following the adoption by CONSOB - pursuant to the delegation of authority contained in Article 12(2), Law No. 21 of March 5, 2024 (the so- - of the implementing provisions of the new Article 147-ter.1 under consultation by virtue of the submission to the market on November 20, 2024 of the preliminary consultation document on the regulatory intervention followed by the CONSOB illustrative report on the results of December 19, 2024, the Bank will update its Articles of Association by adapting them to the regulations introduced by Law No. 21 of March 5, 2024 and the aforesaid CONSOB implementing provisions not yet adopted.

Article 13 of the Articles of Association requires the Board of Directors to be appointed Directors and the Shareholders, with each list containing the names of candidates numbered sequentially, according to the procedure described below.

The Board of Directors and the Shareholders can submit a list for the appointment of Directors, provided that when they submit the list they hold, alone or together with the other submitting shareholders, at least the minimum shareholding established by CONSOB pursuant to Article 147-ter, paragraph 1, of the TUF and in compliance with relevant provisions in the Issuer Regulations. CONSOB, in its Executive Resolution by the Head of the Corporate Governance Division no. 123 of January 28, 2025, set the minimum shareholding required for FinecoBank to submit lists of candidates for election to the Board of Directors and Board of Statutory Auditors at 1% of share capital. For the submission of the list by the Shareholders, the ownership of the minimum shareholding required is calculated based on the shares registered for each shareholder on the day when the lists are filed at the Company. The related certification may be submitted after the lists have been filed, provided it is done within the deadline for publication of the lists.

Each party entitled (as well as (i) entitled parties belonging to the same group, understood as a party, which need not be a corporation, exercising control pursuant to Article 2359 of the Italian Civil Code and any subsidiary controlled by, or under the control of that party, or (ii) pursuant to Article 122 of the TUF, or (iii) entitled parties that are otherwise associated with each other in a material relationship pursuant to current and applicable legal or regulatory provisions) may, individually or with others, submit only one list, and each candidate can be included in only one list, or otherwise be considered ineligible.

Each list that has 3 (three) or more candidates (i) must include candidates from both genders, to ensure compliance with at least the minimum requirements of applicable laws and regulations on gender balance and (ii) must ensure that at least the majority of the candidates meet the independence requirements set out in the Articles of Association and, in any event, that the first candidate on any list, including lists with fewer than 3 (three) candidates, must meet those independence requirements.

Following the amendments to Article 147-ter of the TUF introduced by the 2020 Italian Budget Law, at least two-fifths of the members of the Board of Directors must belong to the less represented gender.

Article 13 of the Articles of Association requires that the lists shall be filed at the registered office or head office also by remote communication and in accordance with procedures in the notice of call, to enable the identification of parties submitting the list at least twentymembers of the Board of Directors, in single call (or within the different deadline as indicated from time to time by the applicable legislation). The Company shall ensure that applicable regulations, at least twenty-Meeting, in single call or on first call (or within the different deadline as indicated from time to time by the applicable legislation). The list submitted by the Board of Directors must be filed at the registered office and published in the manner described above at least thirty days before the date set for the Sharehold

The lists must also contain attachments with any additional documents and declarations required by the applicable laws and regulations, as well as:

for Shareholders, information on the identity of parties submitting the lists, indicating the total percentage of shares held;
information on the personal and professional characteristics of the candidates in the list;
a statement whereby individual candidates irrevocably accept the position (subject to their appointment) and certify, under their responsibility, that there are no grounds for their ineligibility or incompatibility to stand as a candidate, and that they meet the requirements required for the office by the Articles of Association and applicable laws and regulations and the possible possession of the independence requirements referred to in paragraph 3 of Article 13, according to a format that will be made public by the Company in advance, also taking into account the guidelines from the Supervisory Authorities.

Lists that do not comply with the above requirements shall be considered as not submitted.

Each eligible voter may vote for one list only.

Article 13 of the Articles of Association provides that, after the vote, candidates are elected from lists that have obtained the largest number of votes, according to the following criteria:

(a) the number of Directors equal to the number of board members shall be taken in the order in which they appear on the list from the list receiving the majority of votes cast except, depending on the case, 2 (two) or 3 (three) that will be taken from the minority list(s) that are not connected with those who submitted or voted for the list that obtained the highest number of votes in accordance with the current regulations, as specified below:

a.1) if only two lists are submitted, the remaining 2 (two) Directors will be taken in consecutive order from the second list that received the highest number of votes at the meeting,

a.2) if 3 (three) or more lists are submitted, 2 (two) Directors will be taken in sequential order from the second list that obtained the highest number of votes at the meeting regardless of the percentage of votes received, while 1 (one) Director will be taken in sequential order from the third list that received the highest number of votes at the meeting provided that it received at least 2% of the votes cast at the if the list that is third in terms of number of votes has not reached that percentage, the mechanism envisaged in letter a.1) above will be applied; (b) if the majority list does not have a sufficient number of candidates to ensure the

appointment of all Directors according to the mechanism specified in (a) above, all the candidates from the majority list shall be appointed and the remaining Directors shall be taken from the minority list that received the most votes, according to the sequential order in which they appear on the list and, if necessary, from the next minority lists below the most voted minority list, in the sequential order in which the candidates appear on the list, until the required number of Directors has been appointed; (c) if the number of candidates included in the lists submitted, both majority and
minority, is lower than the number of Directors to be elected, the remaining Directors (and therefore without taking into account any abstentions) while ensuring compliance with the principles of independence and balance between genders set out by Article 13, paragraph 3, and Article 13, paragraph 6, respectively of the Articles of Association. I Meeting shall hold a second round of voting; (e) if the required number of Independent Directors and/or of Directors of the less
(d) decide in accordance with the procedures specified in letter (c) above; in the event of a round of voting to establish their ranking;
represented gender is not appointed, the Directors of the most voted list and appearing first on the list and not satisfying the requirements in question are replaced by the next Directors from the same list satisfying the requirement(s). If, following the application of this criterion, it is still not possible to identify Directors

with the above-mentioned characteristics, this principle shall be applied to the other minority lists that the elected candidates were taken from;

(f) if, following the application of the replacement criterion set out in (e), it is still not by relative majority. In this case, replacements shall be made starting from the most voted lists and from the candidates appearing first on the list.

In the event of death, resignation, withdrawal or removal from office of a Director for any other reason, or where a Director no longer meets the professional competence and integrity requirements, the Board of Directors can co-opt a Director, in compliance with the principles of minority representation and gender equality. If, in the above cases, the minimum number of Independent Directors and/or the number of Directors belonging to the least represented gender as prescribed, respectively, by Article 13, paragraphs 3 and 6, of the Articles of Association fall below the level required, the Board of Directors shall replace them. of independence and gender equality established by current law, regulations and the

For the appointment of Directors needed to fill vacancies on the Board of Directors, the Articles of Association are met.

The Board of Directors shall elect a Chairman from among its members and where appropriate one or more Deputy Chairmen, one of which will act as a stand-in.

In compliance with applicable industry sector legislation and regulations, the Board of Directors defines the optimal qualitative and quantitative composition to effectively carry out its duties and oversee its responsibilities assigned by law, the Supervisory Regulations on Corporate Governance and the Articles of Association. In accordance with applicable legislation and regulations, the Board also establishes requirements positions that the Directors may hold in other companies. the optimal composition of the Board of Directors, and submit candidate proposals, giving 4.3 Composition (pursuant to Article 123-bis, paragraph 2, letter d), and d)-bis

Before appointing Directors, the Board informs shareholders of the optimal composition of the body, to ensure candidates are selected taking into account the professional competencies required. Shareholders may in any case make their own evaluations of reasons for any differences from evaluations made by the Board.

For the related decisions, see the Qualitative/Quantitative Profile in force at the time

of the TUF)

Pursuant to Article 13 of the Articles of Association, the Company is administered by a Board of Directors consisting of no fewer than 9 (nine) and no more than 13 (thirteen)

determines its term of office, subject to the condition that said term cannot be less than one year or more than three years from acceptance of the position and shall expire on for the last year of office. Members of the Board of Directors may be re-elected.

According to the Corporate Bodies Regulations, the number of members of the Board structure, and allow for the oversight of all company operations, with regard to management and controls. This number must also ensure that the Board includes (i) various representatives of the shareholder base, (ii) the professional expertise necessary to foster internal dialogue, and (iii) a sufficient number of independent members in accordance with the New Corporate Governance Code. With particular reference to money laundering risks, the composition of the Board of Directors must be such as to ensure the presence of adequate knowledge, skills and experience to understand such risks related to the Bank's activity and business model. Lastly, the composition of the Board must be gender balanced as provided for by the laws in force at the time, as well as reflect an adequate degree of diversification in terms of, inter alia, skills, experience, age and international exposure, which will be defined, at each renewal, following completion of the self-assessment process of the Board of Directors (described in Annex A of the Corporate Bodies Regulations) and communicated to Shareholders and the market through the publication of the document on the qualitative and quantitative composition of the Board. Directors on January 23, 2023, upon the occasion of the renewal of the Board). The

It is good practice, as far as is consistent with the skills required to hold the positions and the need to ensure the effective performance of the relevant tasks, that the positions of Chairman of the Board of Directors, Chairman of the Board of Statutory Auditors, and Managing Director and General Manager are not held by members of the same gender.

To ensure its proper functioning, the Board of Directors has established the requirements the applicable laws and regulations, and the number of directorships that Directors can Qualitative and Quantitative Composition of the Board of Directors of FinecoBank S.p.A. (the

Qualitative/Quantitative Profile 2023 . Subject to the limits on the number of positions that Directors can hold, Directors can accept a position on the Board when they consider they have sufficient time to diligently carry out their duties, also taking into account their own work and professional commitments, as well as the number of positions held in other companies (including non-Italian firms).

The members of the Board must be suitable for the performance of the office, in accordance with the applicable regulations and the Articles of Association and, in particular, they must meet the requirements of professional expertise, integrity and

independence and comply with the criteria of competence, correctness and dedication of time and the specific limits on the number of positions held laid down in the applicable regulations and the Articles of Association and in any event those laid down in the CRD IV Directive, for the discharge of the duties of director of a bank issuing shares listed on regulated markets. (i) after appointment, for a new Director who qualifies as independent; and (ii) annually, for all Directors (qualifying as independent).

Pursuant to Article 13, paragraph 3 of the Articles of Association, the majority of the Board Members must meet the independence requirements established in the New Corporate Governance Code.

The Board shall assess whether the independence requirements have been met, giving more importance to substance rather than form. This assessment shall be performed:

-

For this purpose, the Board of Directors, based on the statements provided and any other professional relationships with the Company, assesses their significance both in absolute terms and with regard to the economic and financial position of the individual concerned. The Board of Statutory Auditors verifies the correct application of the criteria and procedures adopted by the Board of Directors for the above-mentioned assessment. The results of the above assessments are disclosed to the market.

The Board of Directors in office as at the date of this Report was appointed by the December 31, 2025.

Accordingly, and in compliance with the Supervisory Regulations on Corporate Governance, the appointment of Board Members was proposed to the above-mentioned During that meeting, the Board of Directors also requested shareholders to take into account the 2023 Qualitative/Quantitative Profile when submitting their lists.

In compliance with the applicable regulations, the following lists of candidates for appointment to the Board of Directors were submitted:

List 1 submitted by the outgoing Board of Directors (pursuant to Article 13 of the Articles of Association) with the candidates Marco Mangiagalli, Alessandro Foti, Gianmarco Montanari, Patrizia Albano, Maria Alessandra Zunino de Pignier, Giancarla Branda, Arturo Patarnello, Maria Lucia Candida, Paola Generali, Francesca Fraulo and Diego Polo Friz;
List 2, submitted by several asset management companies and institutional investors (owners of a total of 11,650,760 ordinary shares representing 1.90959% of the share capital), with the candidates Elena Biffi and Marin Gueorguiev.

The following documents were filed and published along with the two lists, in the manner required:

(i) a statement from shareholders other than shareholders that hold, also jointly, a controlling or relative majority interest, certifying the absence of any connection and/or significant relations with the latter as provided for by Article 147-ter, paragraph 3 of the TUF and Article 144-quinquies of the Issuer Regulations, having also taken note of the CONSOB recommendations in its Communication no. DEM/9017893 of February 26, 2009; (ii) comprehensive information on the personal and professional characteristics of the (iii) statements whereby individual candidates irrevocably accepted the position Articles of Association and the Corporate Governance Code. (iv) a statement from each candidate certifying that they met the independence
candidates included in the list (curriculum vitae and the list of administration, management and control positions they hold in other companies, relevant under law);
(subject to their appointment) and certified, under their responsibility, that there were no grounds for their ineligibility or incompatibility to stand as a candidate, and that they met the requirements of applicable laws, regulatory provisions, the (v) a statement from each candidate on their knowledge and expertise in the areas Patarnello, Maria Lucia Candida and Paola Generali; - from the list submitted by several asset management companies and institutional
requirements established by law, the Articles of Association and the New Corporate Governance Code;
indicated in the 2023 Qualitative/Quantitative Profile.

website

April 27, 2023, appointed Directors for the 2023-2025 period as follows:

from the list submitted by the outgoing Board of Directors, which obtained the majority of votes: Marco Mangiagalli, Alessandro Foti, Gianmarco Montanari, Patrizia Albano, Maria Alessandra Zunino de Pignier, Giancarla Branda, Arturo
investors, which was voted by the minority of shareholders: Elena Biffi and Marin Gueorguiev.

For the percentage of votes for the above lists in relation to voting capital, see the About

The qualitative and quantitative composition of the appointed Board complied with the optimal composition defined by the Board (as described in the 2023 Qualitative/Quantitative Profile), in terms of: (i) the number of Board Members, optimally set by the Board as 11, in order to foster dialogue and promote the decision-making organisational structure and for effective oversight of all company operations; (ii) meeting

have a good knowledge and expertise of two or more of the areas listed) and independence (the majority of Board members are Independent Directors pursuant to the New Corporate Governance Code; (iii) gender balance (at least two fifths of the Board Members must comprise the least represented gender, as established by the legislation and regulations applicable to the Board of Directors of listed companies); (iv) complying with the limit on positions (no Board Members exceed the limit) and time available (based on the nature and extent of additional positions held, as well as various professional and work commitments). The table below presents relevant information on each Board Member in office at the date of approval of the Report. Position Members Born Date of In office In office until List List Exec. Non Indep Indep. in first since Exec . Code TUF 1) () () ( appointme 3) ( nt 2) ( ()


	Numbe Partici r of pation other () positio ns (*)
X(14) Chairman Marco 1949 April 28, April 27, Approval of BoD M X X Mangiagalli 2020 2023 the Financial Statements as at December 31, 2025	1 13/13 (100%)
Deputy Gianmarco 1972 April 11, April 27, Approval of BoD M X X X Chairman Montanari 2017 2023 the Financial Statements as at December 31, 2025	2 13/13 (100%)
Managing Alessandro 1960 October 20, April 27, Approval of BoD M X Director Foti 1999 2023 the Financial and Statements General as at Manager December 31, (l) 2025	0 13/13 (100%)
Director Patrizia 1953 April 11, April 27, Approval of BoD M X X X Albano 2017 2023 the Financial Statements as at December 31, 2025	1 12/13 (92%)
Director Elena Biffi 1966 April 11, April 27, Approval of Shar m X X X 2017 2023 the Financial ehol Statements ders as at December 31, 2025	3 13/13 (100%)
Director Giancarla 1961 April 28, April 27, Approval of BoD M X X X Branda 2020 2023 the Financial Statements as at December 31, 2025	1 13/13 (100%)
Director Maria Lucia 1959 April 27, April 27, Approval of BoD M X X X	0 13/13

(14) In accordance with the guidelines in the New Corporate Governance Code, the chairman of the management body may be considered independent if none of the circumstances that compromise (or appear to compromise) the independence of a director set out in Recommendation 7 of that Code apply.

	Candida		2023	2023	the Financial Statements as at December 31, 2025							(100%)
Director	Paola Generali	1975	April 27, 2023	April 27, 2023	Approval of the Financial Statements as at December 31, 2025	BoD	M	X	X	X	1	13/13 (100%)
Director	Marin Gueorguiev	1972	April 28, 2020	April 27, 2023	Approval of the Financial Statements as at December 31, 2025	Shar ehol ders	m	X	X	X	0	13/13 (100%)
Director	Arturo Patarnello	1956	April 27, 2023	April 27, 2023	Approval of the Financial Statements as at December 31, 2025	BoD	M	X	X	X	0	13/13 (100%)
Director	Maria Alessandra Zunino de Pignier	1952	April 28, 2020	April 27, 2023	Approval of the Financial Statements as at December 31, 2025	BoD	M	X	X	X	1	13/13 (100%)
			-------------		Directors leaving office during the financial year -------------
/
	Indicate the number of meetings held during the financial year: 13
Quorum					required for the submission of lists for the last appointment: 1%
(l) (*)					This symbol indicates the director in charge of the internal control and risk management system. The date of the first appointment of each Director means the date when the Director was appointed for the first time (ever) to the Board of Directors
of the Company. (**)					This column indicates whether the list from which each director was drawn was submitted by shareholders (with the indication
(***)					M			m
(****)			In the Report, the positions are indicated in full.		This column indicates the number of positions as director or statutory auditor held by the person concerned in other listed or large companies.

(*****) This column indicates the participation of the directors at board meetings (it indicates the number of meetings attended with respect to the total number of meetings that could have been attended; 6/8; 8/8, etc.).

( ¹) Independent Director according to the New Corporate Governance Code.

( ²) Independent Director in accordance with Article 2, Recommendation 7 of the New Corporate Governance Code.

( ³) Independent Director in accordance with Article 148, paragraph 3 of the TUF.

With reference to the personal characteristics, knowledge, skills and experience of the members of the Board of Directors, please refer to the curricula vitae attached to this website www.finecobank.com About us/Corporate Governance List of skills possessed by the Directors in accordance with the provisions of the document

website www.finecobank.com in the section Us/Corporate/Governance/Corporate Officers

company organisation

4.3.1 Diversity criteria and policies in the composition of the Board and the With regard to the diversity criteria and policies in the composition of the Board, the Corporate Bodies Regulations establish that the composition of the Board must be gender balanced as provided for by the laws in force at the time, as well as reflect an adequate degree of diversification in terms of, inter alia, skills, experience, age and international exposure, which will be defined, at each renewal, following completion of the self-assessment process of the Board of Directors and communicated to shareholders and the market through the publication of the document on the qualitative and quantitative composition of the Board.

Subject to the applicable laws and regulations, on January 23, 2023, the Board of Directors approved the Qualitative/Quantitative Profile for the renewal of the Board, which contains the general guidelines on structure, composition and diversity, in terms of gender and age, and also previous professional experience. The Qualitative/Quantitative Profile has been drawn up taking into consideration, in addition to the results of the Board review, the requirements and eligibility criteria set out in Ministerial Decree 169/2020, Fit & Proper Policy, the Joint EBA and ESMA Guidelines, the EBA Guidelines on Internal Governance, as well as the recommendations set out in About Us/Corporate/ About Us/Corporate/Governance/Documents

Members of the Board of Directors in office are broken down below, by age and gender. With regard to gender, as at the date of approval of this Report, 45% of the Board of Directors of FinecoBank were male and 55% were female. This is in line with the current gender balance regulations.

Fig. 1 Board of Directors in office as at the date of approval of this Report, as appointed by the

With reference to the diversity of skills, experience and professionalism within the Board of Directors, the following matrix is shown(15 ).

Candidate	Banking Industry & Risk Assessment & Management Techniques	Strategic Planning	Business Management and Organization	Financial Reporting Data Governance Interpretation		Banking and Financial Industry Regulation	Economic and Financial System	FinecoBank Reference Markets	Compliance and AML	International Markets	Information Technology	Sustainability
Marco Mangiagalli		0		0	0	0			O	0		0
Alessandro Foti		0	0	0			0	0	0	0	0	0
Patrizia Albano					0			C	0			0
Gianmarco Montanari		0	0	0	O		0	0		0	0	0
Maria Alessandra Zunino de Pignier				C	0	œ		0	0
Giancarla Branda							0	0				0
Arturo Patarnello	0			0			0		0	0		0
Maria Lucia Candida			0	0	0		0	0	●
Paola Generali			0		0		●
Elena Biffi	0		0	0	O	0			0			0
Marin Gueorguiev	0		0	0	0			0	0		0	0

With the aim of making business increasingly sustainable and successful, Fineco is committed to ensuring that all employees can enjoy equal opportunities and realise their full potential regardless of gender, in the knowledge that a diverse working environment ensures a plurality of perspectives and fosters innovation.

FinecoBank has adopted measures to promote equal treatment and opportunities between genders, including, among other initiatives, the inclusion within the Long-Term Incentive Plan for the three-year period 2024-2026 of specific objectives relating to gender representation and the gender pay gap.

For more details about the initiatives undertaken to promote equal treatment and gender opportunities throughout the company organisation, see the Sustainability website Meeting 4.3.2. Maximum number of positions held in other companies

Based on information from the Directors, the Board annually identifies and indicates, in the Report on corporate governance and ownership structures, the positions of director or auditor held by the Directors in other companies and, in general, compliance with the qualitative and quantitative requirements in relation to time (based on the nature and extent of the positions held, as well as other work and professional commitments). The

⁽¹⁵⁾

Directors promptly notify the Company of positions held or from which they have resigned during their term of office, as well as any changes that may affect their availability.

With regard to the maximum number of offices that may be held by Directors, the Bank complies with the relevant regulatory provisions. Therefore, in compliance with the provisions of Ministerial Decree 169/2020 and the CRD IV Directive, it has been established that each Director may not hold a total number of offices in banks or other commercial companies exceeding one of the following alternative combinations: - 1 executive position and 2 non-executive positions (including the position held in - 4 non-executive positions (including the position held in FinecoBank).

FinecoBank);

In addition, the following positions are also considered to be a single directorship: (a) executive or non-executive directorships held within the same group; (b) in banks belonging to the same institutional protection scheme; and (c) executive or non-executive directorships held in companies, not included within the group, in which the entity holds a qualifying holding as defined in Regulation (EU) No 575/2013, Article 4(1), point 36. For further details, see the 2023 Qualitative/Quantitative Profile.

The table shows the overall number of positions held by the Directors in office as at the date of approval of this Report (including the position held in FinecoBank). The limit on Qualitative/Quantitative Profile from time to time in force, in line with the limits prescribed by the CRD IV Directive and Ministerial Decree 169/2020 as of its entry into force, was considered to have been observed in light of the applicable weightings for positions held in the same group, for those held in non-commercial companies (not relevant for the purposes of accumulation) and the declarations made by the same, as well as in line with the Joint EBA and ESMA Guidelines.

Name	Total number of positions held by the Directors	Number of relevant positions held
Marco Mangiagalli Chairman	3 non-executive positions	3 non-executive positions
Gianmarco Montanari Deputy Chairman	10 non-executive positions and 1 position as general manager	4 non-executive positions (2 ) (3 )
Alessandro Foti	1 executive position and 2 non-executive	1 executive position (1 )

emarket sdir scorage
CERTIFIED

Managing Director and General Manager	positions
Patrizia Albano Director	5 non-executive positions	4 non-executive positions (2 )
Elena Biffi Director	6 non-executive positions	4 non-executive positions (1 )
Giancarla Branda Director	5 non-executive positions	3 non-executive positions (1 )
Maria Lucia Candida Director	4 non-executive positions	2 non-executive positions (1 )
Paola Generali Director	12 non-executive positions	4 non-executive positions (1 )
Marin Gueorguiev Director	2 non-executive positions	1 non-executive position (1 )
Arturo Patarnello Director	2 non-executive positions	2 non-executive positions
Maria Alessandra Zunino de Pignier Director	2 non-executive positions	2 non-executive positions

(1 ) Considering the impact of positions held in non-commercial companies, the total number of positions held complies with the limits set.

(2 ) Considering the impact of positions in the same group, the total number of positions held complies with the limits set.

(3 ) Considering the impact of positions held in non-commercial companies and the position of general manager, which is not relevant for calculation purposes, the total number of positions held complies with the limits set.

* * *

In addition to the above, in compliance with Article 36 of Law Decree no. 201 of December 6, 2011, ratified with amendments by Law no. 214 of December 22, 2011, personal crossholdings in the credit and financial markets those who hold offices in the management, control and supervisory bodies and the senior officers of firms or groups of firms engaged in credit, insurance and financial markets, to accept or hold similar positions in competing firms or groups of firms exercised within 90 days of the appointment. Otherwise, on expiry of this deadline, they shall be removed from both offices.

Directors must annually renew the certificate stating they do not hold positions in the management, supervisory or control bodies of competing companies or groups of companies, in order to enable the Board to carry out its annual assessment. This assessment was carried out on the appointment of Directors, with a positive result for the financial year.

the financial year.	assessment was carried out on the appointment of Directors, with a positive result for
by them.	Directors are also required to inform the Bank about positions held in other companies and entities. In accordance with provisions of the New Corporate Governance Code, the summary table above shows the number of positions held as director/auditor by Board members of FinecoBank in other companies listed on regulated markets (including foreign markets), in financial, banking, insurance or large-sized companies, and notified
officers in non-commercial companies.	The table below, on the other hand, lists these positions, without listing positions held by
Name	List of positions held by FinecoBank Directors in other companies listed on regulated markets (including foreign	Companies belonging to the FinecoBank Group
	markets), in financial, banking, insurance or large-sized companies	YES	NO
Marco Mangiagalli Chairman	Non-executive chairman of E.I. Towers S.p.A.	-	x
Gianmarco Montanari Deputy Chairman	Non-executive director of Tinexta S.p.A. Non-executive director of Italgas S.p.A.	-	x
Alessandro Foti Managing Director and General Manager	/	-	-
Patrizia Albano Director	Non-executive director of Piaggio & C. S.p.A.		x
Elena Biffi Director	Non-executive director of Arnoldo Mondadori Editore S.p.A. Non-executive director of Revo Insurance	-	x

	S.p.A.
	Non-executive director of PIOVAN S.p.A.
Giancarla Branda	Non-executive director of Garofalo Health	-	x
Director	Care S.p.A.

Maria Lucia Candida	/	-	-
Director
Paola Generali	Non-executive director of Tinexta S.p.A.	-	x
Director
Marin Gueorguiev	/	-	-
Director
Arturo Patarnello	/	-	-
Director
Maria Alessandra	Statutory Auditor of SABAF S.p.A.	-	x
Zunino de Pignier
Director

4.4 Functioning of the Board of Directors (pursuant to Article 123-bis, paragraph 2, letter d) of the TUF)

The Board of Directors held thirteen meetings during the financial year, with an average duration of four hours and forty-six minutes. For details of the percentage attendance by each Director, see the table in Section 4.3 above.

Thirteen meetings have been scheduled for 2025, two of which had already been held at the date of approval of the Report.

convened, also using telecommunication facilities, at the registered office of the Company, or elsewhere provided the venue is in Italy or abroad, by the Chairperson (or his/her representative), usually at least once every three months, and in any case whenever deemed necessary by the Chairperson, or if requested in writing by the Managing Director and General Manager or by at least two Directors of the Board of Directors. A Board meeting may also be called by a Statutory Auditor.

In the absence of a notice of call, the Board of Directors is considered to be duly constituted if it is attended by all the Directors and Statutory Auditors.

Article 16 of the Articles of Association allows the possibility for participants at Board of Directors meetings to attend remotely, through audiovisual communication systems

(video conference or conference call) where the conditions are in place to identify the attendees, allow their real-time participation in discussing the topics examined and to receive, transmit and examine any documents not previously seen.

Pursuant to the Corporate Bodies Regulations, notice of meetings must be given to all Directors and Statutory Auditors within a reasonable period of time, except in cases of urgency. The notice should include the items on the agenda, except where this is not possible due to confidentiality issues, to ensure that the attendees are aware of the matters ahead of time and come prepared to the meeting. The Corporate Bodies Regulations also require that documentation in support of the motions, and any other information needed so that the Directors may express an informed opinion on the issues under discussion, usually be made available to the Directors at least five business days prior to the meeting. In this regard, it should be noted that - with reference to the financial year - the procedures relating to the timeliness and adequacy of the information provided to the directors were generally observed. The confidentiality of the data and information provided is guaranteed by the use of IT tools that allow confidential access with advanced identification systems.

The Chairman is responsible for planning the proceedings of the Board of Directors meeting, in accordance with the agenda, as proposed by the Managing Director and General Manager. The Chairman also ensures that adequate information both qualitative and quantitative concerning the items on the agenda is provided to all Board members, to enable the Board to make informed decisions on the matters to be discussed and approved; the Chairman also ensures that sufficient time is dedicated to the items on the agenda in order to enable constructive debate, encouraging Directors to actively contribute to meetings. on the items on the agenda. In this regard, it should be noted that - with reference to the financial year - an effective participation of the executives in the meetings of the Board

The Chairman of the Board of Directors, in agreement with the Managing Director, ensures that the managers of the Issuer and those of its Group companies, as well as the heads of the competent corporate functions based on the subject matter, attend the Board meetings, also at the request of individual Directors, to provide appropriate details of Directors was recorded, who attended the individual meetings of the Board of Directors to illustrate the topics of their respective responsibility on the relevant agenda.

Pursuant to Article 15 of the Articles of Association, whenever a Managing Director has not been appointed, the General Manager takes part in the meetings of the Board of Directors with the power to make proposals and without voting rights.

Pursuant to Article 16 of the Articles of Association, the Chairman may request the Deputy General Managers and other executive staff to take part in Board meetings.

Pursuant to the Rules of Corporate Bodies, announcements made at meetings, declarations made by Board members and resolutions passed by the Board are recorded in minutes transcribed in a special book, signed by the Chairman of the meeting and the Secretary. These minutes, which are suitable for reconstructing the course of the debate and the various positions expressed, are submitted for approval to the next useful Board

meeting - or, if there is a particular need for urgency, they may also be approved on the spot - and remain available for consultation at the request of each of the Directors and Statutory Auditors. These minutes, together with their annexes, are kept by the Secretary of the Board.

to further examine and discuss strategic issues.

The Independent Directors meet at least once a year in a closed session, without the other Directors. The progress of the meeting and the results of the discussion were recorded in the minutes.

In these meetings, the role of Chairman is performed by an independent director appointed at the first meeting of the Independent Directors. The Chairman is responsible meeting.

4.5 Role of the Chairman of the Board of Directors

Pursuant to Article 14 of the Articles of Association, the Board of Directors elects a Chairman from its members and where appropriate one or two Deputy Chairmen, one of whom will act as a stand-in.

By its resolution of April 27, 2023, the Board of Directors appointed Mr. Marco Mangiagalli as Chairman of the Board of Directors, in continuity with the previous threeyear term.

Article 10 of the Articles of Association states that it is the competence of the Chairperson also directs and regulates the debate, establishes the voting procedures and ascertains the results, in accordance with the provisions of current legislation and the procedures for

The Chairman of the Board of Directors has not been granted any management powers and therefore does not have any executive role. He/she does not have a specific role in the development of business strategies, is not the main person responsible for the management of the Company, and does not have significant investments, either directly

During the financial year, the Chairman ensured that the pre-meeting information, as well as the additional information provided during board meetings, was suitable to enable the directors to act in an informed manner. In this context, the Chairman stimulated the board discussion and ensured in agreement with the Managing Director and General Manager that the items on the agenda were discussed with the heads of the corporate functions responsible for each subject area, to enable them to report directly to the Board.

The Chairman managed the coordination of the activities of the Board Committees with the activities of the Board by inviting the Chairpersons of each Committee to report on

the activities of their committee to the Board, at each meeting. Also for coordination purposes, it is envisaged, at the initiative of the Chairman, that the Committees provide the Board of Directors with a six-monthly report on their activities.

The Chairman also ensured that the self-assessment process was carried out in accordance with adequacy and transparency criteria and with the active support of the Appointments Committee. For more information on the self-assessment process, see Section 7 of this Report.

