Nexi — Environmental & Social Information 2020

Apr 10, 2020

2019 CONSOLIDATED NON-FINANCIAL STATEMENT

IN ACCORDANCE WITH LEGISLATIVE DECREENO. 254 OF 2016

This is a traslation of the Italian original "Dichiarazione consolidata di carattere non finanziario 2019". In case of conflict between the English language document and the Italian document, the interpretation of the Italian language document prevails.

CONTENTS

	Letter to stakeholders	3
1	Methodological note 1.1 Reporting standards 1.2 Reporting period and scope 1.3 Reporting process	5 6 7 7
2	Nexi Group history	9
3	Nexi Group business	15
4	Dialogue with stakeholders and materiality analysis 4.1 Nexi Group stakeholders 4.2 Definition of the materiality Matrix	19 20 24
5	Governance 5.3 Corporate Governance 5.4 Board of Directors 5.5 Board Committees 5.6 Board of Statutory Auditors 5.7 Sustainability Governance	29 30 30 31 32 33
6	Internal Control and Risk Management System 6.1 Enterprise Risk Management 6.2 The role of Compliance	35 37 40
7	Conduct integrity and anti-corruption measures 7.1 Code of Conduct 7.2 Organisation, Management and Control Model 231 7.3 Whistleblowing 7.4 Antitrust programme	43 44 45 45 46
8	Next to the Clients and looking to the future 8.1 Customer centricity 8.2 Innovation at Nexi Group 8.3 Data security 8.4 Business continuity and operational excellence	49 50 52 54 55
9	Nexi Group People 9.1 Performance Management 9.2 Training 9.3 Rewards 9.4 Sustainable welfare 9.5 People Survey	59 64 65 66 68 69
10	Health and safety	71
11	Supply chain	75
12	Environmental impact management 12.1 Waste management 12.2 Real Estate strategy 12.3 Data centres solutions 12.4 Responsible consumption	79 81 82 83 83
13	GRI Indicators	85
14	Reconciliation statement of material topics and GRI Content Index	93
15	Auditors' Report	101

1

Together with our Partner Banks we are bringing to Italy cutting-edge technology to help digitalise the Country and simplify the daily life of citizens, businesses and public administration.

LETTER TO STAKEHOLDERS

In 2019 Nexi Group further pursued the consolidation process triggered in 2017, aiming to strengthen its PayTech role in the banking system and to support the digitalisation of payment services in Italy, thus modernising the Country.

The operations completed last year allowed the Group to step up, open new scenarios and increase its investment capacities: elements that are necessary to seize the opportunities that an increasingly dynamic market, which is consolidating on an international level, has to offer. Nexi SpA went public on Borsa Italiana's MTA stock market on 16 April 2019: a crucial phase of the process we undertook, which consolidates our businessstrategy.

In 2019 we also further consolidated relations with our clients: by intensifying dialogue, we want to offer them a careful, calibrated and tailored service in all interactions with the Group, so as to ensure operational excellence and simplicity. Putting the client at the centre of daily activities means investing in technology and expertise, key elements of the