Lastly, the Chairman ensured that the Board of Directors was informed on the significant content of the dialogue held with all shareholders. For information on the policy on the dialogue with shareholders, see Section 12 of this Report.

For additional information on the role and duties of the Chairperson, see Part A, § 2.1. of website www.finecobank.com About Us/Corporate/Governance/Company Positions

During the year, at the request of the Chairman of the Board of Directors (and also on the basis of the training plan for the financial year approved by the Board of Directors following the assessments conducted with the help of the external consultant), 13 reference business and the development prospects of the banking and financial sector, talent agenda and employer branding (attraction, development and retention strategy with indepth focus on succession plans); c) brand management, marketing and communication; d) methodological insights into the assessment of dual materiality; e) insights into supervisory procedures; f) Data Governance; g) Corporate Governance Impacts of the Capital Bill. Secretary, who is selected from the Legal & Corporate Affairs Function. The candidate

Secretary of the Board

In accordance with the Corporate Bodies Regulations, in compliance with Recommendation no. 18 of the New Corporate Governance Code, the Board of Directors decides, upon proposal from the Chairman, on the appointment and removal of the must hold a position of responsibility within the organisational unit and have an adequate seniority level as well as specific corporate governance expertise.

During the financial year, the Secretary, in accordance with his duties defined in the Regulations of the Corporate Bodies, together with the Legal & Corporate Affairs Function l assistance and advice to the Board of Directors on any aspect relevant to the proper functioning of the corporate governance system.

4.6 Executive Directors in such a way that does not deprive the Board of its fundamental rights and prerogatives.

The Board establishes the content of the delegated powers in a detailed, clear and precise manner, also indicating the limits in terms of quantity and amount, as well as the means of exercising the delegated powers; This also allows the Board of Directors to accurately check that its overriding executive and removal powers are correctly complied with and exercised. 4.6.1 Managing Directors: Managing Director and General Manager

The executive bodies and officers report to the Board of Directors and Board of Statutory Auditors at least every three months, on operations carried out in exercising their powers, Delegated Powers of FinecoBank S.p.A. the other applicable internal regulations.

Pursuant to Article 15 of the Articles of Association, the Board of Directors may appoint a Managing Director, determining the term of office and the respective duties and powers, a General Manager and one or more Deputy General Managers, who constitute the Executive Management, together with the other personnel assigned to that function.

The Managing Director or where not appointed the General Manager oversee the Executive Management.

The Managing Director takes on the powers and duties of the General Manager if the latter has not been appointed.

If a Managing Director and General Manager are appointed, both positions must be held by the same person.

The Managing Director, or where not appointed, the General Manager, is responsible for implementing the resolutions passed by the Board of Directors, with the assistance of the Executive Management.

If a Managing Director has not been appointed, the General Manager takes part in the meetings of the Board of Directors with the power to make proposals and without voting rights.

The Managing Director and other Directors with key responsibilities, as well as the General Manager, where no Managing Director has been appointed, report to the Board of Directors on their activities, according to the procedures and time limits established by the Board, in accordance with law.

The Board of Directors, by resolution of April 27, 2023, in continuity with the previous three-year period, confirmed Mr. Alessandro Foti as Managing Director and General on Delegated Powers of FinecoBank S.p.A. available for public consultation at the Milan-Monza-Brianza-

Managing Director and General Manager is responsible for the management of the company.

Pursuant to the Supervisory Provisions (see Part One, Title IV, Chapter 5, Annex A, Section II, paragraph 3) the tasks and responsibilities for business continuity fall within f) promoting the development, periodic monitoring and updating of the business continuity plan in the event of major organisational, technological and infrastructural changes, and of identified gaps or deficiencies or new risks g) approving the annual plan of testing of the business continuity measures and reviewing the test results documented in writing. 4.6.2 The Chairman of the Board of Directors 4.6.3 Reporting to the Board of Directors by Directors/Delegated Bodies

The Chairman of the Board of Directors is not the main person responsible for the management of the Issuer, has not been assigned management powers, does not have a specific role in the development of business strategies, and does not have significant

See Section 4.5 above for more details.

The Corporate Bodies Regulations require information flows between and within company bodies as an essential condition for achieving the objectives of efficient management and effective control of the Company.

To ensure continual and comprehensive information flows between and within the Corporate Bodies, the Board is called upon to approve and oversee the maintenance and updating of a structured system of information flows, that governs the circulation of information and ensures it is correctly channelled in a timely and comprehensive manner, taking into account the responsibilities of the various bodies with supervisory and control functions. The Board of Directors has identified these information flows, their content and Document on company bodies and functions with supervisory tasks For details regarding the transactions with related parties and associated persons as well as other persons having access to Inside Information in Global Policy for the management of transactions with persons in potential conflict of interest of FinecoBank Group flows envisaged in that document(16) .

The Corporate Bodies Regulations identify the persons required to submit information flows to the Corporate Bodies and describe the minimum content and timing of the main information flows concerned. Moreover, in order to implement the necessary organisational controls for the proper management of information flows and to provide

⁽¹⁶ www.finecobank.com About Us/Corporate/Governance/Related Parties and Associated Persons

the necessary information on other aspects (forms, tasks and duties and other content), not covered in the Corporate Bodies Regulations, specific organisational procedures nt to the above-mentioned Global Policy.

Article 21 of the Articles of Association establishes that the decisions made by those with delegated powers must be reported to the Board according to the procedures and frequency (at least quarterly) established by the Board. In particular, the executive bodies and officers must report to the Board of Directors and the Board of Statutory Auditors, at least on a quarterly basis, on the general performance of operations, the business outlook, and transactions that have a significant effect on the results of operations and financial position with particular regard to those that could potentially give rise to conflicts of interest carried out by the Company and its subsidiaries. 4.6.4 Other executive directors 4.7 Independent directors and lead independent directors

In this regard, the executive bodies have reported to the Board of Directors on activities performed in the financial year in exercising their delegated powers, in accordance with the terms described above.

As at the date of approval of this Report, no other Directors had been granted management powers other than the Managing Director and General Manager.

As at the date of approval of this Report, the Board of Directors had ten Independent Directors pursuant to the New Corporate Governance Code.

Subject to the provisions of Section 4.3 above regarding the procedures and timing for verifying the independence of directors, the Board of Directors pursuant to Article 144 novies, paragraph 1-bis, of the Issuer Regulations and Article 2 of the New Corporate Governance Code, determined, at the first available opportunity after their appointment (i.e. the meeting of May 9, 2023), that each of the non-executive Directors satisfied the requirements of independence, and published the results of its determinations in a press release to the market on the same date.

In making the above assessments, the Board of Directors applied (among others) the principles and recommendations of the New Corporate Governance Code, as

During 2024, the Board of Directors carried out the annual verification of the satisfaction of independence requirements on March 12, 2024 applying the principles and recommendations of the New Corporate Governance Code. With particular regard to the independence requirements referred to in the New Corporate Governance Code and the Articles of Association, information on the direct or indirect relationships (loans, significant positions held, work as a paid employee and business/professional relations)

of Board Directors with FinecoBank.

In order to allow the Board of Directors to carry out the above-mentioned assessment, each Director, including the Chairperson classified as independent in the list submitted by the Board at the time of the last renewal of the body, was asked to make a personal updated assessment of their independence status, taking into account the criteria set out in Articles 147-ter, paragraphs 3 and 4, and 148 paragraphs 3 and 4 of the TUF and Article 2 of the New Corporate Governance Code, and Article 13 of Ministerial Decree 169/2020, providing a specific declaration to that effect.

In order to verify the possible materiality of the above-mentioned relationships, the Board of Directors applied the criteria and materiality thresholds set forth in the Fit & Proper Policy, as better described in the following section.

The results of the verification were as follows:

Independent Directors pursuant to Article 148 of the TUF, Article 2 of the New Corporate Governance Code and Article 13 of Ministerial Decree 169/2020: Marco Mangiagalli, Gianmarco Montanari, Patrizia Albano, Elena Biffi, Giancarla Branda, Maria Lucia Candida, Paola Generali, Marin Gueorguiev, Arturo Patarnello and Maria Alessandra Zunino de Pignier;
Independent Director pursuant to Article 148 of the TUF, Article 2 of the New Corporate Governance Code and Article 13 of Ministerial Decree 169/2020: Alessandro Foti.

The Board of Statutory Auditors verified the correct application of the assessment criteria and procedures adopted by the Board of Directors for assessing the independence of its members.

In line with Article 2, Recommendation 5 of the New Corporate Governance Code and the Supervisory Regulations on Corporate Governance, the Independent Directors, without the Non-Independent Directors and the Chairman, met on July 15 and November 23, 2024 for a meeting, mainly to discuss corporate governance matters and the company's outlook. The meetings were chaired by Director Arturo Patarnello. The outcomes of the discussions were represented at the first Board meeting thereafter. In accordance with the Corporate Bodies Regulations, the progress of the meetings and the results of the discussion were recorded in the minutes.

It is noted that during the 2025 financial year, the Board of Directors on March 11, 2025 carried out the annual check on the existence of the independence requirements of the Directors pursuant to the applicable laws and regulations and in particular pursuant to Article 148 of the TUF, Article 2 of the New Corporate Governance Code and Article 13 of Italian Ministerial Decree 169/2020. Following this verification, all Board members were found to be independent with the exception of the CEO and General Manager, Mr. Alessandro Foti.

Criteria and materiality thresholds for assessing independence

Fulfilment of the independence requirement is verified at the time of appointment and annually, in accordance with the application criteria set out in the New Corporate Governance Code and other applicable provisions. Directors are required to provide any information relevant to the assessment of their independence.

In order to verify the possible materiality of relationships of a commercial, financial or professional nature or otherwise enabling the Director to obtain additional remuneration, the current Fit & Proper Policy identifies the main materiality thresholds:

(a) for transactions of a financial nature, in accordance with the ECB Guidance, financial obligations towards the Company with a value (even cumulative) in value that are not traded at normal market conditions or that are impaired, are considered relevant;
(b) for business/professional relations, (i) in the case of personal and direct business/professional relations with the Director, there is a prohibition; (ii) in the event of a business/professional relationship with the professional firm and/or consulting company (of which the Director is partner or has been in the three financial years preceding that of the appointment), fees relating to the three financial years preceding that of the appointment that exceed 5% of the total annual turnover or revenues of the relevant professional firm/consulting company relevant. provided for the office at the Company is considered significant.

In line with the provisions of the New Corporate Governance Code, it is also specified that in the case of a director who is also a partner in a professional firm or consulting company, the Board of Directors assesses the significance of the professional relationships that may have an effect on his/her position and role within the firm or consulting company or that otherwise pertain to important transactions of the company and its group, also irrespective of the quantitative parameters.

For the purposes of the foregoing, financial, business and professional relationships maintained with the Bank by the Director or by a close family member (meaning: parents, children, non-legally separated spouses and cohabitees).

In any event, for a full appreciation of the materiality of a financial, commercial or professional relationship, information must be acquired that allows not only a formal, but also a substantive examination of the position, by means of appropriate information provided by the Directors supplemented with information available to the Bank.

As part of the independence assessment, the competent body may also order certain

mitigation measures, providing for specific periodic monitoring and availing itself of the support of the applicable Board committee, if required.

4.7.1 Lead Independent Director As the New Corporate Governance Code does not establish provisions for the appointment of this position, the Board of Directors has not appointed any independent Director as lead independent director(17) .

⁽¹⁷⁾ In accordance with Article 3, Recommendation 13 of the New Corporate Governance Code, the Board of Directors appoints an independent director as the lead independent director in the following cases: (i) if the Chairperson of the Board of Directors is the Chief Executive Officer of the company or holds significant managerial powers; (ii) if the position of chairman is held by the person that controls the issuer, either jointly or otherwise; (iii) in large companies, even in the absence of the conditions indicated the previous points, if requested by the majority of Independent Directors.

PROCESSING OF COMPANY INFORMATION In compliance with Stock Exchange Regulations and accompanying Instructions, as well as relevant provisions of the TUF and Issuer Regulations, which require Directors and Statutory Auditors to maintain the confidentiality of documents and information acquired in performing their duties, the Corporate Bodies Regulations require the Board of Directors to establish procedures for the internal management and disclosure of documents and information on the Company, also with regard to inside information.

The Bank has adopted a procedure for the processing of significant and inside information pursuant to EU Regulation no. 596 of April 16, 2014, on market abuse (the (e.g. CONSOB Guidelines on the Management of inside information of October 13, 2017)

The aim of the Procedure for processing Relevant and Inside Information is to prevent the processing of such information (as defined below) in a manner, which is not untimely, incomplete or inadequate and in any event that may result in asymmetrical disclosure to the public.

In particular, the management and disclosure of Relevant and Inside Information, as regulated by the above-mentioned Procedure, protects the market and investors, providing them sufficient knowledge of matters concerning the Issuer, on the basis of which they may make investment decisions.

The Procedure for processing Relevant and Inside Information also aims to prevent certain persons or categories of persons from acquiring information that is not in the public domain, in order to carry out speculative transactions on markets to the detriment of investors that do not have access to that information.

The Procedure describes the process for assessing and disclosing relevant and inside information, as well as the requirements for managing the List of Persons who have FinecoBank Insider List

The Procedure regulates the management of company information (meaning all information and data concerning FinecoBank and/or other Group companies, which is not in the public domain, acquired by persons required to comply with the Procedure, in performing their duties), with particular regard to (i) relevant information, which is specific information, not available to the public and concerning data, events, projects or circumstances that in any way refer to FinecoBank and that could, also at a later stage, become inside information and (ii) inside information. (a) the assignment of responsibility for assessing the privileged nature of the

It establishes, firstly, the obligation for all persons that perform activities within the Group to keep company information acquired in performing their duties confidential and to use that information exclusively for carrying out their duties.

The Procedure for processing Relevant and Inside Information currently:

information, also for the purpose of any disclosure to the public, to the Inside

Information Management Function (FGIP)(18)

. The Procedure for the Processing of Relevant and Inside Information, in particular, establishes that anyone who believes he or she is in possession of material and/or inside information is required to promptly report this circumstance to a dedicated e-mail box, managed by FGIP, in order to allow the assessment of the inside nature of the information transmitted and to prepare all the necessary initiatives for its correct handling, including its possible timely disclosure to the market; (b) adopts effective measures to ensure the confidentiality of information until it is (c) the competence of the FGIP - for the evaluation of the public disclosure of information relating to the Company - as to whether to delay the public disclosure

disclosed to the public.

List of persons who have access to inside information compliance with the applicable regulations. It has also established a process to add data to, update and maintain the List, identifying the Compliance Officer of the Company as the person responsible for managing the FinecoBank Insider List;

of Inside Information in cases specifically indicated by the Procedure for the Processing of Inside Information;
(d) Communications for preparing press releases in which Inside Information is disclosed, assisted by the Company units involved;
(e) Italiana and CONSOB.

market on the day after disclosure and are available on the site for at least five years from publication.

***

In accordance with the provisions of Article 114(7) of the TUF and Articles 152 quinquies.1 et seq. of the Regulation on Issuers and in order to implement the regulatory changes resulting from the entry into force of Regulation (EU) No. 596/2014 of the European Parliament and of the Council of April 16, 2014, as subsequently amended by Article 56 of Regulation (EU) No. 2016/1011 - relating to market abuse (Market Abuse Regulation) and repealing Directive 2003/6/EC of the European Parliament and of the Council and Commission Directives 2003/124/EC, 2003/125/EC and 2004/72/EC - and the related Delegated Regulations (no. 2016/522 and 2016/523), the Board of Directors meeting of January 10, 2018 approved the code of conduct on internal dealing, to regulate the management, processing and disclosure of information relating to transactions in FinecoBank's listed shares and debt instruments (as well as derivatives

⁽¹⁸⁾ At FinecoBank, the Inside Information Management Function (FGIP) is made up of the Chief Financial Officer, the Head of the Compliance Function and the Head of Legal & Corporate Affairs.

and related financial instruments) carried out by persons having access to Inside Information (sowith and the conduct to be observed by the above persons and by FinecoBank in order to ensure maximum transparency in disclosure to the market. The Internal Dealing Code was last amended by the Board of Directors on March 15, 2022.

The main aim of the Internal Dealing Code is to improve transparency and uniformity in the disclosure relating to financial transactions undertaken by the above persons, in order to give investors an idea of how those persons perceive the prospects of the company and/or the group it belongs to. The Code does not therefore directly address whether significant persons have acquired confidential information and used that information unlawfully (conduct which constitutes the offence of insider trading), assuming that the undertaking of certain financial transactions by certain persons relevant information on matters of the company and the group it belongs to), is, in and of itself, price sensitive.

The Internal Dealing Persons having access to Inside Information Closely-Related Persons Significant Transactions (as such therefore subject to the disclosure obligations of the Internal Dealing Code) are transactions concerning the purchase, sale, subscription or exchange of shares and debt instruments issued by FinecoBank (admitted to trading or for which an application has been made for admission to trading on a regulated market or an MTF or OTF), or derivatives or other financial instruments linked to those instruments carried out by the above persons, directly or through intermediaries, trusts or subsidiaries. The Internal Dealing Code also identifies certain types of transactions which are exempt from the disclosure obligations. (a) disclosure obligations of Persons having access to Inside Information to the (b) disclosure obligations of Persons having access to Inside Information and the (c) cases in which Persons having access to Inside Information are prohibited from or

The Internal Dealing Code also contains regulations on the management, processing and disclosure of information relating to those transactions. To this end it governs the:

Company;
Company to CONSOB;
limited in undertaking transactions on financial instruments.

Financial Reporting Officer and to CONSOB with regard to notices received from Persons having access to Inside Information.

BIS, PARAGRAPH 2, LETTER D) OF THE TUF)

INTERNAL COMMITTEES OF THE BOARD OF DIRECTORS (PURSUANT TO ARTICLE 123- As at the date of approval of this Report (in compliance with the Supervisory Regulations and the New Corporate Governance Code) four Board committees have been established, with examining, advisory, decision-making and coordination functions: (i) a Risk and Related Parties Committee; (ii) a Remuneration Committee; (iii) an Appointments Committee; and (iv) a Corporate Governance and Environmental and Committees

None of the functions assigned to board committees by the New Corporate Governance Code has been assigned to the Board of Directors. As at the date of this Report, none of the Committees performs the functions of two or more committees envisaged by the New Corporate Governance Code (19) and the functions are not spread across committees in a way that differs from the provisions of the Code or the Supervisory Regulations in this area. The members of the Committees are chosen based on their expertise and their availability to perform the task, taking into account the recommendations of the New Corporate Governance Code (see in particular, Recommendation no. 17).

Unless a shorter term of office is established upon their appointment, Committee members remain in office for the same time as the Board of Directors of which they are members. They may resign from their position in the Committees, without resigning from the Board of Directors.

If a member ceases to hold the position for any reason, the Board of Directors will replace outgoing member. If the Chairman of the Committee ceases to hold office, the Board of Directors will appoint a new Chairman at the time of appointing the replacement member.

The Committees meet on a regular basis and whenever required as a result of particular needs. The Committee meetings are considered duly convened if the majority of their members are present. Each Committee passes resolutions with an absolute majority of the attendees.

The meetings of the Committees are called at least four business days in advance. The notice of meeting, which may also be sent via fax or email by the Chairman via the Secretary of each Committee, must include the details of the place, date and time of the meeting, as well as the items on the agenda to be discussed. In cases of urgency, determined by the Chairman of each Committee, the meetings may be held with one if all their members are present.

Except in cases of urgency, the documentation in support of proposals, and any information needed for the members of the Committees to express an informed opinion

⁽¹⁹⁾ In compliance with the CONSOB instructions and guidelines contained in Communication no. DEM/10078683 of September 24, 2010, in order to adopt the Related-Party Regulations, the Company has assigned its control and risk committee the functions of the related-parties committee.

on the matters under discussion, are made available at least from 8:00 a.m. on the third business day prior to the meeting of any Committee. The confidentiality of the data and information provided is guaranteed by the use of IT tools that allow confidential access with advanced identification systems. In this regard, it should be noted that - with reference to the financial year - the aforementioned deadlines were normally respected and that the procedures concerning the adequacy of the information provided to the members of the Committees were applied.

The Committee meetings may be held via telecommunications links, provided that each attendee can be identified by all the other attendees, can immediately take part in the discussion, and can also receive, send and view documents. The minutes of Committee meetings are transcribed briefly by the Secretary, who need not be a member of the Committee. If the Secretary is absent or otherwise prevented from performing this task, the person chairing the meeting shall appoint a replacement. The minutes contain, amongst other things, the reasons for any disagreements expressed by the Committee members. The minutes are kept by the Secretary for possible consultation needs of the members of the Committee(s) who may be absent, as well as the Board members and Auditors.

The Chairman of each Committee reports on the meeting at the next Board of Directors meeting.

Each Committee is allocated adequate funds to perform its duties within the limits of the budget approved by the Board of Directors, sufficient to guarantee operational independence, which may be supplemented to meet specific needs. The Committees may engage external advisors.

fee for attending committee meetings. To perform their duties, the Committees are given adequate instruments and information from the relevant functions, to enable them to make their assessments. They also have access to the relevant company information.

On the invitation of the Chairman of each Committee, the meetings taking into account the items on the agenda in each case may be attended by the Managing Director and General Manager, the other Directors, the Deputy General Managers, the Financial Reporting Officer and members of Company and Group personnel.

Subject to the right of the Statutory Auditors to attend the meetings, or the rules applicable to the Risk and Related Parties Committee, the Chairman of each committee can invite the Chairman of the Board of Statutory Auditors or another Statutory Auditor designated by him/her.

Persons external to the Company and the Group may also be invited to participate in meetings of each of the Committees where, in full compliance with the applicable regulations on confidentiality of information and market abuse, their participation is cons

Where the Committees are called on to express their opinion on urgent matters within their remit, the Chairman of each Committee, after having acknowledged the urgency of

the situation and having established that the majority of or all the members are unavailable to meet or to carry out the required activities in due time, promptly informs the Chairman of the Board of Directors of this situation. In any event, this notification must be made no later than the day after the Chairman of the Committee has received notice of the unavailability of the majority of or all the members. The Chairman of the Board of Directors, after consulting with the Managing Director and General Manager to evaluate the urgency of the decision, immediately restores the presence of the number of Independent Directors established for the composition of the Committee by designating another independent member of the Board of Directors, after having contacted him/her. With regard to the Risk and Related Parties Committee, the abovementioned rules apply to transactions with persons in potential conflict of interest pursuant to the Global Policy, the completion of which is urgent and for which the Risk and R preliminary analysis and/or when issuing the opinion. 6.1 CORPORATE GOVERNANCE AND ENVIRONMENTAL AND SOCIAL SUSTAINABILITY

The above also applies if the unavailability of the majority is due to the resignation of a member of the Committee.

With specific reference to composition of the Committees, in accordance with the Supervisory Regulations on Corporate Governance, it is good practice for each committee to have at least one member from the least represented gender.

The rules governing the functioning of the Board Committees and the duties and responsibilities assigned to each of them are governed in detail by the Corporate Bodies Regulations (Paragraph B), which should be consulted for further details. 6.1.1 Composition and functioning of the Corporate Governance and

The committees established within the Board of Directors are described in Paragraphs 6.1, 7, 8 and 9.

COMMITTEE

Environmental and Social Sustainability Committee

On April 27, 2023, the Board of Directors appointed the members of the current Corporate Governance and Environmental and Social Sustainability Committee, who are all executive, Independent Directors pursuant to the TUF and New Corporate Governance Code, and have adequate experience and expertise as evaluated and ascertained by the Board of Directors on their appointment.

As at the date of approval of this Report, the composition of the Corporate Governance and Environmental and Social Sustainability Committee was as follows:

emarket sdir storage
CERTIFIED

Name	Non executive	Indep. Code	Indep. TUF	%	(**)
Patrizia Albano	X	X	X	(*) 13/13	C
				(100%)

Maria Alessandra	X	X	X	13/13	M
Zunino de Pignier				(100%)
Gianmarco Montanari	X	X	X	13/13	M
				(100%)
------------- N.A.	Members leaving office during the financial year-------------
No. of Committee meetings: 13
(*) This column shows the percentage attendance at Committee meetings (no. of attendances/no. of
meetings held during the actual period in office of the person concerned during the Year).			C	M

The members of the Corporate Governance and Environmental and Social Sustainability

called to approve the Financial Statements as at December 31, 2025.
The Committee shall meet when convened by its Chairman, whenever he/she deems necessary, or upon the request of one of its members.
6.1.2 Sustainability Committee				Functions of the Corporate Governance and Environmental and Social
The duties assigned to the Corporate Governance and Environmental and Social Sustainability Committee are described below. The Corporate Governance and

Sustainability Committee

The duties assigned to the Corporate Governance and Environmental and Social Sustainability Committee are described below. The Corporate Governance and Environmental and Social Sustainability Committee performs the functions of informing, advising and making proposals to the Board through the following: (ii) makes proposals to the Board of Directors on adapting the corporate governance

(i) guidelines on governance, and in that context it:
- it monitors changes in national and international laws and best practices on corporate governance, updating the Board of Directors where those changes are significant;
- verifies that the corporate governance system of FinecoBank and of the Group is in line with the legal and regulatory requirements, the recommendations in the New Corporate Governance Code, and national and international best practice;
system, where necessary or appropriate;

(iii) interactions with all stakeholders; in particular, the Committee provides the following support to the Board:
- monitoring the sustainable growth strategy of the Company and the Group over time, based on relevant international guidelines and principles;
- contributing to assessing the impacts, risks and opportunities linked to sustainability issues, including risks that may be material in the medium/long term;
examining and where necessary making proposals concerning plans, environmental and governance issues in line with the applicable regulations, monitoring their implementation over time. In this respect, among others, it supports the Board of Directors in approving policies aimed at promoting diversity and inclusiveness;
- contributes to the review of products with ESG purposes for which the Bank acts as producer;
- monitoring the positioning of the Company and the Group in relation to financial markets with respect to sustainability issues and relations with all the stakeholders;
- examining and issuing opinions regarding the policy for managing relations with all the shareholders, taking into account the engagement policies adopted by institutional investors and asset managers;
examines and, where appropriate, formulates proposals regarding the list of relevant sustainability issues and topics and the related impacts, risks and opportunities for approval by the Board of Directors, as well as examines the formation process and content of the sustainability report pursuant to Legislative Decree 125/2024; 6.1.3 Activities performed
- it assesses the suitability of sustainability reporting to fairly represent the performance achieved;
- examining in advance the Sustainability Report pursuant to EMAS Regulation no. 1221/2009, for the areas applicable to FinecoBank, to be submitted for approval by the Board of Directors.

During the financial year, the Committee met thirteen times. The Committee meetings, with minutes taken by the designated Secretary, lasted an average of one hour and twenty-two minutes.

During the meetings, the Corporate Governance and Environmental and Social Sustainability Committee on the basis of the necessary information and clarifications

regulations and the documentation supporting the proposals was called upon to express its opinion, in relation to matters of corporate governance, on the annual letter of the Chairman of the Italian Corporate Governance Committee, also in order to Report on Corporate Governance and ownership structure for the year 2023 under its responsibility and subsequently approved by the Board of Directors on March 12, 2024. Still on the subject of corporate governance, the Committee analysed the regulations concerning the responsibilities of the corporate bodies and structures involved. In this last regard, in particular, it examined the proposed amendments to the new managerial committee called the Data Governance Committee, subsequently approved by the Board of Directors. In addition, the Committee examined, to the extent of its competence, for the purposes of the subsequent resolution of the Board of Directors, the proposal to appoint the new Financial Reporting Officer pursuant to Article 154-bis of the TUF and Article 28 of the Articles of Association, until the date of the Shareholders' Meeting called to approve the financial statements as of December 31, 2025; Consequently, an update of some internal regulations was submitted for the sideration. Related Parties Committee - each for the profiles of their respective competences - the

The Committee oversaw the sustainability-related activities the related activities, verifying the updates provided by the competent internal structures on the initiatives undertaken by the Bank. In this regard, the Committee was constantly informed about the progress of the work in the field of sustainability, with a special focus on those related hich introduced the obligation to report sustainability information within the management report using the ESRS reporting standards defined by EFRAG.

During the financial year, the Committee analysed in a joint session with the Risks and -Financial some observations that were incorporated in the version approved by the Board of Directors on March 12, 2024. On the other hand, with regard to the non-financial disclosures for the 2024 financial year, the Committee examined the results of the dual materiality analysis and monitored the drafting of the sustainability report through periodic updates by the relevant structures on the progress of the work, and then examined its contents during the first meetings of 2025, with a view to its approval by the Board of Directors.

Also with reference to sustainability issues, the Committee reviewed the updates made to the ESG KPI Dashboard from time to time. In addition, it analysed the first edition of

the Global Policy with which the general principles for the Group on the subject of artificial - Sustainability corporate purpose, as updated on the occasion of the approval of the 2024-2026 ESG MYP by the Board of Directors on December 14, 2023. In addition, it examined some implementation aspects of the existing Policy for the Management of Dialogue with the Financial Community. Finally, it should be noted that specific information and insights were also provided in relation to the feedback received from rating agencies with reference to the certifications and score obtained by the Bank in the area of sustainability. In this context, the Committee was also shown the improvement actions envisaged for certain ESG ratings and their presence in them.

With specific reference to environmental sustainability issues, in the first part of the - 2026 Statement with data as at 31 December 2023 was submitted to the Committee, in relation to which the data and information required to meet the requirements of Annex IV of financial statement of the Fi organisational unit provided the Committee with the usual information on the Home-Work Travel Plan 2024, drafted with the aim of analysing and implementing measures aimed at incentivising new forms of sustainable mobility in compliance with the reference regulations set forth in Article 229(4), of the Relaunch Decree and the Guidelines for the drawing up and implementation of Home-Work Travel Plans. regard to younger customers, on instruments considered to be more speculative. During

Focusing on issues closely related to social sustainability, updates and in-depth analyses 2024, the Committee assessed further aspects related to social sustainability, which are the responsibility of the Chief People Officer Department, in particular diversity, equity and inclusion. The CPO Department also informed the Committee about the results of the 2023 employee engagement and reputation survey.

Also in the area of social sustainability issues, the Global Business Department presented the Committee with a new current account offer dedicated to minors between Conto under 18 reference structures have also submitted to the Committee, inter alia, a new Local Policy on digital accessibility that formalises the rules aimed at ensuring the usability of digital products and services by persons with disabilities in compliance with the national and international provisions in force on the subject, as well as the updated version of the internal regulations on whistleblowing and those relating to policies on the integration of sustainability risks in advisory services, in compliance with Regulation (EU) 2019/2088 (the so-

In addition to these issues, the CPO Department submitted to the Committee, in line with what has been done previously, updates to the ESG KPIs included in the long-term incentive plans for the three-year period 2024-2026, as well as the 2024 ESG targets for the Identified Staff in the 2024 short-term incentive plan.

The Committee, through its Chair, had access to the information and corporate functions external advisors.

The Chairman of the Board of Statutory Auditors and the Statutory Auditors attended the meetings of the Corporate Governance and Environmental and Social Sustainability Committee, also at the invitation of the Committee. Managers and staff from the relevant corporate functions were also invited to attend in relation to individual items on the agenda.

Fifteen Committee meetings have been scheduled for the current financial year, five of which have already been held.

SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS APPOINTMENTS COMMITTEE 7.1 Self-assessment and succession of Directors In compliance with provisions of the Corporate Bodies Regulations, adopted pursuant to the Supervisory Regulations on Corporate Governance and in line with the recommendations of the New Corporate Governance Code, the Bank annually carries out the self-assessment process on the functioning of the Board and its Committees, as well as their size and composition.

In relation to the financial year, for the performance of the self-assessment process, FinecoBank, as in the previous year, made use of the company Egon Zehnder as an independent external consultant, selected with the aid of the Appointments Committee and engaged to provide advice during each stage of the process. That company, chosen based on its experience and expertise in corporate governance matters, is acknowledged as possessing the neutrality, impartiality and independence of mind required by the Corporate Bodies Regulations.

The process consisted of the following steps:

examination: carried out in accordance with the provisions of the Corporate Bodies Regulations, through anonymous questionnaires and individual interviews;
-assessment process and preparation of the summary document describing the methods used, the individuals involved and the results obtained, highlighting any strengths and weaknesses identified;
examination of the summary document by the Appointments Committee and proposals of possible corrective measures to be submitted to the Board of Directors;
assessment and approval of the summary document and the proposals by the Board of Directors.

In line with the approach adopted in the Board reviews of the previous years, the questionnaires and interviews focused on various topics concerning the size, composition and functioning of the Board of Directors and its Board Committees.

In summary, the outcome of the self-assessment process revealed a largely positive Directors and its Committees, which operate in substantial compliance with the New Corporate Governance Code and with Italian and international best practices.

Summary Report assessment of the Board and its Committees. In particular, the Directors expressed their appreciation, inter alia, for the size of the Board, which was numerically adequate, for the ratio between executive and non-executive directors, and for the balance between Independent and non-independent directors. In addition, the quality profile of the Directors was generally assessed positively and satisfaction was expressed with the Board induction meetings and the training programme addressed to Directors during the term of office. With reference to the 'functioning' of the Board, general appreciation was reported for the wide participation of Directors in Board meetings, both in terms of

attendance and individual preparation and participation in the debate, and for the effectiveness of the decision-making processes, also appreciating the integration of risk profiles and ESG issues within them; In addition, the Directors expressed the view that the pre-Board meeting and Board meeting information flow was fully adequate. Finally, the structuring of the Board Committees and their qualitative profile, role and functioning was assessed positively, appreciating the autonomy and authority with which the Committees fulfil their functions and their contribution to the work of the Board. Among of the complexity and continuous evolution of the reference scenarios, including the digital ones, a number of suggestions emerged as to possible topics that could be made the subject of training initiatives with the aim of continuously monitoring the suitability of the technical skills of the members of the corporate bodies.

In relation to the self-assessment process for the year 2023, in progress at the date of publication of the previous Report, the same was conducted with the support of the company Key2People as an independent external professional and was also carried out according to the above-mentioned phases and methods. The survey generally revealed a satisfactory level of adequacy in all the areas investigated. In particular, the selfassessment process revealed widespread appreciation for the professional skills and knowledge of the Board members, as well as for the composition of the Board. A positive overall picture also emerged with regard to the functioning of the body. The Directors also expressed widespread appreciation for the training sessions promoted by the Bank.

Succession plans

FinecoBank is increasingly investing in the development of a sustainable leadership pipeline, creating internal growth opportunities and specific pathways to enhance and strengthen the leadership skills of managers, as well as in promoting diversity & inclusion to create a fair and inclusive environment.

To this end, with the support of the Human Resources function, the Appointments Committee identified the process and methodology to be adopted for the formulation of the succession plan for the Managing Director and General Manager, as well as for the othe

In 2024, after receiving a favourable opinion from the Appointments Committee, the Board of Directors last approved the succession plan for the Managing Director and of its formulation and the related process. In particular, within the framework of the Succession Plan, which is subject to annual updating, at least one candidate for succession is identified for each position in scope on the basis of a thorough short- or medium-/long-term assessment of potential and performance.

With regard to the Managing Director and General Manager, the Appointments Committee was supported by a leading consulting firm that carried out an independent assessment of the candidates for succession.

The succession of the Managing Director and General Manager can be managed either through the selection of internal or external candidates, based at all times on the optimal qualitative/quantitative profile for the position. 7.2 Appointments Committee

7.2.1 Composition and functioning of the Appointments Committee On April 27, 2023, the Board of Directors appointed the members of the current Appointments Committee, who are all non-executive and independent Directors pursuant to the TUF and the New Corporate Governance Code, and have adequate experience and expertise as assessed and ascertained by the Board of Directors on their appointment.

		qualitative/quantitative profile for the position.				through the selection of internal or external candidates, based at all times on the optimal
		the Corporate Bodies Regulations will apply.				With regard to the Chairman of the Board of Directors, the specific process codified in


appointment.						On April 27, 2023, the Board of Directors appointed the members of the current Appointments Committee, who are all non-executive and independent Directors pursuant to the TUF and the New Corporate Governance Code, and have adequate experience and expertise as assessed and ascertained by the Board of Directors on their
was as follows:						At the date of approval of this Report, the composition of the Appointments Committee
	Name	Executive	Non executive	Indep. Code	Indep. TUF	% (*)	(**)
Elena Biffi			X	X	X	12/12	C
						(100%)
Patrizia Albano			X	X	X	12/12 (100%)	M
Arturo Patarnello			X	X	X	12/12	M
						(100%)
	-------------		Members leaving office during the financial year-------------
N.A.
	No. of Committee meetings: 12
		meetings held during the actual period in office of the person concerned during the Year).				(*) This column shows the percentage attendance at Committee meetings (no. of attendances/no. of
					C	M

	December 31, 2025.					The members of the Appointments Committee will end their term of office at the time of
						The Appointments Committee meets when convened by its Chairman, whenever he/she
		deems necessary, or upon request of one of its members.
7.2.2		Functions of the Appointments Committee
						The duties assigned to the Appointments Committee are described below. This Committee has been assigned the duties and responsibilities in accordance with the

Supervisory Regulations and the New Corporate Governance Code. Specifically, the Appointments Committee has an advisory role assisting the Board with the following:

supporting the Board of Directors in the appointment and co-option of directors in accordance with the Supervisory Regulations;
providing the Board with opinions on:
a) the drafting (i) of the policy for the appointment of Directors of subsidiaries and investee companies, and (ii) the policy for verifying the suitability requirements pursuant to current legislation;
b) the qualitative/quantitative profile required by the Supervisory Regulations, making proposals to the Board on the qualitative/quantitative composition of the Board of Directors and its Committees considered optimal and the maximum number of positions held by Directors in other companies considered compatible with the effective performance of their duties in FinecoBank; c) the appointment of the Managing Director and/or the General Manager and d) the formulation of succession plans for the Chairman of the Board of Directors, e) the selection of candidates to the position of FinecoBank Director, in the event f) the appointment of members of the Board Committees; g) the various stages of the self
- other key management personnel;
- the Managing Director, the General Manager and the other key management personnel;
- of co-option, and where lists are submitted by the Board, of candidates to the position of independent director to be submitted for the approval of the Regulations);
- Corporate Bodies Regulations);
assisting the Risk and Related Parties Committee in the process for identifying and proposing the heads of the corporate control functions (Compliance, Internal Audit, Risk Management and Anti-Money Laundering (of the Bank and Group), as well the deputy to the Anti-Money Laundering Officer) and the person responsible for reporting suspicious transactions to be appointed or removed;
in compliance with the timeframe set forth in the Bank of Italy AML Provision, supports the Risk and Related Parties Committee in the process of identifying and proposing the Officer responsible for anti-money laundering for the Bank and the Group, ensuring that the latter meets the conditions set forth in Section III-bis of the Bank of Italy AML Provision;
supporting the Board of Directors in assessing their suitability pursuant to Article 26 of the TUB (requirements for corporate officers) and, in any case, in the applicable

primary and secondary regulations in force (including the rules on interlocking directorates), as well as in the subsequent check of the qualitative/quantitative composition considered optimal and the actual composition resulting from the appointment process;

supporting the Board of Directors in the process of ascertaining the suitability requirements established for the heads of the main corporate functions (i.e. AML Officer, Compliance Officer, Head of Internal Audit, Chief Risk Officer, Chief Financial Officer and Financial Reporting Officer) under current legislation; 7.2.3 Activities performed
supporting the Chairman of the Board of Directors in all the steps pertaining to induction and training programmes for members of the Board of Directors and of the Board of Statutory Auditors;
issuing opinions to the Board of Directors concerning the appointment of corporate officers (i.e. members of the boards of directors, boards of statutory auditors and supervisory boards) at the subsidiaries, as well as minority-owned companies.

During the financial year, the Committee met twelve times. The Committee meetings, with minutes taken by the designated Secretary, lasted an average of one hour and fifteen minutes.

During these meetings, the Appointments Committee on the basis of the necessary having taken note of the applicable regulations and the documentation supporting the proposals was called upon to express its opinion, inter alia, concerning the: (i) to the annual letter from the Chairman of the Italian Corporate Governance Committee, also e for the profiles of competence and subsequently approved by the Board of Directors on March 12, 2024, (ii) to the updates of the offices of corporate officers as and when communicated, (iii) to the succession plan for the Managing Director and General Manager and the Bank's top management figures, (iv) to the appointment of the Financial Reporting Officer, subject to verification of the eligibility requirements, (v) to the appointment of the replacement of the Head of the AML function, (vi) to the verification of the independence and interlocking requirements of the Directors, (vii) to the allocation of the budget for the same Committee for the year 2025. the insights that emerged from it. The Committee also issued a positive opinion on the

With reference to the self-assessment process, the Appointments Committee identified the independent external professional to be proposed to the Chairman of the Board of Directors for the self-assessment process referring to the 2023 financial year of the Board of Directors. Subsequently, the Committee expressed its opinion on the outcome -assessment process, while also taking into consideration

corrective actions to be taken with respect to the insights gained from the selfassessment results.

To support the Chairman of the Board of Directors, the Committee also supervised the work for the preparation of the training plans for the members of the corporate bodies. In particular, the Committee carried out the preliminary activities for the definition and updating of the training plan for the year 2024, defined on the basis of the results of the analysis aimed at identifying the issues of particular interest and the priorities of the topics to be dealt with, and with the aim of strengthening the skills of the Directors and providing a concrete and innovative response to the requests of the Regulators for the management of training programmes.

The Committee, through its Chair, had access to the information and corporate functions external advisors. The Chairman of the Board of Statutory Auditors and/or member of the Board also attended the meetings of the Appointments Committee, at the invitation of the Committee. Managers and staff of the corporate functions were also invited to attend in relation to individual items on the agenda, as well as external consultants.

Thirteen Committee meetings have been scheduled for the current financial year, three of which have already been held.

REMUNERATION OF DIRECTORS REMUNERATION COMMITTEE 8.1 Remuneration of Directors For the information required regarding the remuneration of executive directors, nonexecutive directors and key management personnel and concerning indemnities for Directors in the event of resignation, dismissal or termination of employment following a public purchase offer (pursuant to Article 123-bis, paragraph 1, letter i) of the TUF), see Annual Report on Remuneration Paid in the 2024 Financial Year - Section II of the Report on Remuneration Policy and Remuneration Paid published in accordance with Article 84-ter of the TUF, Article 84-quater of the Issuer Regulations and the provisions in Title IV, Chapter 2, Section VI of Bank of Italy Circular no. 285. 8.2 Remuneration Committee 8.2.1 Composition and functioning of the Remuneration Committee (pursuant to

Article 123-bis, paragraph 2, letter d) of the TUF)

Article 84-ter in Title IV, Chapter 2, Section VI of Bank of Italy Circular no. 285.	of the TUF, Article 84-quater				of the Issuer Regulations and the provisions

Article 123-bis, paragraph 2, letter d) of the TUF)
On April 27, 2023, the Board of Directors appointed the members of the current Remuneration Committee, who are all executive, independent Directors pursuant to the TUF and the New Corporate Governance Code, and have adequate experience and expertise as assessed and ascertained by the Board of Directors on their appointment.
At the date of approval of the Report, the Remuneration Committee was composed as follows:
Name	Executive	Non executive	Indep. Code	Indep. TUF	% (*)	(**)
Gianmarco Montanari		X	X	X	14/14 (100%)	C
Giancarla Branda		X	X	X	14/14 (100%)	M
Marin Gueorguiev		X	X	X	14/14 (100%)	M
------------- N.A.	Members leaving office during the financial year-------------
No. of Committee meetings: 14 (*) This column shows the percentage attendance at Committee meetings (no. of attendances/no. of meetings held during the actual period in office of the person concerned during the Year).
				C	M

The members of the Remuneration Committee will end their term of office at the time of

December 31, 2025.

For the additional information required regarding the establishment, duties and functioning of the Remuneration Committee, as well as the main activities performed, see: (i) Remuneration Committee -ter of the TUF, Article 84-quater of the Issuer Regulations and the provisions in Title IV, Chapter 2, Section VI of Bank of Italy Circular no. 285; (ii) the Corporate Bodies Regulations (Part B, § 1.2.). With regard to the external consultant providing support to the Committee, there were no 8.2.2 Functions of the Remuneration Committee (i) presenting proposals or issuing opinions to the Board for the definition of a

indications that his independence of judgement was compromised.

The duties assigned to the Remuneration committee are described below:

general remuneration policy for the Managing Director, the General Manager, the other Key Management Personnel and Identified Staff, to enable the Board to prepare the Report periodically assessing the suitability, overall consistency and effective application of the general remuneration policy approved by the Board; (ii) makes proposals or expresses opinions to the Board on the overall remuneration

and on the assignment and assessment of the performance objectives of the Managing Director, the General Manager, the other Executives with strategic responsibilities of the Financial Reporting Officer and of the Executive Vice President (as identified by the Global Job Model of the Group ), and for the determination of the criteria for the remuneration of the Company's top management, including the relevant performance targets related to the variable component of such remuneration; (iii) formulates proposals or expresses opinions to the Board of Directors on the

overall remuneration and on the assignment and relative evaluation of the performance objectives of the Heads of the corporate control functions (Head of the Compliance function, Chief Risk Officer, Head of the Internal Audit function, Head of the Anti-Money Laundering function). With reference to the Compliance, Risk Management and Anti-Money Laundering functions, it formulates proposals or issues opinions after consulting the Risk and Related Parties Committee; Furthermore, with reference to the Internal Audit function, it formulates proposals or expresses opinions with the favourable opinion of the Risk and Related Parties Committee; (iv) examining any share-based or cash incentive plans for the employees and the personal financial advisors of the Company and Group and strategic staff development (v) directly overseeing the proper application of remuneration rules for managers of

policies;

corporate control functions, in close conjunction with the control body;

(vi) working together with the other Board committees, in particular the Risk and Related Parties Committee, which, in relation to the remuneration and incentive policies, examines whether the incentives provided by the remuneration system take into account risks, capital and liquidity, whilst ensuring that this does not affect the tasks assigned to the Remuneration Committee, as well as proper coordination with that committee; (vii) ensuring the involvement of the competent corporate functions in the process to (viii) providing opinions, also using information received from the competent corporate (ix) providing appropriate reporting on its activities to the corporate bodies, including

prepare and check remuneration and incentive policies and practices;

functions, on the results of the procedure for identifying key personnel, including any exclusions;

Thirteen Committee meetings have been scheduled for the current financial year, three of which have already been held.

COMMITTEE

INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - RISK AND RELATED PARTIES The internal control system is a fundamental part of the overall governance system of banks. It has a central role in the organisation and ensures the effective monitoring of risk, in order to guarantee that operations are in line with company strategies and policies and based on principles of sound and prudent management, as well as the principle of sustainable success. as well as the corporate functions with specific internal control duties; - procedures for coordination between the parties involved in the internal control and

An efficient and effective internal control system forms the basis for creating value in the medium and long term, for safeguarding the quality of operations and for a correct perception of risk and appropriate allocation of capital.

Governance Code, applicable regulations and best practice, and is founded on:

control functions and positions, which involve, each for their area of responsibility, the Board of Directors, the Risk and Related Parties Committee, the Internal Control and Risk Management System Director, the Board of Statutory Auditors,
risk management system.

Board of Directors and Risk and Related Parties Committee;

Internal Control and Risk System Board ensures that the main risks to which the Bank is exposed are properly identified, measured, managed and monitored.

and, in line with the timelines for the process, reviews and updates the budget and financial plan, in order to ensure that the business is developed with a correct risk profile and in compliance with national and international regulations.

The Group Risk Appetite expresses the risk profile with respect to multiple dimensions (capital adequacy, profitability and risk, as well as controls on specific risks such as strategic, operational, information and security, credit, operational, market, sustainability, as well as funding and liquidity risks), defining reference metrics for each.

way as to represent simple and comprehensible information tools.

also materiality thresholds: (i) the Risk Appetite thresholds represent the extent of risk the Bank is prepared to assume to achieve its budget objectives and defines the constraints for the development of the business; (ii) the Risk Tolerance thresholds

represent alarm thresholds which activate the analysis of possible mitigation actions and must be reported promptly to the Chief Executive Officer; (iii) the Risk Capacity thresholds are the values that must not be exceeded; if exceeded, the Board of Directors must be informed. The Risks and Related Parties Committee, the Board of Directors and the Board of Statutory Auditors are informed on a quarterly basis of the progress of all KPIs and of any breach of materiality thresholds.

As regards responsibilities, the Corporate Bodies Regulations establish that the Board is responsible for the Internal Control and Risk System, providing guidance and assessing the adequacy of the system. It also identifies the following from within the Board of Directors:

the director responsible for establishing and maintaining an effective internal control Internal Control and Risk Management System Director
an internal Committee consisting entirely of Independent Directors, which assists the Board of Directors, based on appropriate preliminary investigations, in its assessments and decisions concerning the Internal Control and Risk Management System, as well as the approval of periodic financial reports and the Sustainability Report.

The Board of Directors, with the prior approval of the above-mentioned Committee:

(a) defines the guidelines of the Internal Control and Risk Management System, characteristics, its strategic direction and its risk profile, as well as its effectiveness, in terms of the ability to grasp the evolution of the business risks and the interaction between them, assigning the Internal Control and Risk Management System Director the task of establishing and maintaining an effective Internal Control and Risk System;

(b) after consulting the Board of Statutory Auditors, (i) appoints a person in charge of the the Internal Control and Risk Management System functions properly; (ii) shall ensure that it is adequately resourced to discharge its responsibilities and (iii) subject to the favourable opinion of the Remuneration Committee, shall define its overall remuneration in line with corporate policies and shall assign and assess its performance targets;

(c) after consulting the Board of Statutory Auditors, and with the support of the Appointments Committee, appoints and revokes the appointment of the Heads of the Compliance, Risk Management, Anti-Money Laundering (of the Bank and the Group), as well as the deputy of the Anti-Money Laundering Officer, and the Manager responsible for reporting suspicious transactions;

(d) appoints and removes, in compliance with the timetable provided for in the Bank of Italy AML Provision, with the support of the Appointments Committee, the Officer -money laundering, ensuring that the latter meets the conditions set out in Section III-bis of the same Provision, and ensures that such Officer is promptly informed of decisions which may affect the Bank's exposure

to money laundering risk, providing for specific information flows in this regard;

(e) approves, at least once a year, the audit plan prepared by the Head of Internal Audit, subject to approval by the Risk and Related Parties Committee and the Internal Control and Risk Management System Director, and after consultation with the Board of Statutory Auditors;

adopted by the Bank in the management of tax matters and, in particular, of the associated risk. In addition, at least once a year, and after the reporting to the Risk and Related Parties Committee, it is informed about the state of the internal control system for tax risk within the annual report on the tax risk situation;

(g) assesses, after consulting with the Board of Statutory Auditors, the findings of the external auditors in the audit opinion letter and the additional report on the audit work referred to in Article 11 of Regulation (EU) No 537/2014.

The Board of Directors assesses, among others and at least annually, the adequacy, functioning and effectiveness of the Internal Control and Risk System, with the aid of the Risk and Related Parties Committee, based on:

reports from the heads of: the Compliance function, Risk Management function, Anti-Money Laundering function and Internal Audit function;
reporting from the Financial Reporting Officer on the proper use of accounting standards and their consistency for the preparation of the consolidated financial statements, as well as the sustainability reporting standards.
all relevant information for the monitoring of overall company risk, provided by the competent units and/or the external auditors.

The Board globally monitors the main company risks, with the aid of the Risk and Related Parties Committee in relation to which please refer to Section 9.2.

With specific regard to compliance risk, the Board of Directors, after consulting with the Board of Statutory Auditors, (i) approves the risk management policies; (ii) evaluates, at least once a year and with the technical support of the Risk and Related Parties Committee, the adequacy of the organisational structure and the quality and amount of resources of the Compliance function, and analyses periodic reports on its controls on compliance risk management; and (iii) analyses the periodic reports on its audits in the context of compliance risk management.

In addition, the Board of Directors exclusively:

(a) determines the remuneration/incentive systems in favour of Key Personnel and the Personal Financial Advisors Network, and verifies that these systems do not increase business risks and are consistent with long-term strategies;

Meeting, on an annual basis, and is responsible for its proper implementation;

(c) sets the criteria for identifying the most significant transactions to be submitted for prior examination by the Risk and Related Parties Committee, and decides on

transactions with related parties and associated persons, in accordance with the related procedures;

(d) takes decisions on the transactions of the Company and those of its subsidiaries, where those transactions have a significant strategic, economic, capital or financial impact for the Company; to that end, it establishes general criteria for identifying significant transactions.

functions.

In accordance with Supervisory Regulations on internal control systems, the Bank carried out the annual assessment (for the financial year) on the adequacy of the internal control and risk management system with respect to the characteristics of the business and the risk profile assumed, as well as its effectiveness, which was positive.

The Committee, in consideration of the checks/analyses carried out on the contributions periodic and/or event-based reports by the Heads of the Corporate Control Functions) and/or from the outside (e.g. requests and communications from the Supervisory Authorities), taking into account the passage under ECB Supervision and the expectations of growth and expansion of the Bank's activities, continued to support the further strengthening of the overall control system in order to provide the Bank with a structure fully adequate to its size and complexity, its development ambitions and the reference context. With this in mind, the Committee, which already in the past monitored the development path of the control functions after the exit from the UniCredit group, monitored the phases of the project for the qualitative and quantitative strengthening of the Compliance function. The Committee, on the basis of the results of the control activities carried out, as well as of the further projects in progress, considers that the design of the internal control system is capable, within the limits of reasonableness, of identifying possible areas of weakness/improvement of the Internal Control System in a timely manner, and consequently of effectively directing/managing any corrective measures identified.

Also, in relation to business continuity the Board of Directors: (i) sets the objectives and business continuity strategies, ensuring sufficient human, technological and financial resources for the achievement of the objectives set; (ii) approves the business continuity plan and subsequent amendments as a result of technological and organisational changes, assessing and accepting the residual risks not managed by the business continuity plan; (iii) is informed, at least annually, of the results of controls adequacy and on business continuity measures; (iv) appoints the manager responsible for the business continuity plan.

the Emergency and Crisis Management Plan, which establishes the scale of emergency levels in the Company and the escalation rules, identifying the key roles in the management of emergencies/crises and the predefined management measures (plans), including the business continuity plan (and the disaster recovery plan which is an integral

part of it). The manager responsible for the business continuity plan is appointed by the Board of Directors.

In emergency/crisis situations, the Board is informed (by the Managing Director and General Manager or by the Company Business Continuity Manager based on the Emergency Level) about the status of the emergency and in the event of serious problems for company operations due to serious incidents or malfunctions.

In the 2023 financial year, in order to further strengthen the regulatory oversight of the management of serious operational or security incidents, the emergency and crisis management guidelines were duly updated, in alignment with external reference regulations, as well as the plans concerned, in order to incorporate them and business developments, in the annual update. The Bank has maintained remote working as the main emergency management measure under the BC Plan. These BC&CM plans were subject to the usual annual audits by the relevant organisational units.

In line with the Group's governance guidelines and the evolution of the business, the Irish subsidiary Fineco Asset Management DAC has its own ECM, BC and DR plans; measures include remote working as a contingency solution in their business continuity plan.

With specific reference to compliance risk(20), the Board of Directors, after consulting with the Board of Statutory Auditors, approves risk management policies. It also assesses, at least once a year and with the technical support of the Risk and Related Parties Committee, the adequacy of the organisational structure, the quality and amount of controls on the management of compliance risk. The Board of Statutory Auditors of FinecoBank monitors the effectiveness,

The Board also assumes overall responsibility for the direction and control of the information system, with a view to the optimal use of technological resources in support of corporate strategies (ICT governance) as better indicated in Section 4.1.1, letter (w) of the Report.

Board of Statutory Auditors

completeness, adequacy, functioning and reliability of the internal control and risk management system, and of the Risk Appetite Framework, in line with requirements of the Corporate Governance Code and the Supervisory Regulations.

It also monitors compliance with the Internal Capital Adequacy Assessment Process

⁽²⁰ Compliance risk financial losses or sustaining reputational damage, as a result of failure to comply with financial and banking laws, regulations, codes of conduct and good practices.

(ICAAP) and the completeness, adequacy, functioning and reliability of the business continuity plan.

With specific regard to the Board of Statutory Auditors also being able to take on supervisory board functions pursuant to Legislative Decree no. 231 of June 8, 2001, the Company considered it appropriate to assign these functions to a specifically created Body (see Section 9.4 of this Report).

The Board of Statutory Auditors establishes appropriate working relations with the Risk and Related Parties Committee to carry out joint activities, according to their specific areas of responsibility.

internal control units and functions to carry out and plan its verifications and the necessary assessments. To this end, it receives regular appropriate information flows or information on specific situations/company performance. Given this close connection, the Board of Statutory Auditors is specifically consulted about decisions regarding the appointment and revocation of appointment of the heads of the corporate control functions (Compliance, Risk Management, Internal Audit and Anti-Money Laundering), architecture (powers, responsibilities, resources, reporting flows and handling conflicts of interest). With regard to its own activities, the Statutory Auditors may request the Internal Audit function to carry out specific audit activities in operational areas and on company operations. The Board of Statutory Auditors verifies and investigates the causes of and remedies operational irregularities, performance anomalies, and shortcomings in the organisational and accounting structure. Special attention is given to compliance with regulations on conflicts of interest.

Control Functions

(i) level one controls activities and are carried out according to specific operational procedures based on a specific internal regulation; they are incorporated into the ICT procedures as much as possible. The operating structures have prime responsibility for the risk management process. Monitoring and continuously updating these processes is process supervisors ensure the proper performance of daily activities by the staff concerned, as well as the observance of any delegated powers. The processes subject to control relate to units that have contact with customers, as well as completely internal Bank units;
(ii) level two controls: these are controls whose objectives include ensuring the proper implementation of the risk management process. The Risk Management function (CRO) controls risks, as regards compliance with limits assigned to operating functions and the consistency of operations of individual production areas with established risk/yield objectives; The controls on the risks of failure to

comply with company operations with rules, including self-regulations, are performed by the Compliance function within its remit; second-level AML/Corruption controls are the responsibility of the Anti-Money Laundering and Anti-Corruption function; These functions assist in defining risk management policies and the risk management process;

(iii) level three controls: these controls are typical of internal auditing, based on analysis of information obtained from databases or company reports, as well as on-site controls. This type of control aims to identify breaches of procedures and regulations, in addition to periodically assessing the completeness, adequacy, functioning (in terms of efficiency and effectiveness) and reliability of the internal control system and information system (ICT audit) at a set frequency based on the nature and level of the risks. These controls are assigned to the Internal Audit function. To verify the compliance of the behaviour of the Group Companies with the guidelines of the Parent Company, as well as the effectiveness of the internal control system, the internal audit function of FinecoBank, at consolidated level, periodically carries out on-site controls on the members of the Group, based on the importance of the different types of risk assumed by the entities; including in particular the Board of Statutory Auditors and the Supervisory Compliance, Risk Management and Internal Audit(21) functions.
(iv) institutional supervisory controls: Committee pursuant to Legislative Decree no. 231 of June 8, 2001.

corporate control functions

ICT and security risk control function specific tasks to the Risk Management (CRO) and Compliance functions with regard to the management and supervision of ICT and security risks. This organisational solution was adopted using an option permitted by the aforementioned Supervisory Provisions.

The responsibilities of the Bank's corporate control functions are set out below.

The Risk Management Function

In accordance with the Supervisory Regulations, the Risk Management Function reports directly to the Managing Director and General Manager and has direct access to the Supervisory Body and the Control Body and communicates with them without restrictions

⁽²¹⁾ Corporate control functions also include the anti-money laundering function, the validation function as governed by the relevant provisions and the ICT and security risk control function as governed by Chapter 4, Sec. II, paragraph 4 of Circular No. 285/2013.

or intermediation.

Within the scope of the tasks and responsibilities defined by the prudential regulations, the Risk Management Function, at Group level and in an integrated manner, oversees the processes of governance, measurement and control of risks in accordance with the strategies and policies established.

Within the level two controls, the Risk Management Function is responsible for Risk Management Function carefully controls credit, market, operational/reputational, ICT, security, interest rate, liquidity, and sustainability risk, in collaboration with the level one structures for their respective areas of responsibility.

The Risk Management Function verifies the Second Pillar capital adequacy as well as through the development and maintenance of management models for determining the Internal Capital taking into account all the specific risks that the Group is exposed to that are not considered in the First Pillar (e.g. concentration risk and interest rate risk).

Specifically, the Risk Management function:

is involved in defining the RAF, risk governance policies and various stages of the risk management process, as well as establishing operational limits for the various types of risk. In this context, it proposes quantitative and qualitative parameters necessary to define the RAF, which refer to stress scenarios and the modifications operating context.
develops the capital adequacy assessment (ICAAP) and liquidity risk management (ILAAP) processes in accordance with regulatory requirements; it prepares its parts of the ICAAP and ILAAP document package addressed to the Supervisory Authorities and coordinates the contributions of the corporate functions involved;
checks the adequacy of the RAF and on an ongoing basis the adequacy of the risk management process and operating limits; it defines and applies stress testing scenarios for each risk area, with particular regard to the ICAAP and ILAAP;
is responsible for developing and maintaining the independence of risk measurement and control systems in order to report periodically to the control bodies and the Board of Directors;
defines procedures for assessing and controlling reputational risk, coordinating with the compliance function and with the most exposed corporate functions;
controls IT and ICT risks, ensuring that they are identified, measured, assessed, risk appetite, reporting accordingly to the Corporate Bodies. To this end, it contributes to the definition of the ICT and security risk management methodology, is informed of any activity or event that may significantly alter the risk profile, and participates in the risk assessment of projects for substantial changes to the information system;
assists the Corporate Bodies in assessing strategic risk, monitoring the significant variables;

ensures the consistency of risk control and measurement systems with the processes and methodologies for assessing the company activities, coordinating with company units concerned;
develops and adopts indicators designed to identify anomalies and inefficiencies in risk control and measurement systems;
analyses the risks of new products and services and risks from entering new operating and market segments;
gives prior opinions on the consistency of material transactions with the RAF, and obtains the opinion of other functions involved in the risk management process, based on the nature of the transaction;
constantly monitors the actual risk assumed by the Group and its consistency with the risk objectives, as well as compliance with the operating limits assigned to the operating structures in relation to the assumption of the various types of risk, making any proposals to the Managing Director and General Manager for changes to contain the risks; of timely corrective measures where necessary.
checks the adequacy and effectiveness of measures taken to remedy inefficiencies identified in the risk management process;
helps the Corporate Bodies in the performance of their respective tasks relating to the Internal Control System, facilitating the timely and coordinated gathering of all relevant information for the quantification and management of risk and the adoption

The function also carries out monitoring and reporting for the Corporate Bodies, mainly

The Compliance Function

The Compliance function monitors the management of compliance risk(22) using a riskbased approach, for all the company operations, ensuring that internal procedures are appropriate for preventing this type of risk.

The Compliance function assists/supports management and Company employees in managing compliance risk and monitoring the correct conduct of business operations in order to ensure compliance with applicable regulations, internal procedures and best practice.

For an effective management of compliance risk, the Company must have a Compliance function. This function must be independent, with a sufficient number and quality of human and technical resources for the duties to be performed, able to freely interact with Senior Management and the Corporate Bodies. It must have access to all resources and company information and be able to report any matter directly to the higher hierarchical levels.

⁽²²⁾ Compliance risk may be defined as the risk of incurring legal or administrative penalties, financial losses or sustaining reputational damage, as a result of failure to comply with financial and banking laws, regulations, codes of conduct and good practices.

In particular, the Compliance function of the Parent Company is responsible for guiding, coordinating and monitoring compliance matters at Group level and is responsible for developing the Global Compliance Rules; setting standards of conduct for the regulatory areas applicable throughout the Group; developing Group methodologies for risk assessment and level two compliance controls; periodically providing senior management an overview of the status of compliance risks in the Group.

As of April 1, 2024, based on the resolution of the Board of Directors of December 14, 2023, the Compliance Department underwent a reorganisation in order to increase the supervision of specific areas. In particular, (i) to better represent its autonomy and independence from an organisational point of view and to create a specific line of competence, the Anti-Money Laundering and Anti-Corruption Function was transferred as a new Department reporting directly to the Managing Director and General Manager; (ii) a new Compliance Oversight technical structure was set up on the Compliance Department's staff, which was assigned the task of supporting the Compliance Officer in coordinating the Compliance function's oversight activities at the Group's Legal Entities. - 40th update), the Compliance Function, through the support of the DPO Unit, mainly with the ICT & Security Office Department and the CRO Department;

With specific reference to ICT & Security Compliance risk management, in compliance with the provisions of the reference regulatory framework (Bank of Italy Circular No. 285 Outsourcing, ICT & Security Compliance: With regard to the regulatory areas under its responsibility, the Compliance function

ensures the compliance of ICT systems and projects, as well as of all activities carried out within the framework of the information system, with legal, regulatory or statutory provisions and internal regulations and codes applicable to the bank;

contributes to the definition of the information security policy for the area of competence in order to ensure its adherence to the applicable regulations, working

validates, as part of its internal policy evaluation process, the policy defining the Bank's ICT and security risk management methodology;

contributes to the development, in coordination with the Chief People Officer Department and on the basis of input from the ICT & Security Office Department and the CRO Department, of the relevant training plan.

performs:

(i)
(ii) indirect oversight of regulatory areas which are already subject to forms of control by specialist units within the Bank (in accordance with the Supervisory Regulations for banks issued by the Bank of Italy in Circular no. 285/2013 as amended).

The main areas covered by the direct oversight model are: provision of banking and financial services, banking transparency and consumer credit, consumer protection,

credit intermediation, usury, credit management (including the relevant rules on sustainability), payment services, supervisory reporting (including significant shareholdings), prudential supervision (including shareholdings held by banks and banking groups), privacy, administrative liability for offences committed in the interest of the company, anti-money laundering and combating the financing of terrorism, sanctions and embargoes, corruption and unlawful receipt or giving of money or other benefits antitrust and unfair commercial practices, provision of investment services and activities (including the relevant sustainability rules), management of Group conflicts of interest, regulations relating to markets in financial instruments, centralised management of financial instruments, market abuse, promotion and distribution of insurance products (including the relevant sustainability rules), accessibility, risk activities towards related parties, remuneration and incentive systems (for employees and the PFA Network, including the relevant sustainability rules), ICT and security risk control function (ref. continuity, outsourcing management and artificial intelligence. safety regulations), the tasks of the Compliance function can be scaled. The Compliance

For the purposes of covering the regulatory areas of competence, the Compliance function interacts with the relevant Control Authorities (e.g. European Central Bank, CONSOB, Bank of Italy, IVASS, AGCM, Privacy Regulator) and supports relations with the competent local Control Authorities, maintained locally by the Entities.

The indirect oversight model envisages that, for a regulations that are already subject to specific forms of oversight capable of managing the compliance risks (e.g.: occupational functions remains responsible in any event, in cooperation with the specialist functions, at least for developing the methodologies for assessing compliance risk and identifying the related procedures, and verifying the adequacy of those procedures for preventing compliance risk.

Currently, in FinecoBank, specialist supervision has been assigned to the following Chief People Officer - Trade Union, Labour & People Care and Total Reward & People Analytics; GBS - Real Estate; CFO - Tax Compliance; CFO Sustainability

In performing its duties, the Compliance function has access to all Bank operations, at both a central and peripheral level, and to all information considered significant, also through direct interviews with personnel.

To this end, the Bank, in line with current national and international best practice, has an internal whistleblowing system for employees to report any irregularities or violations of applicable regulations and internal procedures, which provides a specific, confidential information channel and guarantees the anonymity of the whistleblower. The system, managed by the Compliance function, is available to employees, personal financial advisors and third-party providers. FinecoBank's Compliance structure is divided into the Compliance Department,

consisting of the following Units, for each of which a description of the most relevant tasks and activities is set out below: Compliance Oversight, Compliance Culture &

Governance, Transparency & Customer Protection, Investment Services, Markets & Regulatory Reporting, DPO, Outsourcing, ICT & Security Compliance, each dedicated, for the regulatory areas of their respective competence, to advisory activities, to the identification and assessment of non-compliance risks and to the definition and implementation of second-level controls.

COMPLIANCE OVERSIGHT

The technical structure supports the Compliance Officer in coordinating the oversight collaboration of the other Units of the Department, responsible for this subject matter, it has the task of:

conducting periodic and, where necessary, event-driven meetings with the contacts of the compliance functions of each Legal Entity;
reviewing the reports produced quarterly, by each Legal Entity Compliance Officer, for the Parent Company Compliance;
prepare, for the Head of Department, periodic reports on the main aspects of noncompliance risk and the main activities carried out by the compliance functions of the Legal Entities, for subsequent reporting to the parent company's corporate bodies.

COMPLIANCE CULTURE AND GOVERNANCE

The unit is responsible for the ongoing monitoring and identification of external regulations applicable to the Bank and the measurement/assessment of their impact on corporate processes and procedures, falling within the scope of its areas of responsibility, such as Administrative Responsibility of the Company - Legislative Decree 231/01, whistleblowing, remuneration and incentive systems for employees and the PFA Network, - supports the Compliance Officer in analysing, assessing and handling reports of - participates, when requested, in working groups for the profiles of competence, also - supports the Supervisory Board 231 in the updating and implementation activities of

The unit also:

unlawful conduct within the FinecoBank Group by employees and third parties, received in accordance with the procedures defined by internal whistleblowing regulations and procedures;

with a view to the correct application of the regulations;

the decision-making protocols in which sensitive corporate activities and related offences are identified, possibly involving the corporate structures concerned from time to time;

performs secretarial work (e.g. calling of meetings, minutes) for the 231 Supervisory Board, the Risk and Related Parties Committee, the Products Committee and the Internal Control Business Committee.

DPO, OUTSOURCING, ICT & SECURITY COMPLIANCE The unit is in charge of the continuous monitoring and identification of external regulations applicable to the Bank and the measurement/assessment of their impact on corporate processes and procedures, falling within the scope of its areas of competence, such as privacy, ICT & Security Compliance (control of ICT and security risks to the extent of its competence), operating continuity, outsourcing (including ICT Third Parties) and artificial intelligence. the role of Data Protection Officer - DPO.

With a focus on ICT & Security Compliance, the unit supports the Compliance Department in the activities described earlier in this Section.

significant operational or security incidents, as well as any substantial changes to ICT systems and processes, and is actively involved in projects for substantial changes to the information system in order to assess its adherence to the regulations applicable to the Bank.

The Unit Manager, by resolution of the Board of Directors of FinecoBank, is assigned

MARKETS & REGULATORY REPORTING

The unit is responsible for the ongoing monitoring and identification of external regulations applicable to the Bank and the measurement/assessment of their impact on business processes and procedures, with reference to regulations aimed at ensuring the integrity and transparency of markets in financial instruments. - provision of investment services and activities (in particular in relation to MiFID II regulations - including relevant sustainability issues); - Sustainable Finance Disclosure Regulation (SFDR);

Specifically, the unit deals with: (i) market abuse; (ii) financial benchmarking; (iii) EMIR and SFTR obligations; (iv) short selling; (v) centralised management of financial instruments; (vi) significant shareholdings.

INVESTMENT SERVICES

Packaged Retail Investment and Insurance-based Investments Products (PRIIPs);
promotion and distribution of Insurance-based Investment Products (IBIPs) in the provision of investment services and other insurance products (Insurance Distribution Directive - IDD regulations); - promotion and distribution of pension funds; - identification, prevention and management of conflicts of interest related to the - unfair commercial practices (misleading commercial practices, misleading omissions

provision of investment services and activities;

and aggressive commercial practices) in relation to investment instruments, products and services.

TRANSPARENCY & CUSTOMER PROTECTION The unit is responsible for the ongoing monitoring and identification of external regulations applicable to the Bank and the measurement/assessment of their impact on corporate processes and procedures, falling within the scope of its responsibilities, such as the provision of banking, credit and payment services.

In particular, for these services, the unit deals with the areas of: (i) transparency, (ii) usury, (iii) unfair commercial practices (misleading commercial practices, misleading omissions and aggressive commercial practices), (iv) consumer protection, (v) conflicts of interest and risk activities with related parties, (vi) sustainability.

The Anti-Money Laundering and Anti-Corruption Function

The Management is responsible for the ongoing monitoring and identification of the external regulations applicable to the Bank and the measurement/assessment of their impact on the Bank's processes and procedures in the areas of anti-money laundering, combating the financing of terrorism, financial sanctions (hereinafter referred to in the - -corruption. It supports the Managing -money laundering policy as required by the relevant external standard, for subsequent approval by the Board of Directors, and in its implementation at all stages of the anti-money laundering risk management process. It oversees the drafting of other internal regulations and interpretative notes for the Bank, within its area of competence, in order to ensure the correct application of the relevant external regulations.

The Management also ensures the implementation of the same policies and guidelines, involving the other structures of the Bank affected at the time, and verifies on an ongoing basis that corporate procedures are consistent with the objective of preventing and countering the violation of anti-money laundering and anti-terrorism rules, as well as the application of financial and anti-corruption sanctions.

The Management is assigned the role of Anti-Money Laundering Function for the Bank

required by current legislation; By virtue of this role, it provides:

at preventing and combating money laundering risks;

collaborate in defining the system of internal controls, processes and procedures aimed - continuously verify the adequacy of the overall money laundering risk management process and the suitability of the system of internal controls, processes and procedures, and propose organisational and procedural changes to ensure adequate money laundering risk management; - assess in advance the money laundering risk associated with offering new services, - verifying the reliability of the information system for fulfilling the obligations of customer - conduct, in liaison with the head of the SOS, checks on the functionality of the reporting - conduct, in liaison with the other corporate functions concerned, the annual self-- providing support and assistance to corporate bodies and top management;

significantly modifying products or services already offered, entering a new market or starting new activities, and then recommend the measures necessary to mitigate and manage these risks; - generate and transmit monthly Aggregated Anti-Money Laundering Reporting - - transmit to the FIU, on the basis of instructions issued by it, objective communications - define, in agreement with the Head of Suspicious Transaction Reporting, procedures

due diligence, data retention and suspicious transaction reporting;

process and the appropriateness of the assessments made by the first level on customer operations; - promptly inform the Corporate Bodies of breaches or significant deficiencies

assessment exercise of the money laundering risks to which the Bank is exposed;

S.A.R.A. to the FIU;

concerning transactions at risk of money laundering;

for handling reports from first-level structures concerning high-risk situations, for subsequent approval by the Managing Director and General Manager;

encountered in the performance of their tasks.

periodically inform the corporate bodies of the progress of the corrective actions taken in the face of deficiencies found in the control activity and of the possible inadequacy of the human and technical resources assigned to the anti-money laundering function and the need to strengthen them; - prepare information flows on anti-money laundering activities directed to corporate - ensure that the internal reporting procedures for violations (under Article 48 of the Anti-- prepare policies and operating procedures for remote customer onboarding to comply

bodies and top management;

Money Laundering Decree) adopted are brought to the attention of all personnel;

with customer due diligence requirements, for subsequent approval by the competent

corporate bodies (Board of Directors and Managing Director and General Manager, respectively); therefore, ensure that they are implemented effectively, reviewed periodically and amended as necessary.

In the event of outsourcing of tasks assigned to the anti-money laundering function, the Anti-Money Laundering Officer is required to follow the provisions of the relevant internal rules. With regard to the measures put in place to combat corruption, the Management ensures

the definition and implementation of the Anti-Corruption Programme approved by the Board of Directors.

The Management reports directly to the bodies with strategic supervision, management information relevant to the performance of its tasks. The Management prepares, at least once a year, a report for the Board of Directors, the Board of Statutory Auditors and the Supervisory Board on the initiatives taken, the dysfunctions ascertained and the relevant corrective actions to be taken, as well as on the training activities of personnel (employees and PFAs) in order to enable the aforesaid bodies to perform their supervisory duties as provided for by Legislative Decree No. 231/2007.

The Management cooperates with the authorities referred to in Title I, Chapter II of Legislative Decree 231/2007, as a specialised corporate anti-money laundering watchdog. The Head of the Management is assigned the role of Head of the Anti-Money Launderin with the Board of Statutory Auditors, with the support of the Appointments Committee and subject to the opinion of the Risk and Related Parties Committee; for the performance o information relevant to the performance of its tasks. The Head of the Anti-Money Laundering Function, who ensures the ownership and implementation of an appropriate programme for the management of Financial Sanctions, is assigned responsibility for Financial Sanctions.

With reference to the Fineco banking group, the Head of the Anti-Money Laundering Function of the parent company acts as Group Anti-Money Laundering Officer.

In liaison with the Bank's functions responsible for training, the Management ensures the preparation of an adequate anti-money laundering training plan and provides for the identification of anti-corruption training needs in order to define the appropriate training activities, so as to achieve continuous updating of employees and collaborators, including PFAs; It also defines indicators of the effectiveness of the training activity carried out.

Finally, from a structural point of view, in the light of the above, it should be noted that the Management is divided into units: (i) Governance and Controls for Anti-Money Laundering and Anti-Corruption; (ii) Anti-Money Laundering and Anti-Corruption Service; (iii) Suspicious Transaction Reports.

9.1 Chief Executive Officer In order to comply with Article 6, Recommendation 32 of the New Corporate Governance Code (formerly Principle 7.P.3 of the Corporate Governance Code), in compliance with the Supervisory Provisions issued by the Bank of Italy, the responsibility for the internal control and risk management system, also aimed at contributing to the sustainable success of the Company, also pursuant to the New Corporate Governance Code, lies with the Board of Directors, which plays a role in guiding and assessing the adequacy of the system and identifies the Managing Director and General Manager, Mr. Alessandro Foti, as the director in charge of the institution and the Board of Statutory Auditors and maintaining an effective internal control and risk management system (hereinafter, the Director in Charge

In the context of the Internal Control System, primarily the Director in Charge, also pursuant to the New Corporate Governance Code:

ensures the identification of the main corporate risks, taking into account the characteristics of the activities carried out by the Company and its subsidiaries, and submits them to the Board of Directors for examination;
is responsible for the implementation and performance of the stress testing plan and ensures that clear responsibilities and sufficient resources are assigned and distributed and that all elements of the plan are properly documented and regularly updated in the internal procedures;
defines the tools and methods for implementing the risk management and control management and monitoring of the internal control and risk management system, establishing the operational limits to the assumption of the various types of risk, facilitating the development and dissemination of a risk culture, making use of the competent corporate structures and functions;
oversees the implementation of the strategic guidelines and money laundering risk governance policies approved by the Board of Directors and is responsible for the adoption of all actions necessary to ensure the effectiveness of the organisation and the system of anti-money laundering controls;
ensures the overall adequacy of the system, its effective operation and its adaptation to changes in the operating environment and in the legislative and regulatory landscape;
assigning, where necessary, the Internal Audit function with the task of carrying out checks on specific operational areas and on compliance with internal rules and procedures in the execution of corporate transactions, simultaneously notifying the Chairman of the Board of Directors, the Chairman of the Risk and Related Parties Committee and the Chairman of the Board of Statutory Auditors;
implementing follow-up measures for the Internal Control and Risk System after controls have been carried out, adopting necessary corrective measures or actions if inefficiencies or anomalies are identified, or after the introduction of new products, activities, services or processes that are significant, in order to continuously ensure the completeness, adequacy, functioning and reliability of the internal control system;

reporting the results of the checks, envisaged in the risk management and control system, to the Board of Directors;

promptly reports to the Risk and Related Parties Committee and to the Board of Directors on problems and critical issues that have emerged in the performance of its activities or of which it has otherwise become aware so that the latter may take the appropriate initiatives.

In addition, the Director in Charge has, inter alia, the duty and responsibility to:

establishing the responsibilities of the corporate structures and functions involved in the risk management process, to ensure that their tasks are clearly assigned and potential conflicts of interest are prevented;
establishing and overseeing the adoption of the process to approve investments in new products, the distribution of new products or services or start of new activities or entry into new markets, or the adoption of processes and methods to evaluate company operations, in particular financial instruments, overseeing ongoing updates; risk to within the target set;
defining and overseeing the implementation of company policy on the outsourcing of corporate functions;
defining internal information flows to ensure that the Corporate Bodies and the Corporate Control Functions are fully aware of and can govern risk factors and RAF);
authorising, within the RAF and where a tolerance threshold has been defined, the risk appetite being exceeded, within the tolerance threshold limit, reporting to the Board of Directors and identifying the management actions necessary to return the
approving the annual plan of testing of the business continuity measures and reviewing the test results documented in writing;
ensuring proper, timely and secure management of information for accounting, management and reporting purposes;
ensuring the completeness, adequacy, functionality (in terms of effectiveness and
ensuring the implementation of the data governance and management policies (data governance framework), including data aggregation and reporting, at Group level approved by the Board of Directors.

With reference to the ICAAP and ILAAP process, the Director in Charge implements this process by ensuring that it is in line with the strategic guidelines and the RAF and that it meets the following requirements: it considers all relevant risks; it includes forwardlooking valuations; it uses appropriate methodologies; it is distributed to the internal units; it is adequately formalised and documented; it identifies the roles and responsibilities assigned to the corporate functions and units; it is managed by an adequate number of competent resources, in a hierarchical position sufficient to ensure compliance with the planning; it is an integral part of the management activities.

The Director in Charge submits the ICAAP/ILAAP documentation to the corporate bodies, with the support of the Chief Risk Officer and the Chief Financial Officer.

With specific regard to credit and counterparty risk, in line with strategic policies, the Director in Charge shall approve specific guidelines designed to ensure the effectiveness of the system for managing credit risk mitigation techniques and guarantee compliance with the general and specific requirements of such techniques.

With specific regard to internal risk measurement systems for defining capital requirements, the Managing Director and General Manager has the following duties:

responsibility for the structure and functioning of the system chosen; to perform this duty, he/she shall have an adequate knowledge of relevant aspects;
issuing instructions to ensure that the system chosen is developed based on identified guidelines, assigning duties and responsibilities to the corporate functions and guaranteeing the formalisation and documentation of the stages of the risk management process;
ensuring that risk measurement systems are integrated into decision-making and operational management processes;
considering observations made following the internal audits.

Finally, the Managing Director and General Manager are entrusted with specific tasks pertaining to matters provided for by internal company regulations. In this regard, it should be noted that, inter alia, the Managing Director and General Manager, in his/her role as a Body with Management Functions, are assigned responsibilities in the area of of the 40th update of Bank of Italy Circular 285 on ICT and security risk. 9.2 Risk and Related Parties Committee 9.2.1 Composition and functioning of the Risk and Related Parties Committee

The Managing Director and General Manager may be invited, by the Chairman of the Committee, to attend the meetings of the Risk and Related Parties Committee. Within these meetings, he/she reports to the Committee on the relevant issues on the agenda, providing clarifications where necessary and responding to any requests for further information from the Committee..

(pursuant to Article 123-bis, paragraph 2, letter d) of the TUF)

The Board of Directors appointed members of the Risk and Related Parties Committee on April 27, 2023; all of its members are non-executive and independent Directors.

Furthermore, in accordance with Article 6, Recommendation 35 of the New Corporate Governance Code, under which at least one member of the committee is required to have adequate experience in accounting and finance or risk management, the Board of Directors established that all members of the Risk and Related Parties Committee, on their appointment, met the above requirements, and more generally, had the knowledge, guidelines.

If the Chairman is absent or incapacitated, the oldest member of the Committee acts as Chairman.

The Chairman of the Board of Statutory Auditors or another Statutory Auditor designated by the Chairman of the Board of Statutory Auditors attends the Committee meetings as of right. Also taking part are the Financial Reporting Officer (Nominated official in charge of drawing up company accounts), the Chief Financial Officer, the Head of the Internal Audit, the Head of the Compliance Function and the Chief Risk Officer, without prejudice to the provisions of Section 6 above.

During the financial year, the Chairman of the Board of Statutory Auditors and the Statutory Auditors also attended the meetings of the Appointments Committee, also at the invitation of the Committee. Managers and staff of the corporate functions were also invited to attend in relation to individual items on the agenda, as well as external consultants. The Committee was given access to the information and corporate functions it needed to perform its tasks. the Chairman of the Risk and Related Parties Committee and refrain from taking part in 9.2.2 Functions assigned to the Risk and Related Parties Committee

With regard to the activities related to opinions on transactions carried out by the Bank with persons in potential conflict of interest pursuant to the Global Policy, for each transaction considered, the members of the Risk and Related Parties Committee must be different from the counterparty and its related parties.

If a member of the Committee is a counterparty in the transaction (or connected to the counterparty), he/she must promptly inform the Chairman of the Board of Directors and any further business of the Committee that refers to that transaction.

In such case, the Committee takes its decision with the casting vote of the Committee Chairman in the event of a tie.

The duties assigned to the Risks and Related Parties Committee are described below.

The role of the Committee is to provide information, advice, make proposals and enquiries, based on a risk-based approach, in defining guidelines for the entire internal control system, and to assess its effectiveness and efficiency, so that the main risks are properly identified and appropriately measured, managed and monitored, subject to the

The Risk and Related Parties Committee contributes to promoting a risk culture by enhancing controls aimed at intercepting and mitigating risk.

The Risk and Related Parties Committee is responsible for evaluating the correct use of accounting standards in preparing financial statements and their consistency for the purposes of preparation of the consolidated financial statement, the correct use of sustainability reporting standards, as well as overseeing the effectiveness of audits and the activities of external auditors.

The Committee is also responsible for transactions with related parties and associated persons in accordance with the Related-Party Regulations, pursuant to the applicable Supervisory Regulations, as well as transactions with other persons in potential conflict

of interest in accordance with the Global Policy.

The Risk and Related Parties Committee, among other things:

(a) identifies and proposes to the Board, with the contribution of the Appointments Committee, the heads of the corporate control functions (Compliance, Internal Audit, Risk Management and Anti-Money Laundering (of the Bank and the Group), as well as the deputy of the Anti-Money Laundering Manager) and the person in charge of reporting suspicious transactions to be appointed and assesses their removal; (b) identifies and proposes to the Board, in compliance with the timetable set forth in (c) supports the Board, to the extent of its competence and with the help of the
the Bank of Italy AML Provision, with the support of the Appointments Committee, the Officer in charge of anti-money laundering for the Bank and the Group, ensuring that the latter meets the conditions set forth in Section III-bis of the Bank of Italy AML Provision;
Appointments Committee, in the process of verifying the satisfaction of the suitability requirements for the heads of the main corporate functions (i.e. AML Officer, Compliance Officer, Head of Internal Audit, Chief Risk Officer, Chief Financial Officer and Financial Reporting Officer) pursuant to current legislation, including internal regulations; (d) provides opinions on specific aspects relating to the identification of key corporate (e) contributes to the definition, using a risk-based approach, of the guidelines of the
risks, which is also carried out through the annual process of definition of the RAF;
internal control system, so that the main risks facing the Company and the Group are correctly identified and adequately measured, managed and monitored, providing recommendations to the Board on compliance with the principles with which the internal control system and business organisation need to be aligned, and the requirements that need to be met by the Compliance, Internal Audit, Risk Management and Anti-Money Laundering functions, bringing to the attention of the Board any weaknesses, along with the resulting corrective actions to be taken; (f) reports to the Board of Directors, at least every six months, when the annual (g) performs a prior examination of the activity schedules (including the Internal Audit (h) examines the periodic reports and audit reports produced by the Internal Audit
financial statements and the half-yearly financial statements are approved, on the Management System;
plan) and the annual reports of the Compliance, Anti-Money Laundering, Internal Audit and Risk Management functions that are submitted to the Board;
function and evaluates any findings, monitoring the elimination of reported deficiencies/irregularities, the implementation of the proposed remedies and the adoption of any recommendations;

Audit function;
(i) monitors the independence, adequacy, effectiveness and efficiency of the Internal (j) carries out appropriate preliminary activities to support the assessments and decisions of the Board of Directors regarding the management of risks arising from detrimental events that come to the knowledge of the Board of Directors; (k) contributes, through assessments and opinions, to defining the company policy on
outsourcing of control functions;
(l) verifies that the Compliance, Internal Audit, Risk Management and Anti-Money Laundering functions comply correctly with the instructions and guidelines from the Board and assists the latter in preparing the coordination documents required by the Supervisory Regulations;
(m) after consulting the Financial Reporting Officer, the statutory auditor and the control body, assesses the correct use of the accounting standards and their consistency for the purposes of preparing the consolidated financial statements, as well as sustainability reporting standards;
(n) as far as it is competent, on the list of relevant sustainability issues and topics, examines and, where appropriate, formulates proposals with reference to the associated risks for sharing with the Corporate Governance and Environmental and Social Sustainability Committee and subsequent approval by the Board of Directors; (o) examines the process of preparing interim reports required by law, as well as the (p) assesses, for the matters within its remit, the suitability of the periodic financial (q) examines the content of sustainability reporting relevant to the internal control and (s) meets at least once a year with the external auditors;
annual financial statements, including the sustainability report, based on reports from the competent functions;
business model, strategies, the impact of its activities and its performance;
risk management system;
(r) reporting and auditing, reviewing the work plan prepared for the audit, the results contained in the report and any letters of recommendations;
(t) examines reports received from the Board of Statutory Auditors, from the Supervisory Board pursuant to Legislative Decree no. 231 of June 8, 2001, and the Regulatory Authorities, assessing the findings and ensuring that any abnormal situations or deficiencies are remedied; (u) can ask the Internal Audit function to assess specific operating areas, giving
simultaneous notice to the Chairman of the Board of Statutory Auditors, the Chairman of the Board of Directors and the Internal Control and Risk Management

System Director;

(v) provides its opinion to the Board of Directors on the Report on corporate governance and ownership structures, for the purpose of describing the key characteristics of the Internal Control and Risk System and the methods of coordinating the parties involved in it (specifying the reference national and international models and best practices), and of assessing the adequacy of the Internal Control and Risk System; (w) formulates prior opinions (binding, where appropriate) on the procedures (x) provides preliminary, justified opinions, where expressly required, on the interest (y) in the case of significant transactions with persons in potential conflict of interest
governing the identification and management of transactions carried out by the Company with persons in potential conflict of interest pursuant to the Global Policy, as well as on any amendments thereto;
in completing transactions with persons in potential conflict of interest put in place by the Bank (23), and the convenience and substantial correctness of the relevant conditions;
(24), the Risk and Related Parties Committee is involved if so deemed by the same, by means of one or more appointed members in the negotiations and the preparatory phase by receiving a complete and timely information stream, with the power to request information and to make observations to the delegated bodies and the persons in charge of the negotiations or the investigation. With particular regard to the tasks in matters of risk management and control, the Risk

and Related Parties Committee provides support to the Board:

in defining and approving strategic guidelines and risk management policies; in the context of the Risk Appetite Framework (RAF), the Risk and Related Parties Committee carries out the evaluation and proposal making activity required to ensure that the Board of Directors, as required by the Supervisory Regulations,
in verifying the correct adoption of risk governance strategies and policies and the Risk Appetite Framework (RAF);
-
in the definition and revision where appropriate of the policy on resolution and assists the Board in overseeing its implementation;

⁽²³⁾ In accordance with the Global Policy.

⁽²⁴⁾ In accordance with the Global Policy.

in defining policies and processes for evaluating company activities, including verification that the price and conditions of transactions with customers are consistent with the business model and risk strategies;
with regard to banking, financial, investment and insurance products, in relation to: (i) defining the process for approval of new products and services, the commencement of new business and the entry into new markets; (ii) approving and updating policies containing guidelines on Product Governance requirements; (iii) monitoring the process of governance of financial instruments, using the reports from the Compliance function, which systematically include information about the financial instruments produced by the intermediary, the services offered and the distribution strategy; (iv) approving proposals for unilateral amendments pursuant to Article 118 of the TUB.
within the scope of the general responsibility for the direction and control of the information system, as well as in terms of data management governance.

Without prejudice to the responsibilities of the Remuneration Committee, the Risk and personnel and ensures that the incentives underlying the remuneration and incentive system are consistent with the RAF, taking into account in particular risks, capital, liquidity, in line with current regulations (see Bank of Italy Circular no. 285 and the EBA ion, without prejudice to the competences of the Remuneration Committee, the Risk and Related Parties Committee is involved in the definition of the overall remuneration and on the assignment and relative evaluation of the performance objectives of the Heads of the corporate control functions (Head of the Compliance function, Chief Risk Officer, Head of the Internal Audit function, Head of the Anti-Money Laundering function); formulating with reference to Internal Audit an explicit opinion on the definition of the overall remuneration and on the allocation and evaluation of performance objectives, 9.2.3 Activities performed

The Risks and Related Parties Committee and the Board of Statutory Auditors exchange all information of mutual interest and, where appropriate, coordinate the development of their respective tasks.

During the financial year, the Committee carried out the duties assigned to it by the Board of Directors, operating in an advisory, propositional and investigative capacity with regard to matters concerning the internal control and risk management system.

In this regard, the Committee met a total of twenty-two times; the meetings lasted on average about three hours, analysing the results of the activities carried out by the control functions (e.g. Audit, Compliance, Anti-Money Laundering and Risk Management) and by the IT manager through an in-depth examination of the quarterly reports prepared by those functions. Minutes of each meeting were taken by the designated Secretary.

The Committee assessed the correct use of accounting principles for the preparation of the financial statements as at 31 December 2023, meeting with the Financial Reporting Officer and the Independent Auditors, receiving information on the audit plan and the identification of key aspects of the same, as well as the accounting principles used for the preparation of the consolidated half-year financial report as at June 30, 2024.

During the year, it received reports on the system of internal controls on Financial Reporting required by Law 262/2005 (the Savings Act) on the adequacy of the administrative and accounting procedures laid down in the Administrative Accounting Model and ICT General Controls, and monitored the progress of the CSRD project and the controls envisaged on the information to be reported.

It monitored how the corporate governance rules laid down in the New Corporate Governance Code were implemented in practice, including by examining the Corporate Governance Report.

The Committee was informed quarterly of transactions with related parties/associated parties for which there was no need to express an opinion.

In several meetings, the Committee reviewed the formation of the RAF 2025 in terms of changes to the indicators used as well as the CRO Dashboard used for the review of staff incentive plans, and gave its opinion on the remuneration and assignment and evaluation of performance objectives for the Head of Internal Audit, analysed these profiles for the other Heads of the corporate control functions (Compliance, CRO, Anti-Money Laundering), and analysed the incentive system for the most relevant staff and Personal Financial Advisors and Identified Staff supported by the opinion of the Compliance function.

control functions. With reference to the Internal Audit area, activities concerned the the planning of audits.

The Committee analysed the proposals submitted by the competent management structures also with regard to the areas of credit, concentration and market risk management, as well as operational and reputational risks, an activity that was developed continuously over the two half-year periods, also in response to a series of solicitations that emerged in the dialogue with the supervisor.

Among the guiding actions exercised in the area of risk management, mention should be made of the in-depth studies carried out in concert with the Head of Risk Management, as part of the monitoring of the progress of the Enhanced Risk Governance project, with regard to the possible evolution of models for the management of credit, market, operational and reputational risks, as well as the adjustments hypothesised with reference to the on-demand items model for the purposes of more effective monitoring of liquidity risks.

The Committee continuously monitored the status of internal controls, pointing out, inter alia

business development projects. Among other things, it carried out detailed investigations into the current state and future development of the staffing and skill mix of the control functions.

More specifically, during the first half of 2024, the Committee, in addition to carrying out its normal business, conducted numerous in-depth studies on specific topics. These include: the activity of monitoring the implementation of the areas for improvement provision of investment services and adaptations to the MIFID regulation and the inspection, initiated by the Bank of Italy in February 2023 and concluded on May 19, 2023, on compliance with the regulations on the fight against money laundering and terrorist financing. Monitoring activities continued in the second half of the year.

In addition, the measures planned by the Bank in response to the ECB supervisory initiatives (SREP letter, Recovery Plan) were discussed in detail by the Committee during the reporting period.

Following the Thematic review conducted by the ECB and aimed at verifying the effectiveness of the measures taken by the Bank on the subject of Risk Data Aggregation and Risk Reporting (RDARR), which involved FinecoBank as a Significant Institution, the Committee examined the adaptation plan prepared in response to supervisory expectations, monitoring its progress during periodic review sessions. 9.3 Head of the Internal Audit Function

The Committee continuously monitored the state of internal controls, pointing out, inter business development projects.

The Committee systematically reported to the Board of Directors on the supervisory, verification and examination activities carried out and the results thereof, providing its assessment of the design of the internal control system.

With reference to the assessment of the Internal Control System, the Committee made specific suggestions to define areas for its improvement, which were taken up by the Bank. charge of verifying that the internal control and risk management system is functional,

Thirteen Committee meetings have been scheduled for the current financial year, three of which have already been held as at the date of approval of this Report.

The Board of Directors has appointed the head of the internal audit function who is in adequate and consistent with the guidelines defined by the Board.

In particular, on May 6, 2019, the Board of Directors, in relation to the sale of the majority stake held by UniCredit, approved the insourcing of the internal audit function with effect from May 7, 2019, the simultaneous creation of the Internal Audit function, reporting directly to the Board of Directors, and the assignment of responsibility for the Internal Audit function to Ms. Patrizia Verdesca, previously appointed on March 7, 2017 as Head

of the Internal Audit function of FinecoBank in her role as CAE Chief Audit Executive of FinecoBank, with effect from March 13, 2017.

The Board of Directors determined the remuneration of the head of the Internal Audit function, in line with the company policies, and ensured that she had sufficient resources to carry out her duties.

Internal Audit performs independent and objective assurance verifications to assess, contribute to and improve the Internal Control System of FinecoBank and the Group, by assessing and improving the adequacy and effectiveness of the governance, risk management and control processes. It may also provide advisory services concerning the design and functioning of the internal control system, which, without compromising its independence, aim to provide added value and support the Bank in achieving its objectives. which was approved by the Board of Directors on August 1, 2023(25) - which sets out its

audit activities carried out by the competent units of the subsidiaries; in addition to the Parent Company, it also carries out on-site or remote audits on the Group companies. In particular, it coordinates and supervises the Internal Audit work carried out by the Internal Audit function of the subsidiary Fineco Asset Management DAC.

The Internal Audit function, in accordance with the Supervisory Regulations, is independent from the other corporate functions and reports hierarchically and functionally directly to the Board of Directors or through the Risk and Related Parties Committee. Audit Mandate mission, responsibilities, organisational positioning, independence, duties and authority. In accordance with external regulations(26), the Head of the Internal Audit function is not

The Internal Audit function has access to the information relevant to the performance of its duties.

responsible for any operational area; provides an annual assessment to the Board of Directors, as well as the Risk and Related Parties Committee, the Board of Statutory Auditors and the Managing Director and General Manager, of the adequacy and his/her mission and scope of responsibility, with the objective of assessing, providing l Control System.

⁽²⁵⁾ On January 21, 2025, incorporating the changes introduced by the new Global Internal Audit Standards issued by the Institute of Internal Auditors and which came into force on January 9,

⁽²⁶⁾ For the financial year, the reference in addition to the Supervisory Regulations is to Article 6, Recommendation 36 of the New Corporate Governance Code (prior to that the reference was to Application Criterion 7.C.5 of the Corporate Governance Code in force until December 31, 2020).

The Board of Directors, in its meeting of January 16, 2024, approved the audit plan prepared by the head of the Internal Audit function, with the favourable opinion of the Risk and Related Parties Committee, the Managing Director and General Manager, and after consulting the Board of Statutory Auditors. the Plan was subsequently supplemented by a resolution of the Board of Directors on November 5, 2024. It should also be noted that at its meeting of January 21, 2025, the Board of Directors approved the audit plan for 2025.

During the financial year, the head of the Internal Audit function:

verified, both on an ongoing basis and in relation to specific needs and in compliance with international standards, the functioning and the suitability of the internal control and risk management system according to the audit plan, approved by the Board and based on a structured process of analysis and prioritisation of the main risks. In particular, the Internal Audit function maintains its own Group Process Library and Audit Universe, which map all processes, operations, subsidiaries and any other elements relevant to the Group and the Bank respectively. During the financial year these were revised to align them with the operational and organisational changes that had taken place. In addition, a risk assessment was carried out on each element, taking into account all the available information (e.g. strategic and business importance, regulatory requirements, risk impacts, level one and level two controls, results of audits and any external checks/inspections, evaluation of outsourcer performance, etc.), to identify the residual risk and the audit need; the latter defines the frequency of internal audit activities to be carried out on each element of the Audit Universe.

At the same time, the Internal Audit function identified the main potential risks to the basis of professional judgement, on risk scenarios obtained from external sources, in Supervisory Authorities and external auditors, and the main risks reported by the

Based on the results of the risk assessment and the Group Risk Map, the main risks were prioritised and the annual and multi-year audit plans were defined, which, as indicated above, were submitted to the Board of Directors for approval;

prepared periodic (quarterly and annual) reports containing adequate information on its activity, on the ways in which risk management is conducted, as well as on compliance with the plans defined for the containment of risks, in addition to an assessment of the suitability of the internal control and risk management system, and sent them to the Chairmen of the Board of Statutory Auditors, the Risk and Related Parties Committee and the Board of Directors, as well as the Managing Director and General Manager;
amended the audit plan in response to significant events and requests made by the Governance and Control Bodies, including the Board of Statutory Auditors, transmitting the results of the audits in a timely manner to the Board of Statutory

Auditors, the Risk and Related Parties Committee, the Board of Directors and the Managing Director and General Manager;

verified, within the framework of the audit, the reliability of information systems, including accounting systems in the audit Management of Sundry Accounts Receivable and Creditor Outstanding Items in the controls carried out on the tests of Business Continuity and Disaster Recovery 2023, as well as through the standard checks on the adequacy of the support for the audited processes provided by the specific information systems used.

During 2024, the annual plan approved by the Board of Directors was completed (which envisaged in the area of processes the completion of 19 audits, as well as the conducting of 450 audits on the Personal Financial Advisor network), the mandatory annual reports were drawn up ((i) the report on the audit activities carried out in the year 2023 on investment services - as per Article 24 of EU Delegated Regulation 565/2017, ii) report requested by the Bank of Italy concerning the findings of the audits carried out in 2023 on the important operational or control functions outsourced, the deficiencies found and the consequent corrective actions taken, iii) report on the internal audit activities carried out in 2023), carried out, Management DAC). - Remuneration and incentive policies for staff and the sales network - ICAAP, Risk Appetite Framework and ILAAP - - Controls over significant outsourced operational - Global Audit: System Administrators management - MiFID: Implementation of the new MiFID questionnaire and classification/customer

The following audits were carried out on the processes included in the annual plan:

-

information
OSI Bank of Italy AML: verifying the implementation of planned corrective actions September 2023-June 2024)
Follow Up: Management of AML-related obligations and fulfilments
Product offering combined with financing
Checks performed on Business Continuity and Disaster Recovery Tests 2023 Report of the Internal Audit Function
Management of outstanding items Sundry debtors and creditors
Log management process
Interbank Deposit Guarantee Fund: Single Customer View (SCV) Framework
Foreign Exchange Trading Procedures on Foreign Exchange Transactions Executed by Customers - Digital Operational Resilience Act (DORA) - Project participation
Whistleblowing Process
Review of the annual validation report on algorithmic trading systems

Supervision in Resolution
Management of Certificates issued by the Bank
Debit card management processes and related complaints.

planned for 2024. 9.4 Organisational model pursuant to Legislative Decree 231/2001

Model Provisions for the administrative liability of company bodies, Companies and associations also without legal status Legislative Decree 231/2001 regulations and the current version was approved by the Board of Directors by resolution of May 10, 2022. (i) a general part, divided into seven chapters, which describes the following: the

Currently, the Model is comprised of:

- scope and purposes of the Model; the applicable regulatory framework; the description of the management and control system adopted by FinecoBank to mitigate the risk of commission of offences pursuant to Legislative Decree 231/2001; the functioning of the body appointed to supervise the functioning of and compliance with the Model; the disciplinary system and related penalties; the information and training plan to be adopted in order to guarantee knowledge of the measures and instructions of the Model; the criteria for updating and adapting the Model; (ii) a special part, containing the decision protocols.

The Model includes the following attachments, which are an integral part of it:

List of predicate offences and individual criminal offences
Code of ethics pursuant to Legislative Decree 231/01 recipients is always based on criteria of fairness, collaboration, loyalty, transparency and mutual respect, and also to avoid conduct that may constitute the criminal offences and predicate administrative offences;
Information flows to the Supervisory Committee

In addition, on May 11, 2012, the Board of Directors resolved to adopt the Group Integrity Charter and Code of Conduct (last updated by resolution of July 14, 2023). The Code

services and employment, identifying the fundamental principles of conduct for those working for the company. The Code therefore concerns all persons performing activities on behalf of the Company: members of supervisory, management and control bodies of the Company, employees, Personal Financial Advisors authorised to offer their services outside their registered office, outsourcers.

In accordance with provisions in Article 6, paragraph 1 of Legislative Decree 231/2001, the Company has also established a specific body Committee continual updating.	Supervisory
For this purpose, the Supervisory Committee, among other things: (i) powers to act and carry out controls, and independent spending powers;(ii) provides the Board of Directors, on an annual basis, a written report on the implementation status of the Model, and in particular, on controls carried out and on critical aspects and anomalies identified.	has independent periodically (iii)
The term of office of the members of the Committee is the same as the Board of Directors which appointed it and its members can be re-elected.
The current Supervisory Board was appointed by resolution of the Board of Directors on April 27, 2023, for a term of three years (2023-2025). At the date of approval of this Report, the composition of the Supervisory Board was as follows.
GIVEN NAME AND SURNAME	POSITION
Marianna Li Calzi	External member (Chairman)
Salvatore Messina	External Member
Patrizia Verdesca	Head of Internal Audit
website: www.finecobank.com at https://images.finecobank.com/docs/pdf/pub/corporate/governance/modello organizzazione-gestione.pdf	the following link
9.5 Auditing Firm
In accordance with the regulatory provisions, FinecoBank considers the statutory External Auditors Control System.

As also provided for by Legislative Decree no. 39 of January 27, 2010 and Regulation (EU) 537/2014, the auditing firm expresses its opinion on the annual financial statements and consolidated financial statements on an annual basis, in a special report, including an opinion on the consistency of the management report with the financial statements

and its compliance with the law, illustrates the results of the statutory audit and verifies, during the course of the financial year, that the company accounts are properly kept and that the operating events are correctly recorded in the accounting records.

The external auditing firm, again in accordance with the provisions of Legislative Decree 39, of January 27, 2010, and Regulation (EU) 537/2014, submit a report to the Board of Statutory Auditors on the key issues that emerged during the independent audit and in particular on any deficiencies found in the Internal Control System in relation to the financial reporting process.

In addition, the auditing firm expresses its conclusions in a special report on the compliance of sustainability reporting with the provisions of the legislative decree adopted in implementation of Article 13 of Law no. 15, which regulate its drafting criteria, compliance with the sustainability reporting obligation set forth in Articles 3(10) and 4(9) of the aforementioned decree, as well as on compliance with the disclosure obligations set forth in Article 8 of Regulation (EU) 2020/852 of the European Parliament and of the Council of June 18, 2020. statements of FinecoBank Group comply with the rules governing their

assigned the engagement to KPMG S.p.A., pursuant to Article 13, paragraph 1 of Legislative Decree no. 39, of January 27, 2010, 2030. In particular, the independent audit engagement involves verifying:

that the financial statements of FinecoBank S.p.A. and the consolidated financial preparation and that they give a true and fair view of the financial position and results of operations for the financial year;
during the course of the financial year, that the company accounts have been properly kept and operating events have been correctly recorded in FinecoBank

KPMG S.p.A. has also been awarded the engagement to carry out the voluntary audit, which includes:

issuing the provisional attestation letter on the annual accounting schedules consolidated financial statements, related to the audit work carried out for the inclusion of the profit for the year in the calculation of Common Equity Tier 1 capital, as required by Article 26, paragraph 2, letter a) of Regulation (EU) No. 575/2013 of the European Parliament and of the Council, before the adoption of a formal decision to confirm the final result for the year;
the limited audit of the condensed consolidated half-yearly financial statements for the half years ending June 30, 2022 to June 30, 2030;
the limited audit of the individual financial statements prepared for the -yearly results, for the half years ending June 30, Tier 1 capital as at June 30 as required by Regulation (EU) 575/2013 of the European Parliament and of the Council;

a limited audit of the individual and consolidated financial statements prepared -month periods ending March 31, 2022 to March 31, 2030 and for the 9-month periods ending September 30, 2022 to September 30, 2030, for the calculation of the Common Equity Tier 1 capital, as required by Regulation (EU) 575/2013 of the European Parliament and of the Council.

The same company KPMG S.p.A. was also entrusted, on the basis of the Framework Agreement of December 20, 2021 and subsequent letter of engagement for the limited examination of the DNF dated May 18, 2022, with the task of carrying out for the financial yea of the Consolidated Declaration of Non-Financial Nature of the FinecoBank Group pursuant to Article 3(10) of Legislative Decree 254/2016. Following the entry into force on September 25, 2024 of Legislative Decree 125/2024 (which implements Directive 2022/2464/EU of the European Parliament and of the Council of December 14, 2022 the so-called CSRD Directive - on corporate sustainability reporting), the aforementioned assignment conferred on KPMG continued for the purposes of the limited examination of sustainability reporting, pursuant to Article 18 of the same Legislative Decree 125/2024 in force, pursuant to which the non-financial statement compliance attestation engagements conferred pursuant to Article 3(10) of Legislative Decree 254/2016 remain valid until the agreed expiry date for the purpose of carrying out the sustainability reporting compliance attestation activity, except for the possibility of an early termination and the assignment of a new engagement. 9.6 Financial Reporting Officer established, by means of resolution of September 17, 2024, that the appointment would

In accordance with the provisions of Article 154-bis, first paragraph, of the TUF and Article 28 of the Articles of Association, the Board of Directors, by means of resolution of June 11, 2024, after obtaining the favourable opinion of the Board of Statutory Auditors, appointed Mr. Erick Vecchi (Head of Administration and Reporting of the Supervisory Meeting called to approve the financial statements as at December 31, 2025 and take effect as of September 18, 2024.

As of the effective date of the aforesaid appointment of Mr. Erick Vecchi, the effects of the appointment of Ms. Lorena Pelliciari (Chief Financial Officer of the Bank), who had been confirmed for a three-year term as the Company's Executive in Charge by resolution of the Board of Directors of April 27, 2023, subject to the favourable opinion of the Board of Statutory Auditors, ceased.

As established by Article 28 of the Articles of Association and subject to the mandatory opinion of the Board of Statutory Auditors, the Board of Directors appoints the Financial Reporting Officer, pursuant to Article 154-bis of the TUF.

The Financial Reporting Officer is chosen by the Board of Directors from among the specific competence, in administrative and accounting terms, in credit, financial,

securities or insurance matters. This expertise, to be verified by the Board of Directors, must be gained from professional experience in a position of adequate responsibility for a suitable period and in enterprises comparable to the Company. The Financial Reporting Officer must also meet the good standing requirements laid down by the applicable regulations for positions indicated in the Articles of Association. If the Officer no longer meets the good standing requirements, he/she shall be removed from office. tasks provided for by current legislation; also granted her - for the purpose of performing

competence and many years of experience, gained in positions of appropriate responsibility, in administrative and accounting matters in the areas of credit, finance, securities or insurance. She therefore meets the professional standing requirements established in Article 28 of the Articles of Association.

It should be noted that Ms. Pelliciari was also recognised as meeting the requirements of professionalism set forth in Article 28 of the Articles of Association, as she had accrued re, had the and financial documents. her duties as Financial Reporting Officer - the following powers: (i) unrestricted access to all information considered relevant for her duties within the (ii) taking part in Board Meetings dealing with matters in her area of responsibility; (iv) approving company procedures, when they have an impact on the financial (vi) using the Internal Auditing function to map and analyse processes within its area

The Board of Directors has entrusted the Company's Financial Reporting Officer with the

- Company;

(iii)
statements or other documents that are certified;
(v) financial position and performance;
of responsibility and in the execution of specific controls;
(vii) using IT systems; (viii) power to prepare, also with the help of external consultants, the relevant procedures: (a) the standardisation of information flows to the same Financial Reporting Officer and (b) the preparation of the annual financial statements, the consolidated financial statements and any other communication of a financial nature.

Lastly, the Board of Directors has granted the Financial Reporting Officer all the powers necessary, or merely appropriate, to carry out the tasks assigned to her on the basis of the applicable regulations, and has established, for the purpose of the exercise of its supervisory powers, that the Financial Reporting Officer shall report at least quarterly to

the Board of Directors on activities carried out, as well as any critical aspects identified.

Financial and non-financial reporting process

With regard to the main characteristics of the Internal Control and Risk System in relation to financial reporting, including the reporting of consolidated information, in accordance with Article 154-bis of the TUF, the Financial Reporting Officer of FinecoBank is responsible for (i) setting up appropriate administrative and accounting procedures for the preparation of the separate and consolidated financial statements, as well as all other forms of financial reporting; (ii) including a written statement with the documents and notices required by law or disclosed to the market, containing information and data on the financial position and performance of the Company, declaring that this information and data is accurate; (iii) arranging for the preparation of the financial statements, interim reporting; and (iv) within his/her areas of responsibility, representing the Bank in relations with the international financial community.

The Financial Reporting Officer, along with the Managing Director and General Manager, in a report on the financial statements (including the consolidated financial statements) and condensed half-year financial statements must also certify:

the adequacy and actual adoption of administrative and accounting procedures in the course of the period to which the document refers;
compliance with applicable international accounting standards endorsed by the European Community pursuant to Regulation (EC) no. 1606/2002;
the consistency of the results of the books and the accounting records;
the suitability of the documents to provide a true and fair representation of the equity, economic and financial situation of the Company and of all the companies included in the consolidation;
for the annual financial statements and for the consolidated financial statements, that the management report includes a reliable analysis of the development and results of operations, as well as the situation of the Company and of all the companies included in the consolidation, together with a description of the main risks and uncertainties to which it is exposed;
for the condensed half-yearly financial statements, that the interim management report contains a reliable analysis of the information related to the important events that occurred in the first six months of the financial year and their impact on the condensed half-yearly financial statements, together with a description of the main risks and uncertainties for the remaining six months of the financial year and information on material transactions with related parties.

With reference to the Internal Control System in relation to the sustainability reporting obligations set forth in the Legislative Decree adopted in implementation of Article 13 of Law No. 15 of February 21, 2024, in accordance with the provisions of Article 154-bis of the TUF, the Executive in Charge must certify, jointly with the Managing Director and General Manager, in a specific report, that the sustainability reporting included in the

management report has been prepared in accordance with the reporting standards applied pursuant to Directive 2013/34/EU of the European Parliament and of the Council of June 26, 2013 and the legislative decree adopted in implementation of Article 13 of Law no. 15, of February 21, 2024, and with the specifications adopted pursuant to Article 8(4) of Regulation (EU) 2020/852 of the European Parliament and of the Council of June 18, 2020. 9.7 Coordination between the parties involved in the internal control and risk

As established by Article 28 of the Articles of Association, the Board of Directors ensures that the Financial Reporting Officer has adequate powers and resources to carry out the duties assigned to her by the applicable regulations, and to comply with administrative and accounting procedures. In carrying out her duties, the Financial Reporting Officer may be assisted by all Bank units.

management system

Procedures for interaction between the corporate functions and bodies involved in the risk management and control system have been designed to prevent overlapping or gaps as far as possible, or to alter, also in substance, the main responsibilities of the corporate bodies concerning the risk management and control system.

The proper functioning of the Internal Control System is based on effective interaction in performing their duties (of providing guidelines, implementation, review and evaluations) between the corporate bodies, their internal committees, the corporate control functions, the external auditors, and the control functions.

Specifically, the Bank has established forms of cooperation and coordination between the control functions, through specific formalised information flows on internal regulations and through managerial committees dedicated to control issues. In order to formalise existing coordination practices, with a view to an increasingly integrated and Control Functions Coordination Committee - made up of the Head of Internal Audit, who acts as Chairman, the Head of Compliance, the Head of the Anti-Money Laundering and Anti-Corruption Function, the Data Protection Officer (DPO), the Chief Risk Officer (CRO), the Chief Internal Validation and the Financial Reporting Officer - has the task of guaranteeing the integration and connection between the Control Functions, in order to coordinate the mitigation paths of the risks detected by Committee prepares integrated reports of the Control Functions, identifying the main risks to which the Bank and the Group are exposed. - participation in the process of definition and/or updating of internal regulations in

Interaction between level two and level three control functions is part of a more general framework of ongoing, proactive cooperation, which is mainly formalised in specific regulations/internal regulations and includes:

relation to risks and controls;

the exchange of information flows, documents or data, as well as access to all resources or company information in line with the control requirements of functions; - in the preparation of an integrated plan for control functions; - involvement in board and managerial committees, systematically or on request;

issues.

involvement in working groups, which are set up from time to time for risk and control The ultimate purpose of the interaction between the control functions and continual reporting by them to the corporate bodies is to establish a corporate governance system that guarantees sound and prudent management, also through more effective monitoring of risk, at all company levels. - coordination and cooperation procedures; - application of the Group coordination model defined as part of the management and - coordination and cooperation information flows.

Within FinecoBank, the coordination between the corporate bodies and control functions consists of:

coordination performed by the Parent Company;

Without prejudice to their mutual independence and respective roles, operating procedures are defined to foster forms of coordination between the corporate control functions and the supervisory functions in specific areas, as well as cooperation and liaison between the corporate control functions and between them and the Corporate Bodies, in order to develop control methods in line with the corporate strategies and operations.

A series of coordination activities related to the Internal Control System implemented as part of the ordinary work of the committees.

In order to ensure the coordination and interaction between the various functions and bodies with control tasks (provided for by corporate, accounting or supervisory regulations), in accordance with the Provisions referred to in Bank of Italy Circular no. Document of the Bodies and Functions with Control Tasks the Board of Directors, after examination by the Risk and Related Parties Committee, has been defined and kept updated over time. The document specifies the tasks, responsibilities of the various bodies and control functions and the methods of coordination/collaboration, as well as the information flows exchanged between them as set out in the Supervisory Provisions on Corporate Governance; this document is circulated to all the structures concerned. During the year, the document was updated mainly to incorporate organisational changes since the last version of the previous document (change of hierarchical reporting of the Anti-Money Laundering and Anti-Corruption Department; nomination of the new Financial Reporting Officer (Nominated Official in charge of drawing up company accounts); evolution of the data governance

model; introduction of direct supervision of Compliance in the areas of artificial intelligence and business continuity).

DIRECTORS' INTERESTS AND RELATED-PARTY TRANSACTIONS The Board Of Directors, after obtaining the favourable opinion of the Risk and Related Parties Committee and Board of Statutory Auditors, adopted the Global Policy governing transactions with:
related parties in accordance with the Related-Party Regulations;
associated persons in accordance with the Supervisory Regulations (Part Three, Chapter 11);
bank corporate officers in accordance with Article 136 of the TUB;
other entities identified by the Bank on a discretionary basis.
components of the perimeter pursuant to Article 88 of the CRD.

The Board of Directors, again with the prior favourable opinion of the Risk and Related Parties Committee and the Board of Statutory Auditors, lastly updated the Global Policy on September 17, 2024, making the necessary adjustments in light of the appointment of a new Financial Reporting Officer (Nominated official in charge of drawing up company accounts). - the identification, updating and ongoing monitoring of persons in potential conflict of - the management of transactions with persons in potential conflict of interest, with It also sets out the:

The Global Policy addresses governance issues, the scope of the procedures and the procedural and organisational profiles relating to managing transactions with persons in potential conflict of interest in accordance with the applicable regulations abovementioned, as regards the operations of the Parent Company and the other FinecoBank Group companies (i.e. currently solely the subsidiary FAM). - procedures for the management of transactions with persons in potential conflict of - organisational units of FinecoBank involved and their role; - internal and external information flows, also to the market;

The Global Policy describes the activities concerning:

interest; and
regard to, among others, the management of the approval process, the disclosure requirements and transparency.

- interest;

-

monitoring and control activities and methods for updating the Global Policy. With reference to FinecoBank, the related parties within the meaning of the Related Parties Regulation, the connected persons within the meaning of the Supervisory Provisions (Part Three, Chapter 11), as well as the additional persons in potential conflict of interest identified on a discretionary basis by the Bank, constitute the so-called FinecoBank Perimeter

consisted of the Parent Company and only the subsidiary Fineco Asset Management DAC, to which the definition of Supervised Intermediary was applied on a voluntary basis, of the FinecoBank Perimeter (as bank and listed issuer) and the perimeter of the subsidiary Fineco Asset Management DAC.

In compliance with the Related-Party Regulations and the Supervisory Regulations (Part Three, Chapter 11), the Global Policy identifies and distinguishes, based on the materiality threshold, between material transactions, non-material transactions and minor transactions.

requires specific information flows to:

FinecoBank Oversight Unit;
Board of Directors and Board of Statutory Auditors;
Risk and Related Parties Committee;
Compliance Function;
Chief Financial Officer and Financial Reporting Officer.

Perimeter of Bank Corporate Officers pursuant to Article 136 of the TUB transactions carried out with persons having access to Inside Information pursuant to Article 136 of the TUB (i.e. directors including the Managing Director and General Manager and Statutory Auditors standing and alternate as well as certain persons potentially related to them). Pursuant to Article 136 of the TUB, bank corporate officers (or persons potentially related to them) may not enter into obligations of any kind or perform acts of sale or purchase, directly or indirectly, with the bank that they manage, direct or control unless a unanimous resolution of the Board of Directors and the favourable vote of all the members of the Board of Statutory Auditors has been passed, and transactions with related parties and associated persons.

The full text of the Global Policy, to which reference should be made for further details, www.finecobank.com About Us/Corporate/Governance/Related Parties and Associated Persons

Lastly, in compliance with the CONSOB instructions and guidelines contained in Communication no. DEM/10078683 of September 24, 2010, in order to adopt the Related-Party Regulations, the Company has assigned its Risk and Related Parties Committee the functions of the related-parties committee. For details of the composition, functioning and duties of the aforementioned Committee, as well as the main activities carried out in the financial year, please see Section 9.2 above.

* * *

Without prejudice to the above, directors are also subject to the provisions of Article 239rm the other members of the Board of Directors and the Board of Statutory Auditors of any interest which, on his/her own behalf or on behalf of third parties, he/she may have in a particular transaction of the company, specifying the nature, terms, origin and extent. The related resolution of the Board must adequately justify the reasons and advantages for the Company of the transaction, without prejudice to any other provisions of law or regulations applicable on the subject.

BOARD OF STATUTORY AUDITORS 11.1 Appointment and Replacement of Statutory Auditors In compliance with laws and regulations applicable to listed companies, Article 23 of the Articles of Association requires the Board of Statutory Auditors to be appointed by the list shall contain the names of the candidates numbered progressively), according to the procedure described below.

Pursuant to Article 23, paragraph 2, of the Articles of Association, the Statutory Auditors must be suitable to hold the office, in accordance with the provisions of the regulations pro tempore in force and the Articles of Association and, in particular, they must meet the requirements of professionalism, good repute and independence and comply with the criteria of competence, fairness and dedication of time and the specific limits on the number of positions held as set out by regulations pro tempore in force and by the Articles of Association and in any case those set out by the European Directive no. 36 of June 26, 2013 (CRD IV).

The Statutory Auditors, in addition to the independence requirements provided for by the legislation in force at the time, must satisfy the independence requirements provided for by Article 13, paragraph 3, of the Articles of Association and, therefore, must satisfy the independence requirements set forth in the New Corporate Governance Code.

Shareholders can submit a list for the appointment of Statutory Auditors, provided that when they submit the list they hold, alone or in conjunction with other presenting shareholders, at least the minimum percentage of share capital established by the laws and regulations in force at the time. CONSOB, in its Executive Resolution by the Head of the Corporate Governance Division no. 123 of January 28, 2025, set the minimum shareholding required for FinecoBank to submit lists of candidates for election to the Board of Directors and Board of Statutory Auditors at 1% of share capital.

Ownership of the minimum shareholding required is calculated based on the shares registered for each shareholder on the day when the lists are filed at the Company; the related certification may be submitted after the lists have been filed, provided that it is done within the deadline for publication of the lists.

Each party entitled to vote (as well as (i) entitled persons belonging to the same group, intended as a party, which need not be a corporation, exercising control pursuant to Article 2359 of the Civil Code and any subsidiary controlled by, or under the control of the said party, or (ii) Article 122 of the TUF, or (iii) entitled persons who are otherwise associated with each other in a material relationship pursuant to current and applicable statutory or regulatory provisions) may submit individually or with others only one list, just like each candidate can be included in only one list, or otherwise be considered ineligible.

Lists are divided in two sections, containing respectively up to three candidates for the position of Statutory Auditor and up to two candidates for the position of Stand-in Statutory Auditor.

At least the first two candidates for the position of Statutory Auditor and the first candidate for the position of Stand-in Statutory Auditor in the respective lists must be entered in the Register of Auditors and have experience as statutory auditors.

Each list for the position of Statutory Auditor and Stand-in Auditor must include a number of candidates of the less represented gender such that the list satisfies at least the minimum gender balance required by the applicable laws and regulations(27) .

In order to be valid, the lists must be filed at the Registered Office or Head Office, also by means of remote communication and in accordance with procedures stated in the notice of call which allows for the identification of parties filing the lists, no later than twentydeadline according to applicable laws) and must be made available to the public at the ovided for under current laws at least twenty-Meeting (or within a different deadline according to applicable laws). (a) 2 (two) Statutory Auditors and 1 (one) Stand-in Auditor are taken from the list that (b) the remaining Statutory Auditor and Stand-in Auditor are taken from the list that

Minority shareholders who are not affiliated with the Shareholders concerned shall be entitled to extend the deadline for submitting lists in the circumstances and according to the procedures in applicable laws and regulations.

Each eligible voter may vote for one list only.

The members of the Board of Statutory Auditors are elected as follows:

has received the highest number of votes cast by entitled persons, in the order in which they appear on the list;
has received the most votes after the one referred to in (a) and the first candidates of the relevant section are appointed as the Statutory Auditor and Stand-in Auditor, respectively.

The Chairmanship of the Board of Statutory Auditors will go to the first candidate of the minority list of Statutory Auditors receiving the most votes.

If, in accordance with the deadlines and procedures set forth above, only one list or no list has been submitted, or the lists do not contain the required number of candidates to ment or completion of the Board of Statutory Auditors by relative majority. If there is a tie vote between several candidates, a runoff election is held between them with a further vote ensure corporate bodies made up of three members, for which the rounding takes place by default to the

⁽²⁷⁾ Resolution no. 21359 of 13 May 2020, amended Article 144-undecies.1 of the Issuer Where the application of gender division criteria does not result in a whole number of members of the management or control body belonging to the least represented gender, this number is rounded up, except for the .

compliance with the provisions of applicable laws and regulations concerning gender balance.

In the event of death, resignation, withdrawal or removal from office for any other reason of a Statutory Auditor, he/she shall be replaced by the Stand-in Statutory Auditor, from the same list as the outgoing Auditor, in the order in which they appear on the list, in compliance with the minimum number of members entered in the Register of Auditors who have been engaged in auditing activities, and in adherence to gender equality principles. If this is not possible, the outgoing Auditor shall be replaced by the Stand-in Statutory Auditor meeting the specified requirements, taken from the minority list that received the most votes, according to the order in which they appear on the list. Where the appointment of Statutory Auditors is not carried out using the list voting system, the Stand-in Statutory Auditor shall take over pursuant to statutory provisions. If it is necessary to replace the Chairman, the Stand-in Statutory Auditor taking over shall also serve as Chairman. The Shareholders appoint or replace Statutory Auditors in meetings called in accordance with Article 2401, paragraph 1 of the Civil Code in compliance with the principle of adequate representation of minority shareholders and gender balance. Where the appointment of the Stand-in Statutory Auditor to replace the Statutory Auditor Stand-in Auditor.

Pursuant to the Corporate Bodies Regulations, the composition of the Board of Statutory Auditors must be gender balanced as provided for by the laws in force at the time, as well as reflect an adequate degree of diversification in terms of, inter alia, skills, experience, age and international exposure, which will be defined, at each renewal, following completion of the self-assessment process of the Board of Directors (described in Annex A of the Corporate Bodies Regulations) and communicated to Shareholders and the market through the publication of the document on the qualitative and quantitative composition of the Board. 11.2. Composition and Functioning of the Board of Statutory Auditors (pursuant (a) professional activities as a certified public accountant or lawyer, rendered primarily (b) performing university teaching on subjects relating to in the legal field banking,

to Article 123-bis(2)(d) and (d-bis) of the TUF)

Pursuant to Article 23 of the Articles of Association and in compliance with current rules and regulations, at least 2 Statutory Auditors and 1 Stand-in Auditor must have been entered in the Register of Auditors for at least three years and have at least t experience as a statutory auditor. Statutory Auditors who are not entered in the Register

to the banking, insurance and financial sectors;
commercial, tax and financial markets law and in the business/finance field banking operations, business economics, accountancy, economics of the securities market, economics of financial and international markets, corporate

finance;

(c) performing managerial duties in public entities or public administrations, in the credit, financial and insurance sector or in the provision of investment services or in collective asset management, as both defined by the TUF.

Pursuant to the Articles of Association in force as at the date of this Report, the Statutory Auditors must be suitable to hold the position, in accordance with the provisions of the legislation in force at the time and the Articles of Association and, in particular, they must meet the requirements of professional expertise, integrity and independence and comply with the criteria of competence, correctness and dedication of time and the specific limits on the number of positions held as set out by legislation in force at the time and by the Articles of Association and in any event those set out by the European Directive no. 36 of June 26, 2013 (CRD IV)(28) legislation in force at the time, must satisfy the independence requirements provided for

. The Statutory Auditors, in addition to the independence requirements provided for by the by Article 13, paragraph 3, of the Articles of Association.

In addition, the Statutory Auditors of FinecoBank must meet the independence requirements set forth in Article 2, paragraph 7, of the New Corporate Governance Code as well as the requirements set forth in Article 148, paragraph 3, of the TUF.

In application of Article 144-novies of the Issuer Regulations and the above New Corporate Governance Code, the satisfaction of the above requirements by the members of the Board of Statutory Auditors is assessed by the competent body: (i) following appointment, the outcome of which is disclosed to the market by means of a press release; (ii) on an annual basis, reporting the results thereof in the annual corporate governance report.

of the financial statements for the year 2025.

The appointment was made based on a list voting system, pursuant to Article 23 of the Articles of Association and in compliance with applicable laws and regulations. Specifically, a list of candidates was submitted by several asset management companies and institutional investors (owners of a total of 11,650,760 ordinary shares representing 1.90959% of the share capital), which nominated the following: (b) Luisa Marina Pasotti, Massimo Gatto and Giacomo Ramenghi for the position of Statutory Auditor. (b) Lucia Montecamozzo and Marco Salvatore for the position of Stand-in Auditor. (i) a statement from shareholders other than shareholders that hold, also jointly, a

Together with the list, the following documentation was also filed and published according to the prescribed terms and procedures:

⁽²⁸⁾The requirements and eligibility criteria to be met by bank representatives are governed by Ministerial Decree 169/2020, also taking into account further relevant regulations issued at European level.

controlling or relative majority interest, certifying the absence of any connection and/or significant relations with the latter as provided for by Article 147-ter, paragraph 3 of the TUF and Article 144-quinquies of the Issuer Regulations, having also taken note of the CONSOB recommendations in its Communication no. DEM/9017893 of February 26, 2009; (ii) comprehensive information on the personal and professional characteristics of the

candidates included in the list (curriculum vitae and the list of administration, management and control positions they hold in other companies, relevant under law);
(iii) statements whereby individual candidates irrevocably accepted the position (subject to their appointment) and certified, under their responsibility, that there were no grounds for their ineligibility or incompatibility to stand as a candidate, and that they met the requirements of applicable laws, regulatory provisions, the Articles of Association and the Corporate Governance Code. (iv) information regarding the identity of the members who presented the lists, with an
indication of the total percentage shareholding.

The list, website

The Shareholders' Meeting of April 27, 2023 then appointed the Board of Statutory Auditors (consisting of three Standing Auditors and two Alternate Auditors), for the financial years 2023-2025, in the persons of Luisa Marina Pasotti, Massimo Gatto and Giacomo Ramenghi, as Standing Statutory Auditors, and Lucia Montecamozzo and Marco Salvatore, as Stand-in Auditors.

For details of the percentage votes for the above list with respect to voting capital, see About

Board of Directors and the recommendations from the Remuneration Committee, to set the annual remuneration of the Chairman of the Board of Statutory Auditors at Directors. In this context, the remuneration is commensurate with the commitment required, the relevance of the role covered, as well as the size and sector characteristics transition, as of January 1, 2022, under the direct supervision of the European Central Bank following its classification as a Significant Institution pursuant to Article 6(4) of Regulation (EU) no. 1024/2013, which has led to a progressive increase in organisational, operational and business complexity, in line, moreover, with the provisions of the defined below).

Position	Members	Born in	Date of first appointmen t (*)	In office since	In office until	List (**)	Indep . New Corp orate Gove rnanc e Code	Participatio n in Board of Statutory meetings (***)	Number of other positions (****)
Chairman	Luisa Marina Pasotti	1961	April 28, 2020	April 27, 2023	Sharehold Meeting approval of the Financial Statement s as at December 31, 2025	n/a	X	46/46 (100%)	(29) 4
Statutory Auditor	Massimo Gatto	1963	April 28, 2020	April 27, 2023	Sharehold Meeting approval of the Financial Statement s as at December 31, 2025	n/a	X	46/46 (100%)	(30) 2
Statutory Auditor	Giacomo Ramenghi	1970	April 28, 2020	April 27, 2023	Sharehold Meeting approval of the Financial Statement s as at December 31, 2025	n/a	X	46/46 (100%)	(31) 5
Stand-in Auditor	Lucia Montecam ozzo	1966	April 28, 2021	April 27, 2023	Sharehold Meeting approval of the Financial	n/a	X	n/a	n/a

⁽²⁹⁾ Ms. Luisa Marina Pasotti holds the following other positions in commercial companies: Chairwoman of the Board of Statutory Auditors of Marelli e Pozzi S.p.A., Standing Auditor of Servizi Aerei S.p.A., Standing Auditor of Pizzardi S.r.l. and Chairwoman of the Board of Statutory Auditors of ENI Insurance S.p.A.

⁽³⁰⁾ Mr. Massimo Gatto holds the following other positions in commercial companies: Chairman of the Board of Statutory Auditors of MARR S.p.A. and Standing Auditor of Sace BT S.p.A.

⁽³¹⁾ Mr. Giacomo Ramengh holds the following other positions in trading companies: Statutory Auditor of Prometeia S.p.A., Statutory Auditor of Prometeia Advisors SIM S.p.A., Statutory Auditor of MSC Società di Partecipazione tra Lavoratori S.p.A., Statutory Auditor of Rekeep S.p.A. and Statutory Auditor of Automobili Lamborghini S.p.A.

					Statement s as at December 31, 2025
Stand-in Auditor	Marco Salvatore	1965	April 27, 2023	April 27, 2023	Sharehold Meeting approval of the Financial Statement s as at December 31, 2025	n/a	X	n/a	n/a
			STATUTORY AUDITORS LEAVING OFFICE DURING THE YEAR
/	/	/	/	/	/		/	/	/
			Indicate the number of meetings held during the financial year: 46
Quorum () (*)	member from the minority list).		required for the submission of lists for the last appointment: 1% The date of first appointment of each Statutory Auditor means the date when the statutory auditor was appointed for the first time (ever) to the Board of Statutory Auditors of the Company.			M			m
(***)			This column indicates the participation of the statutory auditors in the meetings of the Board of Statutory Auditors (indicating the number of meetings attended compared to the total number of meetings that could have been attended; 6/8;

8/8, etc.). (****) With reference to the number of offices held by the persons concerned pursuant to Article 148-bis of the TUF and the related implementing provisions contained in the Regulation on Issuers, please refer to the list of offices published by

Pursuant to the Regulation of Corporate Bodies, the Board of Statutory Auditors meets at the registered office or elsewhere, in Italy or abroad, as a rule at least once a month, as well as all the times when the Chairperson deems it necessary.

CONSOB on its website pursuant to Article 144-quinquiesdecies of the CONSOB Regulation on Issuers. ***

Notice of the convocation must be sent reasonably in advance, except in cases of urgency, to all Standing Statutory Auditors.

In order to ensure informed and aware participation, the notice must state the agenda items for debate, unless special confidentiality-related reasons apply. Furthermore, as a rule, the Chairman shall make available to the Statutory Auditors, at least forty-eight hours before the meeting, the appropriate supporting proposal documentation in support of the motions, and any other information needed so that the Directors may express an informed opinion on the issues under discussion.

The scheduling of the work of the Board, placed on the agenda from time to time, is the responsibility of the Chairperson, in consultation with the other Statutory Auditors.

If deemed appropriate by the Chairman of the Board of Statutory Auditors, Board meetings may be held via telecommunications links, provided that each attendee can be identified by all the other attendees, can immediately take part in the discussion and can also receive, send and view documents.

Staff members of the Bank and, where appropriate, of the Group may be invited to attend the meetings of the Board, also in order to report, if requested, on particular topics.

The communications made at the meeting and the resolutions passed by the Board are recorded in minutes transcribed in a special book, signed by the Chair of the meeting and the other Statutory Auditors ( in case of absence). These minutes remain available for inspection at the request of each of the authorisation of the Chairperson of the Board of Statutory Auditors.

The Board of Statutory Auditors is duly constituted with the presence of the majority of the Statutory Auditors and passes resolutions by an absolute majority of those present.

11.2.1 Diversity criteria and policies

With regard to the diversity criteria and policies in the composition of the Board of Statutory Auditors, the Corporate Bodies Regulations establish that the composition of the Board of Statutory Auditors must be gender balanced as provided for by the laws in force at the time, as well as reflect an adequate degree of diversification in terms of, inter alia, skills, experience, age and international exposure, which will be defined, at each renewal, following completion of the self-assessment process of the and communicated to shareholders and the market through the publication of the document on the qualitative and quantitative composition of the Board.

Subject to the applicable laws and regulations, on March 13, 2023, the Board of Statutory Auditors approved the above-mentioned Qualitative/Quantitative Profile of the Board for the renewal of the Board, which contains the general guidelines on structure, composition and diversity, both in terms of gender and age and previous professional experience. The Qualitative/Quantitative Profile of the Board has also been drafted taking into account the provisions of the BCE Guidelines, the Joint EBA and ESMA Guidelines and the EBA Guidelines on Internal Governance. The document is available Bank About Us/Governance/Documents

In line with the above, a breakdown of the members in office of the Board of Statutory Auditors by age and gender is provided below.

* * *

The members of the Board of Statutory Auditors meet the requirements of applicable laws and regulations.

With regard to the personal and professional characteristics of each Statutory Auditor, please refer to the curricula vitae website www.finecobank.com (section "About Us/Corporate/Governance").

The members of the Board of Statutory Auditors have not provided advisory services to the Issuer.

After its appointment, the Board of Statutory Auditors verified, among other things, that each member met the independence requirements of the TUF pursuant to Ministerial Decree 169/2020 and the New Corporate Governance Code and sent the results to the Board of Directors. In particular, with regard to the existence of the independence requirements, no further criteria were applied with respect to those provided for by Article 148(3) of the TUF, by any applicable sector regulations, by Ministerial Decree 169/2020 and by the New Corporate Governance Code, as stated in the FinecoBank Articles of Association. The results of the above verifications were published in a press release to the market.

During the course of the financial year, on March 8, 2024, the Board of Statutory Auditors carried out the annual verification of the independence requirements provided for by the legislation and regulations in force, as well as the New Corporate Governance Code, and forwarded the results of these verifications to the Board of Directors.

It should be noted that also during the 2025 financial year, the Board of Statutory Auditors verified the independence of its members (meeting of March 5, 2025), transmitting the positive outcome of its verifications to the Board of Directors.

The information provided by each member of the control body, and other information otherwise available, was taken into account for the purpose of assessing the existence of the independence requirements.

With regard to the application of materiality criteria and thresholds with reference to financial, business and professional relationships (as well as to assumptions of additional remuneration) for the purpose of assessing independence, please refer to Section 4.7 Criteria and materiality thresholds for assessing independence

The Statutory Auditors are subject to the limit on the number of positions held pursuant to Article 144-terdecies knowledge, as at the date of approval of this Report, none of the members of the Board of Statutory Auditors exceeds the limits on the number of board mandates referred to in Article 144-terdecies of the Issuer Regulations. In addition to the above, the table below shows the overall number of positions held by Statutory Auditors in office at the date of approval of this Report (including the position held in FinecoBank). The limit on the accumulation Directive, Ministerial Decree 169/2020 and the Joint EBA and ESMA Guidelines, was considered to have been observed in light of the applicable weightings for positions held in the same group, for those held in non-commercial companies (not relevant for the purposes of accumulation) and the declarations made by the same.

Name	Total number of positions held by the Statutory Auditors	Number of relevant positions held
Luisa Marina Pasotti Chairman	6 non-executive positions	4 non-executive positions (1 ) (2 )
Massimo Gatto Statutory Auditor	5 non-executive positions	3 non-executive positions (3 )
Giacomo Ramenghi Statutory Auditor	7 non-executive positions	4 non-executive positions (1 ) (2 )

(1 ) Considering the impact of positions held in non-commercial companies, the total number of positions held complies with the limits set.

(2 ) Considering the impact of positions in the same group, the total number of positions held complies with the limits set.

(3) In view of his role as a member of the Supervisory Board of the companies in which he is a member of the Board of Auditors.

The Statutory Auditors must also take into account the provisions of Article 36, of Decree-

Law no. 201 of December 6, 2011, converted with amendments into Law no. 214 of management, control and supervisory bodies and the senior officers of firms or groups of firms engaged in credit, insurance and financial markets, to accept or exercise similar Persons who hold incompatible offices must notify the option exercised within 90 days of the appointment. Otherwise, on expiry of this deadline, they shall be removed from both offices. As regards the above, incompatibility due to interlocking positions does not apply for any of the Statutory Auditors in office. of Statutory Auditors, directly or indirectly, with the bank in which they hold a position.

The special authorisation procedure pursuant to Article 136 of the TUB applies, in the case of obligations of any kind or sale transactions undertaken by members of the Board

Statutory Auditors that have an interest in a specific transaction of the Issuer, on their own account or on behalf of others, must promptly inform other Statutory Auditors and the Chairman of the Board of Directors in detail regarding the nature, terms, origin and extent of their interest.

* * *

Article 24 of the Articles of Association establishes that, in order to properly perform its tasks, and in particular to fulfil its obligation to promptly inform the Bank of Italy, and other Supervisory Authorities where required, on management irregularities or regulatory violations, the Board of Statutory Auditors is vested with the broadest powers provided for by current laws and regulations.

Without prejudice to any more specific or different tasks and powers assigned to it by primary and secondary legislation in force from time to time, the Board of Statutory Auditors shall, in particular, oversee compliance with the law, regulations and the Articles organisational and accounting structures, the risk management and control system, as well as the functioning of the internal control system as a whole, the statutory audit of the annual accounts and the activity of certifying the conformity of sustainability reporting, the independence of the statutory auditors, the financial reporting and sustainability reporting process, the adequacy of the procedures adopted to regulate transactions with related parties and connected persons, as well as compliance with the provisions on sustainability reporting.

In performing its duties, the Board of Statutory Auditors liaises with the Internal Audit function and the Risk and Related Parties Committee, through ongoing communication and the exchange of information, and by taking part in meetings of the aforementioned Committee.

Subject to the right of all Statutory Auditors to attend the meetings and the duty to attend the meetings of the Risk and Related Parties Committee for the Chairman of the Board or another Auditor designated by that Chairman, the Chairman of each board committee

may invite the Chairman of the Board of Statutory Auditors or another auditor designated by him/her.

* * *

The Chairman of the Board of Directors ensures that Statutory Auditors can take part, after their appointment and during their term of office, in the most appropriate way, in initiatives to give them adequate knowledge of the sector in which the Issuer operates, of company dynamics and their evolution, principles of correct risk management as well as the applicable legal and self-regulatory framework. During the Year, all the Statutory ction 4.5. of this Report, and in specific cases in external courses. 11.2.2 Self-Assessment

The Board of Statutory Auditors met forty-six (46) times during the financial year. Each meeting lasted on average three hours and six minutes. With reference to the 2025 financial year, without prejudice to further meetings that will be planned on the basis of needs, a minimum of 42 meetings of the Board of Statutory Auditors have been scheduled, of which 10 have already been held at the date of approval of the Report.

For further information on the establishment, duties and functioning of the Board of Board of Statutory Auditors website.

The Board of Statutory Auditors carried out its annual self-assessment pursuant to the Corporate Bodies Regulations adopted in compliance with the Supervisory Regulations on Corporate Governance and the recommendations of the New Corporate Governance Code. Its assessment confirmed the suitability of all members of the Board of Statutory Auditors and the adequacy of the composition of the Board with respect to the requirements set forth by the applicable regulations, as well as a balanced distribution of competences within the Board. The Board reported on its self-assessment during the meeting of the Board of Directors held on March 11, 2025. 11.3 Role

It should be noted that the Board of Statutory Auditors expressed similar conclusions with reference to the annual evaluation process for the year 2023.

The Board of Statutory Auditors performs the tasks and functions provided for by current legislation. In particular, it oversees compliance with the law, regulations and the Articles of Association as well as proper administration, the adequacy of the Bank organisational and accounting structures, the risk management and control system, the statutory audit of the annual accounts and the activity of certifying the conformity of sustainability reporting, the independence of the statutory auditors, the financial reporting

and sustainability reporting process, the adequacy of the procedures adopted to regulate transactions with related parties and connected persons, as well as compliance with the provisions on sustainability reporting set out in Legislative Decree 125/2024.

The Board of Statutory Auditors, as part of its supervisory and control activities, constantly ascertains the effectiveness and adequacy of all the functions involved in the control system, the proper performance of their tasks and their adequate coordination, reporting any shortcomings and irregularities detected to the body with strategic supervisory functions and to the management body, promoting the relevant corrective actions. The Board of Statutory Auditors reports without delay to the Bank of Italy and, where applicable, to the other Supervisory Authorities on all facts and acts of which it becomes aware that may constitute an irregularity in the management of the Bank or a significant violation of the rules governing banking activities.

The Board of Statutory Auditors is an integral part of the overall internal control system and performs the functions defined by the Supervisory Provisions, also in its capacity as o. 39/2010, in accordance with the procedures and terms set forth in the regulations, including internal regulations of reference.

The Board is responsible for monitoring the completeness, adequacy, functionality and reliability of the system of internal controls and the RAF, as well as compliance with the provisions of the ICAAP process. In view of the plurality of corporate functions and structures with control tasks and responsibilities, this body is required to ascertain the effectiveness of all the structures and functions involved in the control system and their proper coordination, promoting corrective actions for any shortcomings and irregularities detected. information to fulfil the reporting obligations required by current legislation. The Board

The Board of Auditors is also responsible for monitoring the completeness, adequacy, functionality and reliability of the business continuity plan.

With reference to the subsidiaries, the Board of Statutory Auditors monitors the adequacy of the instructions given to the latter to ensure that they provide the necessary also verifies the proper performance of strategic and management control activities carried out by the Parent Company in respect of Group companies.

The Board of Statutory Auditors is also called upon to verify, in particular for each member of the control body, the assessment of suitability pursuant to Article 26 of the TUB (requirements for corporate officers) and, in any case, in the applicable primary and secondary regulations in force (including the rules on interlocking directorates), as well as in the subsequent check of the qualitative/quantitative composition considered optimal and the actual composition resulting from the appointment process, informing the Board of Directors for the purpose of subsequent communication to the market.

With specific regard to the main activities carried out by the Board of Statutory Auditors during the 2024 financial year, it should be noted that the Board of Statutory Auditors monitored compliance with the law and the deed of incorporation and compliance with

the principles of proper administration both in the performance of its activities, also by attending meetings of the Board of Directors and of the Board Committees, and during meetings with the management and with the Heads of the various Areas and Functions of the Bank.

The Board of Statutory Auditors also continuously monitored the adequacy of the organisational structure and its proper functioning, holding periodic meetings with top management and the heads of the various Areas and Functions.

The Board of Statutory Auditors also monitored compliance with the regulations governing the complex administrative and accounting process, under which the Manager in charge of preparing the company's accounting and corporate documents and the Managing Director and General Manager issue the certifications required by Article 154 bis of the TUF.

With reference to the adequacy of the internal control and risk management system, the Board of Statutory Auditors acquired information, held meetings with corporate functions and monitored the functioning and adequacy of the internal control system, also by analysing the quarterly and annual reports prepared by the control functions. The Board of Statutory Auditors met with the Supervisory Board - which FinecoBank uses for the performance of its supervisory functions pursuant to Legislative Decree no. 231/2001 for a mutual exchange of views on the activities carried out by both bodies and also examined the Information Report on the activities carried out by the Supervisory Board (SB) pursuant to Legislative Decree no. 231 of June 8, 2001.

by Article 19 of Legislative Decree 39/2010 in the version reformulated following the statutory audit reform implemented through Legislative Decree 135/2016, supervised: i) financial reporting process; ii) on the effectiveness of the internal control and risk management systems; iii) on the statutory audit of annual and consolidated accounts the provision of non-audit services.

As part of the preparation of the non-financial disclosure, the Board of Statutory Auditors met with the Auditor for a preliminary indication of the examination method adopted and -Financial project initiated by the Bank to comply with the Corporate Sustainability Reporting

The Board of Statutory Auditors requested and obtained from the subsidiary Fineco Asset Management DAC periodic reporting pursuant to Article 151(2) of the TUF on a quarterly basis.

The Board of Statutory Auditors acknowledged the continuous monitoring, in line with the current Provisions of Bank of Italy Circular no. 285 and internal regulations, of the Bank's Business Continuity Plan and the successful execution of the Business Continuity and Disaster Recovery test activities planned annually and, in accordance with the

remuneration policies and practices adopted and the related business processes, issuing, where necessary, its favourable opinions to the Board of Directors.

During 2024, the Board of Statutory Auditors made comments on the following: Report on Internal Audit Activities performed on investment services; Annual report on the carried out on important operational or outsourced control functions, any deficiencies found and the consequent corrective actions taken; Annual Report on the Activities of the Compliance Function and commented on the Plan of Activities of the Internal Audit Function for 2024.

For further details, please refer to the Report of the Board of Statutory Auditors of FinecoBank S.p.A. to the Shareholders' Meeting called for April 29, 2025 for the approval of the Financial Statements as at December 31, 2024 pursuant to Article 153 of the TUF and Article 2429(2) of the Italian Civil Code.

Access to information

RELATIONS WITH SHAREHOLDERS AND OTHER RELEVANT STAKEHOLDERS The Company considers it in its own interests and a duty towards the market to establish an ongoing dialogue with the Financial Community in compliance with the procedure for disclosing company documents and information to the market, and in general in compliance with laws and regulations governing the disclosure of inside information applicable to listed companies.

opportunity for shareholders and directors to engage, and consequently adopts exercise their right to vote. In this respect, subject to the conditions described in Section of the Articles of Association. may grant proxy with voting instructions on all or some of the proposals on the agenda, The Investor Relator is therefore the point of contact between the Issuer and the market

Pursuant to Article 135-undecies of the TUF, the Company designates, for each a person (the so-called Designated Company Representative) to whom shareholders within the terms and according to the procedures provided for by law.

Furthermore, relations with the Financial Community are handled by the Investor Relator, requirements concerning disclosure to the financial market and in particular to investors.

and works with the entire company to maintain and promote compliance with regulations on company reporting.

Dialogue with shareholders and other relevant stakeholders

Corporate Governance Code assigns the latter's Board of Directors the task of promoting, in the most appropriate forms, dialogue with shareholders and other stakeholders relevant to the company

Recommendation 3 of the Code further specifies that, in the Report on the corporate governance, companies should adopt and describe a policy for managing dialogue with all shareholders, also taking into account the engagement policies adopted by institutional investors and asset managers.

a specific aimed at defining the set of rules, responsibilities and processes for conducting and managing dialogue with the Financial Community, in line with the recommendations of the New Corporate

Governance Code, the Assonime Principles, the engagement policies adopted by institutional investors and asset managers, and the related international best practice Policy

Under this Policy, the dialogue is managed in accordance with the principles of transparency of information provided to the Financial Community, ensuring that it is clear, complete, truthful and not misleading. The Bank also respects the principle of equal treatment of the bearers of financial instruments issued by the Company and the provisions of the applicable laws and regulations, with particular attention to those relating to the banking and listed issuer nature of the Company (especially the regulations on market abuse and inside information), as well as the internal rules of governance, in full cooperation and transparency with the supervisory authorities. 1. Introduction

In the course of the financial year, the following topics in particular are emphasised: main questions related to the guidance on net interest income and the development of deposits, investing and managed deposits in the current rate environment.

Specifically, the above Policy is divided into 4 main sections and related sub-sections, the contents of which are summarised below:

The introductory part, in addition to listing the definitions used in the text, is devoted to the purpose and scope of the Policy by recalling the recommendations of the New Corporate Governance Code, as well as the principles of transparency of information provided to the financial community, equal treatment of financial instrument holders and the legal and regulatory provisions applicable to the Bank in its capacity as a listed issuer. It also identifies the applicable regulatory framework, at both European and national level. 2. Conduct of the Dialogue between the Company and the Financial Community

The second part is divided into sub-sections, each of which governs more specifically the individual elements that constitute the dialogue with the Financial Community. The following are identified in particular:

examples of topics that may be the subject of dialogue: these include topics relating to corporate strategy, business, remuneration and corporate governance;

the Company actors involved in the dialogue by defining their respective roles and tasks: the Board of Directors, the Responsible Director, the Contact Point (i.e. Investor Relations) and any other relevant structures involved. The Chairman is given an active role with regard to corporate governance, as well as accompanying/supporting the Responsible Director identified, pursuant to the Policy, as the Managing Director, for the remaining topics;

the tools for conducting the dialogue and, therefore, the channels that can be used to disseminate complete, transparent and timely information: press releases, days, shareho

activation of dialogue and timing. Two different ways of activation are identified: can be held in one of the following ways: one-way, two-way, individual, and collective. In accordance with the Assonime Principles, it is also specified that if a Director receives a request for dialogue from an investor, he/she must refrain from Office and Investor Relations, which will follow the procedure established with regard to the process for activating the dialogue;

the evaluation criteria to be taken into account by the Managing Director where applicable in agreement with the Chairman for the purposes of accepting or rejecting requests for dialogue;

acceptance or rejection of the request for Dialogue. The Managing Director where applicable in agreement with the Chairman with the support of Investor Relations and the specialised Functions involved from time to time, decides whether to (i) accept the request for Dialogue as received from the Stakeholder; (ii) accept the request for Dialogue but establishing that it shall be conducted in a different manner from that requested by the Stakeholder; (iii) reject the request for Dialogue on the grounds o circumstances that may be relevant. The Policy specifies that Investor Relations, in coordination with the Specialised Functions involved from time to time, shall ensure timely communication to the Stakeholder of the decision taken by the Bank, giving reasons for any refusal; 3. Information flows within the Dialogue

the procedures for conducting the dialogue if the request is accepted, which envisage the support of the Investor Relations function and, where appropriate, of the other functions concerned in each case.

The third section is devoted to information flows within the dialogue and specifically envisages the following steps: (i) preparing a report of requests not accepted (accompanied by the reasons for the rejection) and of the dialogue conducted by Investor Relations in coordination with the other competent structures concerned; (ii) sending that report to the Managing Director to enable him/her, in agreement with the Chairman of the Board and any Director who took part in the dialogue, to inform the Board of Directors. On the understanding that in the presence of matters of particular importance or interest or of necessity, the person who has directly participated in the dialogue has the duty to promptly inform the Managing Director and the Chairman. The Chairman is in any case responsible for ensuring that the Board is promptly informed of the developments and significant content of the various forms of dialogue. In this regard, it should be noted that during the year, the Chairman ensured that the Board of Directors was kept informed. 4. Adoption of the policy, disclosure and updates

The last section of the Policy describes the process for approving the document, which is the responsibility of the Board of Directors upon proposal from the Chairman,

formulated in agreement with the Managing Director after examination by the Corporate Governance and Environmental and Social Sustainability Committee. In addition, as mentioned above, the Policy, as well as the management of the dialogue with the Financial Community, must be reported annually in the Report on Corporate Governance and Ownership Structure. Subsequent updates to the document follow the process described above.

Policy for managing dialogue with the Financial Community www.finecobank.com (About UsCorporate//Investors) to which reference is made for further details.

* * *

The Company has created a specific section on its website www.finecobank.com which is easily identifiable and accessible where information on the Company is made available that is material for shareholders, to enable them to exercise their rights in an informed manner, as well as made available to other stakeholders which are relevant for the Company. In particular, the section includes updated information on the Company and services offered, key documents on corporate governance, as well as all press releases on main company events, in addition to financial and accounting information.

Information on the website is updated as promptly as possible, to guarantee the transparency and effectiveness of the disclosure to the public.

C) OF THE TUF)

SHAREHOLDERS MEETINGS (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1, LETTER Meeting, pursuant to the Articles of Association, is convened at least once a year, within 120 (one hundred and twenty) days from the end of the financial year, to resolve on items in its remit as established by the applicable regulations and the Articles of Association. resolve on items in its remit as established by the applicable regulations.

however, in order to maintain adequate organisational flexibility, the Articles of Association establish that the Board may convene several sessions for individual Share

website, and through the other methods envisaged by the applicable regulations. The Agenda set within the deadlines set by and the Articles of Association, by the person

Before the deadline for publishing the notice convening the meeting, based on each item on the agenda or another deadline set by law the Board of Directors makes available to the public a report on each item on the Agenda.

The Agenda may be supplemented according to the circumstances, procedures and deadlines established by the applicable regulations by shareholders that, also jointly, represent at least 2.5% of the share capital. Shareholders that request the addition of an item to the agenda must prepare a report stating the reasons for the proposals to resolve on the new items. Shareholders may also submit further proposals for resolutions on items already on the Agenda, giving the related reasons.

venue in Italy, indicated in the notice of meeting, and resolves with the majorities established by the applicable regulations.

Quorums are not envisaged in the Articles of Association, therefore in order for the force shall be observed.

Pursuant to the Articles of Association, and in line with laws in force on remuneration and incentive policies and practices issued by CONSOB, and, for banks and banking e fees of the bodies it appoints, and also approves: (i) remuneration policies for Board Directors, employees and persons working for the company on a self-employed basis; (ii) remuneration plans based on financial instruments; (iii) payments agreed on in the event of the early termination of employment or early termination of an appointment, including the limits established for said fees in terms of annual fixed remuneration.

of the ratio between variable and fixed remuneration up to a maximum of 2:1 or, if lower,

the General Manager and Key Management Personnel, and the procedures used to adopt and implement that policy.

13.1 Legitimation, procedures for taking the floor and voting

Pursuant to the applicable regulations, referred to in Article 8 of the Articles of voting rights following notification sent to the Company, within the legal established time limits, by the intermediary authorised by law to keep the accounts, based on entries in accounting records relative to the end of the accounting day of the seventh open market single session, or as a first session if the Board of Directors has planned for further sessions to take place.

using telecommunication means and to exercise voting rights digitally. The decision to Meeting.

Pursuant to Article 8 of the Articles of Association, each shareholder who is entitled to person, who is not necessarily a shareholder, provided this complies with legal provisions. Voting by proxy may also be authorised by a document signed digitally in accordance with the applicable regulations and notified to the Company at the email address and according to procedures indicated in the notice of meeting, or by means envisaged by the applicable laws and regulations.

In accordance with the best practice that sees the attendance of Directors at normally attended by all Directors.

sufficient information on items necessary for them to make informed decisions during information are made available within the deadlines set by the applicable laws and regulations.

Meeting, convened in ordinary and extraordinary session, focused, among other things, on the approval of the financial statements, as well as the granting of proxies to the Board of Directors in order to resolve capital increases to implement the 2023 and 2024 Incentive Schemes and the 2024-26 Long-Meeting was held through the Appointed Representative and all members of the Board of Directors and all members of the Board of Statutory Auditors attended, either present at the registered office or by means of communication.

13.2

In accordance with the best practices in the sector, on the proposal of the Board of Reg About Us/Corporate/Governance/Documents

discussed. Persons intending to take the floor shall request permission from the Chairman, submitting a written request with details of the issue the request refers to, after the Chairman has read the items on the Agenda and until he/she declares the discussion on the issue that the request refers to as close. The Chairman may authorise requests to take the floor to be made with a show of hands, and in this case persons take the floor in the alphabetical order of their surnames.

Article 10 of the Articles of Association also establishes that the Chairman is assisted by a Secretary, selected by the attendees, who may also be a non-shareholder, by majority of those present. Other than in the cases provided for by law, when the Chairman considers it appropriate, a notary may perform the function of Secretary, selected by the Chairman.

13.3 Significant changes in capitalisation and composition of the company structure

of Association regarding the percentages established for the exercise of the shares and the prerogatives imposed for the protection of non-controlling interests.

ADDITIONAL CORPORATE GOVERNANCE PRACTICES Among the corporate governance practices in addition to those already indicated above actually applied by the Company beyond the obligations established by laws or regulations, it should be noted that - in compliance with the reference regulatory framework (Legislative Decree 24/2023 and Supervisory Provisions on Corporate Governance - Part I, Title IV, Chapter 3, Section VIII), the Company has adopted a system for the internal reporting of violations (whistleblowing).

In this context, the Company has appointed the Head of the Compliance Function as the person responsible for the whistleblowing process, with the necessary autonomy and independence from control functions. This position ensures proper management of the procedure and reports directly and without delay to corporate bodies on information reported, where relevant.

Also in the tax sphere, we would like to point out the meaningful involvement of top management, with reference to the tax risk control management system, whose effectiveness and adequacy is shared annually with the Revenue Agency within the soof August 5, 2015, to which the Company has been admitted since 2017.

In fact, within the framework of the aforementioned system, in compliance with the obligations provided for, under the above-mentioned collaborative compliance regime, the Head of the Taxation and Consultancy Unit shares, with the Management and Control Bodies, the annual report on the management of tax risk containing, in particular, the relevant tax information concerning the Group (i.e., the tax compliance carried out, the audit activities, findings, the mitigation governing bodies taken to remedy any anomalies detected, as well as the planned activities) for consideration and consequent assessments.

In this context and in confirmation of the high level of sensitivity in terms of tax risks, the Bank has adopted, by resolution of the Board of Directors, (i) the Group's tax strategy, concerning the guidelines and principles adopted by the Bank in managing tax issues and, in particular, the risk associated with them (whether of a sanctioning or reputational nature) in line with its strategic objectives and in accordance with OECD recommendations; (ii) in December 2020, the Escalation procedure for the analysis and assessment of tax risk and interaction with the Inland Revenue Consulting Unit the task of assessing and measuring tax risk, as well as involving senior management in that assessment, in accordance with the provisions of the escalation process.

In particular, the involvement of senior management (CFO, Managing Director, Board of Directors, after informing the Risk and Related Parties Committee) is graded on the basis of the materiality of the risk or the nature of the damage, both economic and reputational, that taking on tax risk could entail for the Bank.

CHANGES SINCE THE END OF THE REPORTING YEAR No changes in the corporate governance structure have occurred after the end of the financial year, other than those specifically described in the Report.

THE CORPORATE GOVERNANCE COMMITTEE

CONSIDERATIONS ON THE LETTER OF DECEMBER 17, 2024 FROM THE CHAIRMAN OF The Chairman of the Board of Directors received and informed the Board, during the meeting of January 21, 2025, of the recommendations in the letter of December 17, 2024 of the Chair of the Corporate Governance Committee. The contents of the aforementioned letter were also brought to the attention of the Risk and Related Parties Committee (meetings held on January 8 and March 6, 2025), the Corporate Governance and Environmental and Social Sustainability Committee (meetings held on January 16 and March 6, 2025), the Remuneration Committee (meetings held on January 17 and March 10, 2025) and the Appointments Committee (meetings held on January 17 and March 6, 2025). The recommendations made in the letter have also been submitted to the Board of Statutory Auditors for the aspects within its remit. timeliness of the pre- and post-Board and intra-Board committee reporting, the Board

Having examined the issues and principles set forth in the letter, the Directors believe recommendations set forth in the letter.

Specifically, with regard to the recommendation concerning the completeness and considers the Bank to be already aligned with the recommendation; For more information, please refer to Sections 4.4 and 6 of the Report, where the procedures adopted by the Bank in this area are described in detail and which certify compliance with the recommendations of the Corporate Governance Committee (completeness and timeliness of pre-Board meeting and Board Committee reporting, as well as information on compliance with these procedures). With regard to the recommendation concerning the transparency and effectiveness of

the remuneration policy for executive directors and top management, the Board considers this recommendation to be fulfilled in view of the procedures set forth in the remuneration policy whereby predetermined and measurable performance objectives are identified for the payment of variable components.

Finally, as to the recommendation on the executive role of the Chairperson, the same is not applicable to the Bank as the Chairperson is neither a Chief Executive Officer nor entrusted with management powers. For more details on the role of the Chairperson, see Sections 4.5 and 4.6.2.

ANNEX 1

CURRICULA VITAE OF THE COMPANY OFFICERS IN OFFICE AT THE DATE OF THIS REPORT

Marco Mangiagalli - Chairman Marco Mangiagalli, a graduate in Political Economics from the Università Commerciale Luigi Bocconi, spent most of his career with the Eni Group. He has also worked in the Barclays Group in Italy and in the Nuovo Banco Ambrosiano Group. At Eni he held various positions of increasing responsibility until taking on the position of Chief Financial Officer from 1993 to 2008.

He has served on the Board of Directors of numerous companies, including: Agip S.p.A., Polimeri Europa S.p.A., Nuovo Pignone S.p.A., Snamprogetti S.p.A., Saipem S.p.A., Eni International Holding B.V., Eni International Bank Ltd, Albacom S.p.A., Emittenti Titoli S.p.A., Oil Investment Corp., Snam Rete Gas S.p.A., Falck Renewables S.p.A. He was Chairman of Eni Coordination Center S.A. and Enfin S.p.A..

He was a member of the Supervisory Board, Chairman of the Risk Committee, Chairman of the Remuneration Committee and member of the Related Party Transactions Committee of Intesa Sanpaolo S.p.A. in different periods from 2010 to 2016. Following the adoption of the one-tier system by Intesa Sanpaolo S.p.A., he also held the position of member of the Board of Directors and Chairman of the Management Control Committee of the Bank for the three-year period 2016-2019.

He has also held the following positions:

2009-2014: member of the Board of Directors and the Control and Risk Committee of Luxottica S.p.A.

2011-2013: member of the Board of Directors and the Control and Risk Committee and Corporate Governance Committee of Autogrill S.p.A.

2008-2010: Chairman of Saipem S.p.A.

He was a member of the Senior Advisory Board of the investment fund Global Infrastructure Partners from 2011 to 2017.

Currently, in addition to his position as Chairman of FinecoBank, he holds the following positions: (i) Chairman of the Board of Directors of E.I. Towers S.p.A. and (ii) member of the Board of Directors of Finarvedi S.p.A..

Gianmarco Montanari - Deputy Chairman Gianmarco Montanari is General Director of the Most Foundation (National Research and Development Foundation on Sustainable Mobility).Previously, he was General Director of the Italian Institute of Technology in Genoa, City Manager (i.e. Managing Director) of the City of Turin after working for twenty years as a manager in top positions in the Automotive, Financial Services, Management Consulting and Central Public Administration sectors, always managing processes of reorganization and digital transformation of complex companies with modern organization.He received a degree in Management Engineering from the Politecnico of Turin followed by four other degrees in Management, Economics, Political Science and Law and is formally certified as a F.I.G.C. Sports Management Collaborator, ACOI Coach and OIV Band 3 by the Ministry of Public Administration.Over the years, he has achieved numerous specializations at the main International Business Schools (i.e. Harvard Business School, IMD, INSEAD, Columbia University, Bocconi) on management, innovation, digitization, high-tech and governance including: - Board Director Diploma awarded with Distinction, IMD of Lausanne; - International Directors Program, at INSEAD; - Making Corporate Board More Effective, at the Harvard Business School.

He has been a member of numerous boards of private and public companies including the Turin Transport Group, Agenzia delle Entrate in Italy and AGID (Digital Italian Agency).He was awarded the honor of Commander of the Order of Merit of the Italian Republic in 2024, having previously been a Knight of the Italian Republic and an Officer of the Order of Merit of the Italian Republic.He is the author of the book 'Tech Impact. Luci ed ombre dello sviluppo tecnologico' ('Tech Impact. The Lights and Shadows of Technological Development') and many other publications, as well as being an authoritative speaker on innovation, technology and change management. a leading provider of IT and related services, as well as an Independent Director and

He is the inventor of IED® Intergenerational Environmental Debt.Currently, in addition to being Deputy Chair of the Board of Directors and Chairman of the Remunerations Committee of FinecoBank, he is also a member of the Board of Directors of Reale ITES, Member of the Remuneration Committee of the Tinexta Group, a company listed in the Star segment and a leading European operator in four business areas: Digital Trust, Cybersecurity, Credit Information & Management and Innovation & Marketing Services.

Alessandro Foti - Managing Director and General Manager Alessandro Foti graduated with honours in Business and Economics from Bocconi University of Milan in 1984. He began his professional career in the Financial Management Office of IBM in 1985. After three years of experience in Montedison S.p.A., where he became Head of financial coordination of the group's affiliate companies, in 1989 he joined Fin-Eco Holding S.p.A., with responsibility for capital market operations. In 1993 he became the Head of the operational section for administration, asset management and trading of Fin-Eco Sim S.p.A.. After being appointed as a member of the Board of Directors, General Manager and Managing Director, in 2002 he became Chairman of Fin-Eco Sim S.p.A.. After three years of experience as a member of the Management Committee of Assosim, in October 1999 he was appointed as a member of the Board of Directors of FinecoBank. segment of the Milan Stock Exchange).

In 2001, he became a member of the Supervisory Board of Entrium Direct Bankers AG. From 2003 to 2005, he was a member of the Board of Directors of Ducati Motors Holding S.p.A. and General Manager of FinecoGroup S.p.A. (a company listed on the Midex

From October 1999 to December 2000 he was a member of the Board of Directors of FinecoBank. From December 2000 to date he has served as Chief Executive Officer of FinecoBank and from July 2014 also as General Manager. From May 2010 to January 2015 he was Vice Chairman of the Supervisory Board of DAB Bank AG. From April 2012 to April 2014 he was a member of the Management Committee of Assoreti. From 2013 to 2019 he has been a member of the Executive Management Committee of UniCredit Group. Since April 2014 he has been Director and Vice Chairman of Assoreti. He has been a member of the Board of Directors of Borsa Italiana S.p.A. from July 2014 to October 2020.

In 2017, 2018, 2019 and 2022 he was awarded by Institutional Investor as best CEO in Europe in the banking industry for the Small&Mid Cap category.

Since 9 November 2018 he has been a member of the Board of Directors of Bocconi University of Milan.

On 3 October 2023 he was awarded an honorary degree in Management Engineering by the University of Salento.

Patrizia Albano, graduated with honors in Law from University 'La Sapienza'in Rome, is registered with the Bar Association of Rome.

Patrizia Albano - Director She began her activity working as an internal lawyer at Istituto Mobiliare Italiano S.p.A. from 1981 to 1999, then moved to San Paolo IMI S.p.A. as Head of the Central Legal Department of the Major Customers Division until 2000.

She was General Counsel of IBI (today, Alerion Clean Power S.p.A.) and Head of the Corporate Secretariat of Risanamento Napoli S.p.A. and Fincasa S.p.A., both listed on the Italian Stock Exchange.From 2003 to 2007, Ms. Albano worked at Studio Legale Carbonetti.

Since 2007 she has been practicing at her own firm in Rome and Milan in the field of corporate law and is mainly involved in corporate consulting and capital transactions, banking and financial transactions, as well as institutional and corporate compliance (privacy, anti-money laundering, security, administrative liability of legal persons pursuant to Law 231/2001).

Since 2008 until may 2021 she advised the Prada Group on an ongoing basis. In particular, she assisted Prada S.p.A. in its listing on the Hong Kong Stock Exchange and and Company Secretary. In this area, she dealt with the governance and corporate legal issues of the listed Parent Company and subsidiaries in Italy and worldwide; supervised the Corporate Secretary, the Shareholdings, compliance and extraordinary transactions. She represented the company at Assolombarda, where she held the position of Chairman of the Fashion and Design Group from February 2015 to January 2018.

In the period April-October 2015 she was a member of the Board of Directors of Banca Carim Cassa di Risparmio di Rimini S.p.A. In the period June-December 2016 she also held the position of Director of Mediacontech S.p.A.. In the period April 2020/March 2022 she also held the position of Chairman of Supervisory Body of Fiocchi Munizioni S.p.A.. To date, she holds the following positions: (i) member of the Board of Directors, member of the Nomination Committee and the Corporate Governance and Environmental and Social Sustainability Committee of FinecoBank S.p.A. (since 2017) and Chairman of the latter committee since 2023; (ii) Effective Auditor of the Board of Statutory Auditors of Artemide Group S.p.A. and the Board of Statutory Auditors of Artemide S.p.A. (since 2014); (iii) member of the Board of Directors of Piaggio & C. S.p.A. (since 2018); (iv) Deputy Auditor of Edison S.p.A. (since 2020); (v) Member of the Investment Committee of BeCause Sicaf SpA (since 2022); and (vi) member of the Board of Directors of Milanosesto SICAF in Gestione Esterna S.p.A. (since 2023).

Elena Biffi - Director Elena Biffi graduated with honors in Political Economics from Bocconi University and has worked in the financial-insurance sector since 1989, developing mathematical models for optimisation, risk analysis and evaluation.

Independent Director of FinecoBank, Arnoldo Mondadori Editore, PIOVAN, REVO (appointed by IVASS). - Chairman of the Board of Statutory Auditors and the SB under Legislative Decree - Independent Director of REVO SPAC and Elba Assicurazioni, Mediolanum S.p.A., - Member of the supervisory body of the Vittoria Lavoro pension fund (nine years period); - Co-founder at CSIP, Certified Sustainability Insurance Partners, for sustainability in the

She is founding partner of EM Associates (2002) and SEM Data (2021), a technology consultancy and provider of Technology Business Management solutions.

Member of the Advisory Board at Assofintech, the Italian Association for fintech, insurtech and proptech.

Member of the Friend of the Sea (World Sustainability Organization) Technical Committee for sustainability, respect, and promotion of the Marine Environment. Member of the Javotte Bocconi Institute.

Mentor and investor of innovative benefit startups.

Member of AIFIRM (Italian Association of Financial Industry Risk Managers). In the past, she was:

231/2001 of Fondartigianato (appointment of the Ministry of Labor and Social Policies).

Mediolanum Vita and Mediolanum Assicurazioni;

insurance sector.

Between 1991 and 2001, she worked at Studio Attuariale G. Ottaviani, at Grant Thornton Assicurazione & Finanza (as CEO), and at Shandwick Corporate Communication.

In 1995, she specialized in financial risks at the Scuola Normale Superiore of Pisa; she was a researcher, lecturer and professor at the Catholic University of the Sacred Heart and Sapienza of Rome in quantitative subjects.

She wrote several publications, lately: Sustainability Game (with M. Pedol, S. Melzi), in I I bisogni degli anziani: le risposte del nuovo welfare e della silver economy.

Giancarla Branda - Director Giancarla Branda graduated in Law and Economics from La Sapienza University in Rome, where she also obtained a postgraduate diploma in banking. She works as a tax lawyer and is an expert in business income and indirect taxation in the industrial and financial sector. She has carried out numerous due diligence assignments related to the acquisition and privatisation of banking and financial companies. She provides technical assistance in tax litigation at the levels of merit and legitimacy. She is currently a non-equity partner of Studio Salvini e Soci - Studio Legale e Tributario

fondato da F. Gallo.

In the course of her career she has gained the following experience:

1994-2000: Associate Attorney at Law and Tax Firm Ernst & Young International

1988-1994: Associate Attorney at KPMG International Legal and Tax Firm

During the 12th Legislature she collaborated, as an independent technical consultant, with the President of the Finance Committee of the Chamber of Deputies on the drafting of legislative texts on tax matters.

She has taught at the Higher School of Economics and Finance as well as in

To date, in addition to her role as a member of the Board of Directors and of the Remuneration Committee of FinecoBank, she holds positions on the boards of directors and auditors of major Italian listed and unlisted companies. She is also a member of the Supervisory Committee of Banca Network Investimenti in compulsory administrative liquidation by appointment of the Minister of Economy and Finance at the proposal of the Bank of Italy.

Maria Lucia Candida - Director Maria Lucia Candida graduated in Economics and Commerce from LUISS in Rome in 1982 and obtained a Master's degree in Corporate Crisis Law from La Sapienza University in Rome in 2016.

She began her professional career in 1983 at Istituto Mobiliare Italiano - IMI, first in the Research Office and later in the Finance and Investments Department. In 1997, she became the Head of the Regional Office in Rome.

Following the merger between IMI and Istituto San Paolo, she assumed responsibility for the Tusco-Emilian Area of San Paolo IMI. In 2006, she became the CEO of CARISBO. She has also served as the CEO of Neos Banca and the CEO of the Istituto per il Credito Sportivo.

From 2016 to 2017, she served as Independent Member of the Board, member of the Internal Controls and Risks Committee and the Remuneration Committee of Veneto Banca.

From 2016 to 2019, she was the Vice President of Bancapulia.

From 2019 to 2022, she served as Independent member of the Board, member of the Risk Committee, and the chairman of the Nominations Committee of Banca Intermobiliare (now Banca Investis).

She is registered in the Register of Statutory Auditors.

Paola Generali Director

Since 2003 Paola Generali is Ceo and Managing director of Get Solution, leading consultancy company in the field of Compliance, Cybersecurity and Governance. She has extensive experience as a manager and consultant, especially in the field of Compliance and Security Informative Systems.

She is also President of Assintel (National Association of ICT Companies of Confcommercio); President of EDI.IT Srl Confcommercio Digital Innovation Hub; National Advisor of Confcommercio transformation and Te Tinexta S.p.A.; President of OpenT S.p.A. and Member of the Board of Directors Study Center Guglielmo Tagliacarne.

Board of Directors Ente Mutuo Regionale.

Marin Gueorguiev graduated in Economics and Business from Ca' Foscari University Venice in 1998.

Marin Gueorguiev - Director In 2002, he obtained the Chartered Financial Analyst (CFA) designation. Currently, he holds the position of board member and co-president of the Advocacy Committee at CFA Society Italy.

For over twenty-five years, he has been providing management consulting services, with a specific focus on risk management, internal control systems, and structured finance, working with companies active in the financial services and Energy & Utilities sectors, both in Italy and across Europe. - 2018-2019: Co-founder of Quantum S.r.l. (big data analytics IT consulting). - 2009-2017: Managing Director, Risk & Compliance of Protiviti. - 2004-2007: Director of Protiviti.

Throughout his career he has gained the following significant experience:

-

- -2007-2009: Senior Manager, Finance & Risk of Oliver Wyman.

-1997-2004: Senior Manager, Capital Markets and Audit of Deloitte.

Arturo Patarnello - Director Arturo Patarnello has been Professor of Banking at Università di Milano-Bicocca. Courses held: Banking (Undergraduate Degree, 3-year program), Bank Management (Postgraduate Degree, 2-year program).

He was previously appointed as Dean at the School of Economics and Statistics, Università di Milano-Bicocca; from October 2018 until July 2020 was Head of the Department of Business and Law in the same university.

Among the research topics he is mainly interested in studies concerning corporate banking and lending policies in banking, risk management and credit rating models, banking and financial markets regulation, organizational structures of financial institutions and banks' business models.

He acts both as an independent advisor and as an expert providing advisory support to bank institutions, non-financial firms and public entities on strategic, regulatory and managerial issues, mainly concerning risk management and internal control systems and processes in financial institutions, reengineering of corporate processes and organizational designs in non-financial firms, company evaluation, workout and debt restructuring of firms.

He was member of supervisory committees in recovery and resolution procedures of banking institutions and investment firms (appointed by Banca d'Italia, Rome).

He also provided professional advice as an independent expert, appointed by Consiglio di Stato, Rome, on issues concerning the structure and functioning of the Italian energy markets.

Since 2017 he is co-founder and member of the board of MindLab srl, spinoff of the Milano Bicocca University, a project aimed at providing web-based advisory and professional services (strategic, legal and organizational).

Maria Alessandra Zunino de Pignier, graduated in Economics from the Catholic University of Milan, is a registered accountant and a registered auditor.

Maria Alessandra Zunino De Pignier - Director Since 1995 she has been working as a consultant for banks and financial intermediaries, on topics related to governance, AML/FT, compliance, internal audit, risk and personnel training, after having gained number of working experiences in asset management and financial services. She is co-founder of Alezio.net Consulting S.r.l..

As in the past she has been member of the board of directors of banks and bank holding companies (Mediolanum S.p.A., Veneto Banca and Banca Intermobiliare di Investimenti e Gestione, Deutsche Bank Mutui S.p.A.) and member of board committees. She has held positions as statutory auditor of listed companies and investment companies (Gefran S.p.A., Terna S.p.A., CDP Real Asset SGR).

Currently, in addition to her role as member of the Board of Directors, chairman of the Risk and Related Parties Committee, and member of the Corporate Governance and Environmental and Social Sustainability Committee of FinecoBank she is Standing Auditor of SABAF SpA.

She lectures on topics related to financial regulation for il sole 24 ore and financial intermediaries.

She is a member of AIAF (Italian Association for Financial Analysis) and Assiom Forex.

Luisa Marina Pasotti Chair of the Board of Statutory Auditors

Graduated with full marks in Business Administration from the Bocconi University of Milan in 1986, she qualified as a chartered accountant in 1989. She is registered in the Register of Chartered Accountants of Varese as from 3 May 1989 and is enrolled with the Register of Statutory Auditors as from 21 Aprile 1995. S.p.A. - from 15.04.2022 until the approval of the Financial Statements at 31.12.2024. Energy Italy S.p.A) ENI GROUP - from 10.01.2024 until the approval of the Financial

Founding partner of 'Studio Associato Pasotti' located in Varese, she has been a member of the Board of Directors of the Register of Chartered Accountants and Accounting Experts of Varese since January 2017 to February 2022.

She has been a member of the Board of Auditors of OIV ('Organismo Italiano di Valutazione'), with registered office at Bocconi University, since March 2018.

She has served as Auditor for over twenty years, also holding the position of Chairman and Auditor of the accounts of joint stock companies and public bodies.

Member of the Board of Statutory Auditors of Servizi Aerei S.p.A. a subsidiary of ENI

Chairman of the Board of Statutory Auditors of Eni Insurance S.p.A. (first named Eni Statements at 31.12.2026.

She served as a member independent and non-executive of the Board of Directors of BANCA CARIGE S.p.A. from July 11, 2017, to January 2, 2019, and as a member of the Remuneration Committee, of the Risk Committee and of the Nomination and Governance Committee.

She has also been a member of the Board of Directors of Carige REOCO S.p.A. (a Real Estate Owned Company of Carige Group) until May 2019.

Past Contract lecturer for non-institutional teaching activities at the Carlo Cattaneo University LIUC University in Castellanza (Varese, Italy).

Massimo Gatto - Statutory Auditor Massimo Gatto was born in Rome on 27 June 1963. He graduated in Economics and he is Chartered accountant registered in Order of Roma and in the Register of Legal Auditors.

He is a consultant for several companies operating in the commercial sector.

He has served as Chairman of the Board of Statutory Auditors and Statutory Auditor of listed companies, focusing on governance in terms of controls and risks.

He currently carries out his professional activity in his own firm in Rome.

He holds the following significant positions pursuant to Article 148-bis of the Italian

Chairman of the Board of Statutory Auditors of MARR S.p.A., Statutory Auditor of SACE BT S.p.A (SACE GROUP).

Member of supervisory bodies pursuant to Decree 231 of Italian stock companies. Member of the Study Committee on "Updating and Revising the Principles of Conduct of the Board of Statutory Auditors of Listed Companies" at CNDCEC.

Giacomo Ramenghi - Statutory Auditor Giacomo Ramenghi was born in Bologna on 9 October 1970. He is Certified Public Account registered in the Register of Chartered Accountants of Bologna and in the Register of Statutory Auditors since 2003.

Partner of Studio Gnudi (offices in Bologna, Milan and Rome) since 2006. He has worked, among other things, at a leading international auditing firm. He mainly deals with consultancy in corporate, accounting and tax matters, extraordinary operations (mergers, demergers, contributions) and valuations of companies and shareholdings.

He has been, and still is, Statutory Auditor of numerous companies, including listed ones. Over the years he has gained various experiences in companies belonging to the financial sector (banks, SIM, SGR and payment institutions) and foreign multinational groups.

He has been adjunct professor in financial statements matters since 2012 on the the University of Bologna. In this context, he has explored topics relating to international accounting standards, business combinations and ESG sustainability principles.

Member of the Commission of the Order of Chartered Accountants and Accounting Experts of Bologna "Accounting Principles".

He holds conferences mainly on financial statements and corporate finance topics and is the author of in-depth articles in specialized magazines. He is registered in the Register of Technical Consultants of the Court of Bologna.

ANNEX2

Application Chart of the Principles and Recommendations of the New Corporate Governance Code

		ANNEX2
	Application Chart of the Principles and Recommendations of the New Corporate Governance Code
	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
	Article 1 -	Role of the Board of Directors
P.I	The Board of Directors guides the company by pursuing its sustainable success.	X		Paragr aph 1.1.
P.II	The Board of Directors defines the strategies of the company and its group consistent with Principle I and monitors their implementation.	X		Paragr aph 4.1.1.
P.III	The Board of Directors defines the system of corporate governance that best serves the conduct of the taking into account the spaces of autonomy offered by the legal system. If necessary, it evaluates and promotes appropriate changes, submitting them to the	X		Paragr aph 4.1.1.
P.IV		X		Paragr aph 4.1.1.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
	The Board of Directors promotes dialogue, in the most appropriate forms, with the shareholders and with the other relevant stakeholders of the Company.
R.1	The Board of Directors: a) examines and approves the business plan of the company and the group it heads, also on the basis of the analysis of issues relevant to the generation of long-term value carried out with the possible support of a committee whose composition and functions are determined by the Board of Directors; b) periodically monitors the implementation of the business plan and evaluate the general management performance, periodically comparing the results achieved with those planned; c) defines the nature and the level of risk consistent assessment all risks that may be relevant for the sustainable success of the company; d) defines the corporate governance system of the company and the structure of the group it heads, and assesses the adequacy of the organisational, administrative and accounting structure of the company and its strategically important subsidiaries, with particular reference to the internal control and risk management system;	X		Paragr aph 4.1.1. and Paragr aph 5.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
	e) takes decisions on the transactions of the company and those of its subsidiaries that have significant strategic, economic, asset or financial significance for the company; to that end, it establishes general criteria for identifying significant transactions; f) in order to ensure the proper management of corporate information, adopt, upon proposal of the Chairperson in agreement with the Chief Executive Officer, a procedure for the internal management and external disclosure of documents and information concerning the company, with particular reference to inside information.
R.2	If deemed necessary in order to define a corporate governance system that is more functional to the reasoned proposals to be submitted to the a) choice and characteristics of the corporate model one-tier two-tier b) size, composition and appointment of the Board of Directors and term of office of its members; c) articulation of the administrative and property rights of the shares; d) percentages established for the exercise of prerogatives to protect minorities. In particular, in the event that the Board of Directors	X		Paragr aph 4.1.1. and Paragr aph 4.2	For further details, please also refer to the Articles of Association published on the website of the Company www.finecobank.com in the section Us/Corporate/Governance/Document

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n
	introduction of loyalty voting rights, it shall provide in its adequate justification for the purpose of the choice and indicate the expected effects on the ownership and control structure of the company and its future strategies, giving an account of the decision-making process followed and any contrary opinions expressed in the board meeting.
R.3	The Board of Directors, upon a proposal of the Chairperson, formulated in agreement with the Chief Executive Officer, shall adopt and describe in the corporate governance report a policy for the management of dialogue with the generality of shareholders, also taking into account the engagement policies adopted by institutional investors and asset managers. The Chairperson also ensures that the Board of Directors is in any case informed, within the next meeting, on the development and significant content of dialogue held with all shareholders;	X	Paragr aph 4.1.1. and Paragr aph 12
	Article 2	Composition of the Corporate Bodies
P.V	The Board of Directors is composed of executive and non-executive directors, all of whom have the professionalism and skills appropriate to the tasks entrusted to them.	X	Paragr aph 4.3.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n
P.VI	The number and expertise of the non-executive directors are such as to ensure that they carry significant weight in the adoption of Board resolutions and guarantee effective monitoring of management. A significant proportion of the non-executive directors are independent.	X	Paragr aph 4.3. Paragr aph 4.6 and 4.7
P.VII	The company applies diversity criteria, including gender criteria, for the composition of the Board of Directors, in compliance with the priority objective of ensuring adequate competence and professionalism of its members.	X	Paragr aph 4.3.1.
P.VIII	The Supervisory Board has an appropriate composition to ensure the independence and professionalism of its function.	X	Paragr aph 11.2.
R.4	The Board of Directors defines the allocation of management powers and identifies who among the executive directors holds the position of Chief Executive Officer. In the event that the Chairperson is assigned the office of Chief Executive Officer or is granted significant management powers, the Board of Directors shall explain the reasons for this choice.	X	Paragr aph 4.6.
R.5	The number and competences of the independent directors shall be appropriate to the needs of the company and the functioning of the Board of Directors, as well as the constitution of the relevant committees.	X	Paragr aph 4.3. Paragr

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n	Notes
	The Board of Directors includes at least two independent directors, other than the Chairperson. In large companies with concentrated ownership, independent directors constitute at least one third of the board. In other large companies, independent directors make up at least half of the board. In large companies, the independent directors meet, in the absence of the other directors, on a regular basis and in any case at least once a year to assess issues deemed of interest with respect to the functioning of the Board of Directors and the management of the company.		aph 4.7
R.6	The Board of Directors assesses the independence of each non-executive director immediately after appointment as well as during the term of office upon the occurrence of circumstances relevant to independence and in any case at least once a year. For this purpose, each non-executive director shall provide all the elements necessary or useful for the assessment of the Board of Directors, which shall consider, on the basis of all available information, any circumstance that affects or may appear to affect the director's independence.	X	Paragr aph 4.7
R.7	The circumstances that compromise, or appear to compromise, the independence of a director are at least the following: a) if he/she is a significant shareholder of the company;	X	Paragr aph 4.7	With reference to the definition of the quantitative and qualitative criteria for assessing materiality under c) and d), see Section 4.7, in the sub-section on

Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
b) if he/she is, or has been in the previous three financial years, an executive director or employee: - of the company, a strategically important subsidiary of the company or a company under common control; - of a significant shareholder of the company; c) whether, directly or indirectly (e.g. through subsidiaries or companies of which it is an executive director, or as a partner in a professional firm or consulting company), he/she has, or has had in the preceding three financial years, a significant commercial, financial or professional relationship: - with the company or its subsidiaries, or its executive directors or top management; - with a person who, also together with others through if the parent company is a company or entity, with its executive directors or top management; d) if he/she receives, or has received in the previous three financial years, from the company, one of its subsidiaries or the parent company, significant remuneration in addition to the fixed remuneration for the office and to the remuneration for participation in the committees recommended by the Code or provided for by the regulations in force; e) if he/she has been a director of the company for more than nine financial years, even if not consecutive, in the last twelve financial years;			and Paragr aph 4.5 (with particul ar referen ce to the indepe ndence of the Chairp erson of the Board of Directo rs)

Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
f) if he/she holds the office of executive director in another company in which an executive director of the company holds the office of director; g) if he/she is a partner or director of a company or entity belonging to the network of the company's statutory auditor; h) if he/she is a close relative of a person in one of the situations referred to in the preceding points. The Board of Directors shall, at least at the beginning of its term of office, predefine the quantitative and qualitative criteria for assessing the significance referred to in (c) and (d) above. If a director is also a partner in a professional firm or consulting company, the board of directors assesses the significance of the professional relationships that may have an effect on his/her position and role within the firm or consulting company or that otherwise pertain to important transactions of the company and its group, also irrespective of the quantitative parameters. The Chairperson of the Board of Directors, who has been nominated as a candidate for this role in accordance with Recommendation 23, may be assessed as independent if none of the above circumstances apply. If the Chairman assessed as independent participates in the committees recommended by the Code, the majority of the committee members shall be other independent directors. The Chairperson assessed as independent

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n
	does not chair the Remuneration Committee or the Control and Risk Committee.
R.8	The company defines the diversity criteria for the composition of the management and control bodies and identifies, also taking into account its ownership structure, the most appropriate instrument for their implementation. At least one-third of the Board of Directors and the Supervisory Board, where autonomous, consists of members of the less represented gender. Companies take measures to promote equal treatment and equal opportunities between genders within the entire company organisation and monitor their concrete implementation.	X	Paragr aph 4.3.1. and Paragr aph 11.2.1.
R.9	All members of the Supervisory Board meet the independence requirements of Recommendation 7 for directors. The assessment of independence is carried out, with the timing and in the manner provided for in Recommendation 6, by the Board of Directors or the Board of Statutory Auditors, based on the information provided by each member of the Board of Statutory Auditors.	X	Paragr aph 11.1, Paragr aph 11.2 and Paragr aph 11.2.1.
R.10	The outcome of the independence assessments of the directors and members of the Board of Statutory Auditors, as referred to in Recommendations 6 and 9, is disclosed to the market immediately after the	X	Paragr aph 4.7

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n	Notes
	appointment by means of a special announcement and, subsequently, in the Corporate Governance Report; on these occasions, the criteria used for assessing the materiality of the relationships under consideration are indicated and, where a director or member of the Board of Statutory Auditors has been deemed independent despite the occurrence of one of the situations indicated in Recommendation 7, a clear and reasoned justification for this choice is provided in relation to the position and individual characteristics of the person assessed.		and Paragr aph 11.2.1.
	Article 3 - Functioning of the Board of Directors and Role of the Chairperson
P.IX	The Board of Directors defines the rules and procedures for its own functioning, in particular in order to ensure effective management of Board reporting.	X	Paragr aph 4.1.1. and Paragr aph 4.4
P.X	The Chairperson of the Board of Directors plays a liaison role between the executive and non-executive directors and ensures the effective functioning of the Board proceedings.	X	Paragr aph 4.5	Section 4.5 refers to Section 2.1. of the Corporate Bodies Regulations, where the duties of the Chairperson of the Board of Directors are further defined.
P.XI	The Board of Directors ensures an appropriate internal division of its functions and establishes Board	X	Paragr aph 1.1.3.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n	Notes
	committees with investigative, proposing and advisory functions.		and Paragr aph 6
P.XII	Each director shall ensure adequate time availability for the diligent performance of the tasks assigned to him/her.	X	Paragr aph 4.3.2.
R.11	The Board of Directors adopts regulations defining the rules of operation of the Board itself and its committees, including the procedures for taking minutes of meetings and the procedures for the management of directors' reports. These procedures identify the deadlines for the prior sending of the information and how the confidentiality of the data and information provided is to be protected in such a way that the timeliness and completeness of the information flows are not affected negatively. The report on corporate governance provides adequate information on the main contents of the regulations of the Board of Directors and on compliance with the procedures concerning the timeliness and adequacy of information provided to the directors.	X	Glossa ry; Paragr aph 4.4. Paragr aph 6	The Corporate Bodies Regulations is referred to several times in the Report, also by way of reference to the more detailed rules governing the functioning of the Board and the Committees.
R.12	The Chairperson of the Board of Directors, with the help of the secretary of the Board of Directors, ensures a) that pre-meeting briefings and additional information provided during meetings are adequate to enable	X	Paragr aph 4.5	Section 4.5 refers to Section 2.1. of the Corporate Bodies Regulations, where the duties of the Chairperson of the Board of Directors are further defined.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
	directors to act in an informed manner in the performance of their duties; b) that the work of the Board committees with investigative, proposing and advisory functions is coordinated with the work of the Board of Directors; c) in agreement with the Chief Executive Officer, that the executives of the company and those of the companies of the group it heads, responsible for the corporate functions competent according to the subject matter, attend Board meetings, including at the request of individual directors, to provide the appropriate details on the items on the agenda; d) that all members of the Board of Directors and Board of Statutory Auditors may participate, after their appointment and during their term of office, in initiatives aimed at providing them with an adequate knowledge of the business sectors in which the company operates, of the company dynamics and their evolution also with a view to the sustainable success of the company itself, as well as of the principles of proper risk management and the regulatory and self-regulatory framework of reference; - assessment process, with the support of the Appointments Committee.
R.13	The Board of Directors appoints an independent director as lead independent director:		X	Paragr aph 4.7.1.	Since the conditions set out in this Recommendation were not met, the

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
	a) if the Chairperson of the Board of Directors is the Chief Executive Officer or holds significant management powers; ii) if the position of Chairperson is held by the person that controls the issuer, either jointly or otherwise; iii) in large companies, even in the absence of the conditions indicated the previous points, if requested by the majority of Independent Directors.				appointment of a Lead Independent Director was not necessary.
R.14	The lead independent director: a) represents a point of reference and coordination of the requests and contributions of non-executive directors and, in particular, of independent directors; b) coordinate meetings of independent directors only.		X	Paragr aph 4.7.1.	Since the conditions set out in this Recommendation were not met, the appointment of a Lead Independent Director was not necessary.
R.15	In large companies, the Board of Directors expresses its orientation as to the maximum number of positions on the Boards of directors or auditors in other listed or large companies that may be considered compatible with effective performance as a director of the company, taking into account the commitment resulting from the position held.	X		Paragr aph 4.3.2.
R.16	The Board of Directors establishes internal committees with investigative, proposing and advisory functions in the areas of appointments, remuneration and control and risk. The functions that the Code assigns to committees may be distributed differently or merged into a single committee, provided that adequate information is provided on the tasks and activities	X		Paragr aph 1.1.3. and Paragr aph 6

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n
	performed for each of the functions assigned and the Code's recommendations for the composition of the relevant committees are complied with. The functions of one or more committees may be assigned to the entire Board of Directors, under the
	coordination of the Chairperson, provided that: a) the independent directors represent at least half of the board;
	(b) the Board of Directors devotes adequate space within the Board sessions to the performance of the functions typically attributed to these committees.
	If the functions of the Remuneration Committee are reserved for the Board of Directors, the last sentence of Recommendation 26 applies.
	Companies other than large ones may assign the functions of the Control and Risk Committee to the Board of Directors, even in the absence of the condition mentioned in (a) above.
	Companies with concentrated ownership, even large ones, may assign the functions of the Appointments Committee to the Board of Directors, even in the absence of the condition mentioned in (a) above.
R.17	The Board of Directors defines the tasks of the committees and determines their composition, favouring the competence and experience of their members and avoiding, in large companies, an excessive concentration of tasks in this area.	X	Paragr aph 6

	s)
Each committee is coordinated by a Chairperson who informs the Board of Directors of its activities at the first meeting. The Chairperson of the committee may invite the Chairperson of the Board of Directors, the Chief Executive Officer, the other directors and, informing the Chief Executive Officer, representatives of the relevant corporate functions to individual meetings; Meetings of each committee may be attended by members of the Board of Statutory Auditors. The committees are entitled to access the information and corporate functions necessary to perform their tasks, have access to financial resources and make use of external consultants, within the terms set by the Board of Directors.
On the proposal of the Chairperson, the Board of Directors decides on the appointment and dismissal of the secretary of the body and defines his/her professional requirements and powers in its rules of procedure. The secretary supports the work of the Chairperson and provides impartial assistance and advice to the Board of Directors on all aspects relevant to the proper functioning of the corporate governance system.	X	Paragr aph 4.5 (Secret ary of the Board)
Article 4 -
	176
			Appointment of Directors and Self-Assessment of the Board of Directors

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n	Notes
P.XIII	The Board of Directors shall ensure, to the extent of its competence, that the process of appointment and succession of directors is transparent and functional to achieve the optimal composition of the Board of Directors in accordance with the principles of Article 2.	X	Sectio n 4.1.1 (letter (ff))
P.XIV	The Board of Directors periodically assesses the effectiveness of its activities and the contribution made by its individual components, through formalised procedures whose implementation it oversees.	X	Paragr aph 7.1
R.19	The Board of Directors entrusts the Appointments Committee with the task of assisting it in its activities: a) self-assessment of the Board of Directors and its committees; b) definition of the optimal composition of the Board of Directors and its committees; c) identification of candidates for the office of director in the event of co-option; d) possible submission of a list by the outgoing Board of Directors to be implemented in a manner that ensures its transparent formation and presentation; e) preparing, updating and implementing any succession plan for the Chief Executive Officer and other executive directors.	X	Paragr aph 4.1.1. and Paragr aph 7.2.2.
R.20	The majority of the Appointments Committee is composed of independent directors.	X	Paragr aph 7.2.1.	The members of the Appointments Committee are all independent.
		177

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n
R.21	The self-assessment focuses on the size, composition and actual functioning of the Board of Directors and its committees, also considering its role in defining strategies and monitoring management performance and the adequacy of the internal control and risk management system.	X	Paragr aph 7.1
R.22	The self-assessment is conducted at least every three years, in view of the renewal of the Board of Directors. In large companies other than those with concentrated ownership, the self-assessment is conducted annually and may also be carried out in a differentiated manner during the term of office of the body, with the use of an independent consultant being considered at least every three years.	X	Paragr aph 7.1
R.23	In companies other than those with concentrated ownership the Board of Directors: - expresses, with a view to each renewal, a guideline on its quantitative and qualitative composition considered optimal, taking into account the results of the self-assessment; - requires those who submit a list containing a number of candidates exceeding half of the members to be elected to provide adequate information, in the documentation submitted for the filing of the list, on the conformity of the list with the orientation expressed by the board of directors, also with reference to the diversity criteria provided for in Principle VII and Recommendation 8, and to indicate their candidate for	X	Paragr aph 4.2 and Paragr aph 4.3.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n	Notes
	the office of Chairperson of the Board of Directors, whose appointment shall be made according to the procedures set out in the Articles of Association. The orientation of the outgoing Board of Directors is published on the company's website well in advance of Meeting concerning its renewal. The guideline identifies the managerial and professional profiles and skills deemed necessary, also in the light of the company's sectoral characteristics, considering the diversity criteria set out in Principle VII and Recommendation 8 and the guidelines expressed on the maximum number of positions in application of Recommendation 15.
R.24	In large companies, the Board of Directors - defines, with the support of the Appointments Committee, a plan for the succession of the Chief Executive Officer and executive directors that at least identifies the procedures to be followed in the event of early termination of office; - ascertains the existence of adequate procedures for the succession of top management.	X	Paragr aph 7.1
	Article 5 Remuneration
P.XV	The policy for the remuneration of directors, members of the Board of Statutory Auditors and top management	X	Paragr aph 8.	For a more detailed breakdown of the remuneration policy, Section 8 refers to the same policy on compensation.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n
	success and takes into account the need to dispose of, retain and motivate people with the competence and professionalism required by their role in the company.
P.XVI	The remuneration policy is drawn up by the Board of Directors through a transparent procedure.	X	Sectio n 4.1.1 (lett. (bb) e (cc))
P.XVI I	The Board of Directors ensures that the remuneration paid and accrued is consistent with the principles and criteria defined in the policy, in light of the results achieved and other circumstances relevant to its implementation.	X	Sectio n 4.1.1 (lett. (bb) e (cc))
R.25	The Board of Directors entrusts the Remuneration Committee with the task of: a) assist him in drawing up the remuneration policy; b) submit proposals or express opinions on the remuneration of executive directors and other directors holding special offices as well as on the setting of performance targets related to the variable component of such remuneration; c) monitor the concrete application of the remuneration policy and verify, in particular, the actual achievement of performance targets; d) periodically assess the adequacy and overall consistency of the policy for the remuneration of directors and top management.	X	Paragr aph 8.2.2

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n	Notes
	In order to dispose of persons with adequate competence and professionalism, the remuneration of the directors, both executive and non-executive, and of the members of the Board of Statutory Auditors is defined taking into account the remuneration practices prevailing in the reference sectors and for companies of similar size, also considering comparable foreign experiences and making use of an independent consultant, if necessary.
R.26	The Remuneration Committee is composed of only non-executive directors, the majority of whom are independent, and is chaired by an independent director. At least one member of the committee has adequate knowledge and experience in financial matters or remuneration policies, to be assessed by the Board of Directors at the time of appointment. No director takes part in the Remuneration Committee meetings in which proposals concerning his/her remuneration are formulated.	X	Paragr aph 8.2.1.
R.27	The policy for the remuneration of executive directors and top management defines: a) a balance between the fixed component and the variable component that is appropriate and consistent management policy, taking into account the sector in which it operates, providing in any case that	X	Paragr aph 8.	For the information required regarding the remuneration of executive directors, non-executive directors and key management personnel and concerning indemnities for Directors in the event of resignation, dismissal or termination of employment following a public purchase offer (pursuant to Article 123-bis, paragraph 1, letter i) of

Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
the variable component represents a significant part of the total remuneration; b) maximum limits on the disbursement of variable components; c) performance targets, to which the payment of variable components is linked, predetermined, measurable and linked in significant part to a long-term strategic objectives and are designed to promote its sustainable success, including, where relevant, non financial parameters; d) an adequate deferral period - with respect to the time of maturity - for the payment of a significant portion of the variable component, consistent with the characteristics of the business activity and the related risk profiles; e) contractual arrangements permitting the company to demand repayment, in whole or in part, of variable components of remuneration paid (or to withhold amounts subject to deferral), determined on the basis of data which subsequently prove to be manifestly erroneous and other circumstances which may be identified by the company; (f) clear and pre-determined rules for the possible payment of severance payments, which define the upper limit of the total sum payable by linking it to a certain amount or a certain number of years of remuneration. This indemnity is not paid if the				Annual Report on Remuneration Paid in the 2024 Financial Year - Section II of the Report on Remuneration Policy and published in accordance with Article 123-ter of the TUF, Article 84-quater of the Issuer Regulations and the provisions in Title IV, Chapter 2, Section VI of Bank of Italy Circular no. 285.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n	Notes
	termination is due to the achievement of objectively inadequate results.
R.28	Share-based remuneration plans for executive directors and top management incentivise alignment with shareholder interests over a long-term horizon, with a predominant part of the plan having an overall vesting period and retention period of at least five years.	X	Paragr aph 8.	For the information required regarding the remuneration of executive directors, non-executive directors and key management personnel and concerning indemnities for Directors in the event of resignation, dismissal or termination of employment following a public purchase offer (pursuant to Article 123-bis, paragraph 1, letter i) of Annual Report on Remuneration Paid in the 2024 Financial Year - Section II of the Report on Remuneration Policy and published in accordance with Article 123-ter of the TUF, Article 84-quater of the Issuer Regulations and the provisions in Title IV, Chapter 2, Section VI of Bank of Italy Circular no. 285.
R.29	The policy for the remuneration of non-executive directors provides for remuneration commensurate with the competence, professionalism and commitment required by the tasks assigned to them within the Board of Directors and Board committees; this remuneration is not linked, except for an insignificant part, to financial performance targets.	X	Paragr aph 8.	For the information required regarding the remuneration of executive directors, non-executive directors and key management personnel and concerning indemnities for Directors in the event of resignation, dismissal or termination of employment following a public purchase offer (pursuant to

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
					Article 123-bis, paragraph 1, letter i) of Annual Report on Remuneration Paid in the 2024 Financial Year - Section II of the Report on Remuneration Policy and published in accordance with Article 123-ter of the TUF, Article 84-quater of the Issuer Regulations and the provisions in Title IV, Chapter 2, Section VI of Bank of Italy Circular no. 285.
R.30	The remuneration of the members of the Board of Statutory Auditors provides for remuneration commensurate with the competence, professionalism and commitment required by the importance of the role covered and the size and sectoral characteristics of the company and its situation.	X		Paragr aph 8.	For the information required regarding the remuneration of executive directors, non-executive directors and key management personnel and concerning indemnities for Directors in the event of resignation, dismissal or termination of employment following a public purchase offer (pursuant to Article 123-bis, paragraph 1, letter i) of Annual Report on Remuneration Paid in the 2024 Financial Year - Section II of the Report on Remuneration Policy and published in accordance with Article 123-ter of the TUF, Article 84-quater of the Issuer Regulations and the provisions in Title

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
					IV, Chapter 2, Section VI of Bank of Italy Circular no. 285.
R.31	On the occasion of the termination of the office and/or termination of the relationship with an executive director or general manager, the Board of Directors shall disclose detailed information on the matter by means of a press release, disseminated to the market at the end of the internal processes leading to the award or recognition of any indemnity and/or other benefits: a) the allocation or recognition of indemnities and/or other benefits, the circumstances justifying their accrual (e.g. due to expiry of office, revocation of office or settlement agreement) and the deliberative procedures followed within the company for this purpose; b) the total amount of the indemnity and/or other benefits, their components (including non-monetary benefits, retention of rights connected to incentive plans, consideration for non-competition undertakings or any other remuneration awarded for any reason and in any form) and the timing of their payment (distinguishing the part paid immediately from the part subject to deferral mechanisms); c) the application of any claw-back or malus clause; d) the conformity of the elements indicated in points (a), (b) and (c) above with what is stated in the	X		Paragr aph 8.	For the information required regarding the remuneration of executive directors, non-executive directors and key management personnel and concerning indemnities for Directors in the event of resignation, dismissal or termination of employment following a public purchase offer (pursuant to Article 123-bis, paragraph 1, letter i) of Annual Report on Remuneration Paid in the 2024 Financial Year - Section II of the Report on Remuneration Policy and published in accordance with Article 123-ter of the TUF, Article 84-quater of the Issuer Regulations and the provisions in Title IV, Chapter 2, Section VI of Bank of Italy Circular no. 285.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n
	remuneration policy, with a clear indication of the reasons and the deliberative procedures followed in the event of deviation, albeit partial, from the policy; e) information on the procedures that have been or will be followed for the replacement of the departing executive director or general manager.
	Article 6 Internal control and risk management system
P.XVI II	The internal control and risk management system consists of the set of rules, procedures and organisational structures aimed at the effective and efficient identification, measurement, management and monitoring of the main risks, in order to contribute to the sustainable success of the company.	X	Paragr aph 9.
P.XIX	The Board of Directors defines the guidelines of the internal control and risk management system in line its adequacy and effectiveness.	X	Paragr aph 4.1.1. and Paragr aph 9.
P.XX	The Board of Directors defines the principles concerning the coordination and information flows between the various parties involved in the internal control and risk management system in order to maximise the efficiency of the system itself, reduce duplication of activities and ensure effective	X	Paragr aph 9.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
	performance of the tasks of the Board of Statutory Auditors.
R.32	The organisation of the internal control and risk management system involves, each within their respective responsibilities: a) the Board of Directors, which plays a role in guiding and assessing the adequacy of the system; b) the Chief Executive Officer, who is responsible for establishing and maintaining the internal control and risk management system; c) the Control and Risk Committee, established within the Board of Directors, which has the task of supporting internal control and risk management system and the approval of periodic financial and non-financial reports. - - corporate model, the functions of the Control and Risk Committee may be assigned to the Board of Statutory Auditors. d) the Head of the Internal Audit Function, who is in charge of verifying that the internal control and risk management system is functional, adequate and consistent with the guidelines defined by the Board of Directors. e) the other corporate functions involved in controls (such as the Risk Management and Legal and Non Compliance Risk Monitoring Functions), broken down	X		Paragr aph 9.

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
	according to the size, sector, complexity and risk profile of the business; f) the Board of Statutory Auditors, which monitors the effectiveness of the internal control and risk management system.
R.33	The Board of Directors, with the support of the Control and Risk Committee: a) defines the guidelines of the internal control and risk strategies and assesses, at least once a year, the adequacy of such system with respect to the its effectiveness; b) appoints and dismisses the head of the Internal Audit Function, defining his/her remuneration in line with company policies, and ensuring that he/she is provided with adequate resources to perform his/her duties. If it decides to entrust the Internal Audit Function, as a whole or by segments of operations, to an entity outside the company, it shall ensure that this entity has adequate professionalism, independence and organisation and provides adequate justification for this in the Corporate Governance Report; c) approves, at least once a year, the work plan prepared by the head of the Internal Audit Function, in	X		Paragr aph 4.1.1. and Paragr aph 9.

Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
consultation with the Board of Statutory Auditors and the Chief Executive Officer;
d) assess whether measures should be taken to ensure the effectiveness and impartial judgement of the other corporate functions referred to in Recommendation 32(e), verifying that they are adequately staffed and resourced;
e) assigns the supervisory functions pursuant to Article 6(1)(b) of Legislative Decree No. 231/2001 to the Board of Statutory Auditors or to a specially constituted body. If the body is other than the Board of Statutory Auditors, the Board of Directors shall assess the advisability of appointing at least one non-executive director and/or a member of the Board of Statutory Auditors and/or a person with legal or control functions within the Company, in order to ensure coordination among the various parties involved in the internal control and risk management system;
f) evaluate, in consultation with the Board of Statutory Auditors, the findings set out by the statutory auditor in the letter of recommendations, if any, and in the additional report addressed to the Board of Statutory Auditors;
g) describes, in the Corporate Governance Report, the main characteristics of the Internal Control and Risk Management System and the methods of coordinating the parties involved in it (specifying the national and international models and best practices of reference),

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
	expresses its overall assessment on the adequacy of the Internal Control and Risk Management System and gives account of the choices made with regard to the composition of the Supervisory Board referred to in point e) above.
R.34	The Chief Executive Officer a) ensures the identification of the main corporate risks, taking into account the characteristics of the activities carried out by the company and its subsidiaries, and submits them periodically to the Board of Directors for review; b) implements the guidelines defined by the Board of Directors, ensuring the design, implementation and management of the internal control and risk management system and constantly verifying its adequacy and effectiveness, as well as adapting it to the dynamics of the operating conditions and the legislative and regulatory landscape; c) may entrust the Internal Audit Function with the carrying out of checks on specific operational areas and on the compliance with internal rules and procedures in the execution of corporate transactions, notifying at the same time the Chairperson of the Board of Directors, the Chairperson of the Control and Risk Committee and the Chairperson of the Board of Statutory Auditors; d) promptly reports to the Control and Risk Committee on problems and critical issues that have arisen in the	X		Paragr aph 9.1

performance of its activities or of which it has otherwise become aware, so that the committee may take the appropriate initiatives. The Risk and Control Committee is composed of only non-executive directors, the majority of whom are independent, and is chaired by an independent director. As a whole, the committee possesses adequate expertise in the business sector in which the company operates to assess the relevant risks; at least one member of the committee has adequate knowledge and experience in accounting and finance or risk Paragr management. aph 9.2.1. The Control and Risk committee, in assisting the Board of Directors: X and a) assesses, after consulting the manager responsible Paragr for preparing the company's financial reports, the aph statutory auditor and the Board of Statutory Auditors, 9.2.2. the correct use of accounting standards and,	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
R.35
purposes of preparing consolidated financial statements; b) assesses the suitability of periodic financial and non business model, strategies, the impact of its activities	in the case of groups, their homogeneity for the

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Sectio n
	committee, if any, provided for in Recommendation 1, letter a); c) examines the content of the periodic non-financial reporting relevant to the internal control and risk management system; d) expresses opinions on specific aspects relating to the identification of the main corporate risks and supports the evaluations and decisions of the Board of Directors relating to the management of risks arising from detrimental events of which the latter has become aware; e) reviews periodic and particularly significant reports prepared by the Internal Audit Function; f) monitors the independence, adequacy, effectiveness and efficiency of the Internal Audit Function; g) may entrust the Internal Audit Function with the performance of audits on specific operational areas, simultaneously notifying the Chairperson of the Board of Statutory Auditors; h) reports to the Board of Directors, at least on the occasion of the approval of the annual and half-yearly financial report, on the activities performed and the
	adequacy of the internal control and risk management system.
R.36	The Head of the Internal Audit Function is not responsible for any operational area and reports hierarchically to the Board of Directors. He/she has	X	Paragr aph 9.3

Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
direct access to all information useful for the performance of the task. The Head of the Internal Audit Function: a) verifies, both on an ongoing basis and in relation to specific needs and in compliance with international standards, the operation and suitability of the internal control and risk management system, through an audit plan approved by the Board of Directors, based on a structured process of analysis and prioritisation of the main risks; b) prepares periodic reports containing adequate information on its activities, on the manner in which risk management is conducted and on compliance with the plans defined for their containment. The periodic reports contain an assessment of the suitability of the internal control and risk management system; c) also at the request of the Board of Statutory Auditors, he/she prepares timely reports on events of particular importance; d) transmit the reports referred to in points (b) and (c) to the chairpersons of the Board of Statutory Auditors, the Control and Risk Committee and the Board of
Directors, as well as to the Chief Executive Officer, except in cases where the subject matter of such reports relates specifically to the activities of those persons;

	Principles and Recommendations of the New Corporate Governance Code	Applied (with adaptation s)	Not applied /not applicable	Sectio n	Notes
	e) verifies, as part of the audit plan, the reliability of the information systems including the accounting systems.
R.37	Any member of the Board of Statutory Auditors who on his/her own behalf or on behalf of third parties, has an interest in a certain transaction of the company shall promptly and fully inform the other members of the same body and the Chairperson of the Board of Directors of the nature, terms, origin and extent of his interest. The Board of Statutory Auditors and the Control and Risk Committee exchange information relevant to the performance of their respective tasks in a timely manner. The Chairperson of the Board of Statutory Auditors, or another member designated by him/her, takes part in the work of the Control and Risk Committee.	X		Paragr aph 9.2.1, Paragr aph 9.2.2 and Paragr aph 11.2.1.

AI Terminal

FinecoBank

4321_cgr_2025-03-27_05e233e3-8dde-48cc-af8d-dc13125cfe0c.pdf

REPORT ON THE CORPORATE GOVERNANCE AND OWNERSHIP STRUCTURE

Contents

INTRODUCTION

The diagram below illustrates governance structure of FinecoBank(2):

1.1.1

2. INFORMATION ON OWNERSHIP STRUCTURES (PURSUANT TO ARTICLE 123-BIS, PARAGRAPH 1 OF THE TUF)

a) Share Capital Structure (pursuant to Article 123-bis, paragraph 1, letter a) of the TUF)

b) Restrictions on the transfer of securities (pursuant to Article 123-bis, paragraph 1, letter b) of the TUF)

c) Significant holdings in capital (pursuant to Article 123-bis, paragraph 1, letter c), of the TUF)

d) Securities conferring special rights (pursuant to Article 123-bis, paragraph 1, letter d), of the TUF)

e) Employee Shareholdings: mechanism for exercising voting rights (pursuant to Article 123-bis, paragraph 1, letter e), of the TUF)

f) Restrictions on voting rights (pursuant to Article 123-bis, paragraph 1, letter f), of the TUF)

g) Shareholder agreements (pursuant to Article 123-bis, paragraph 1, letter g), of the TUF)

h) Change of control clauses (pursuant to Article 123-bis, paragraph 1, letter h), of the TUF) and articles of association provisions on takeover bids (pursuant

to Article 104, paragraph 1-ter, and 104-bis, paragraph 1, of the TUF)

i) Delegations to increase share capital and authorisations to purchase treasury shares (pursuant to Article 123-bis, paragraph 1, letter m) of the TUF)

l) Management and coordination activities (pursuant to Article 2497 et seq of the Italian Civil Code)

TUF)

4.1.1 Duties

4.1.2 Competing activities

4.2. Appointment and replacement (pursuant to Article 123-bis, paragraph 1, letter l), part 1, of the TUF)

of the TUF)

-

company organisation

4.4 Functioning of the Board of Directors (pursuant to Article 123-bis, paragraph 2, letter d) of the TUF)

4.5 Role of the Chairman of the Board of Directors

Secretary of the Board

Criteria and materiality thresholds for assessing independence

BIS, PARAGRAPH 2, LETTER D) OF THE TUF)

Environmental and Social Sustainability Committee

Sustainability Committee

Succession plans

of co-option, and where lists are submitted by the Board, of candidates to the position of independent director to be submitted for the approval of the Regulations);

Article 123-bis, paragraph 2, letter d) of the TUF)

COMMITTEE

Board of Directors and Risk and Related Parties Committee;

Board of Statutory Auditors

Control Functions

The Risk Management Function

The Compliance Function

COMPLIANCE OVERSIGHT

COMPLIANCE CULTURE AND GOVERNANCE

MARKETS & REGULATORY REPORTING

INVESTMENT SERVICES

The Anti-Money Laundering and Anti-Corruption Function

(pursuant to Article 123-bis, paragraph 2, letter d) of the TUF)

-

-

- Company;

Financial and non-financial reporting process

management system

- interest;

-

to Article 123-bis(2)(d) and (d-bis) of the TUF)

11.2.1 Diversity criteria and policies

Access to information

Dialogue with shareholders and other relevant stakeholders

C) OF THE TUF)

13.1 Legitimation, procedures for taking the floor and voting

13.2

13.3 Significant changes in capitalisation and composition of the company structure

THE CORPORATE GOVERNANCE COMMITTEE

ANNEX 1

CURRICULA VITAE OF THE COMPANY OFFICERS IN OFFICE AT THE DATE OF THIS REPORT

Paola Generali Director

-

- -2007-2009: Senior Manager, Finance & Risk of Oliver Wyman.

Luisa Marina Pasotti Chair of the Board of Statutory Auditors

ANNEX2

Application Chart of the Principles and Recommendations of the New Corporate Governance Code

More from FinecoBank

Talk to a Data Expert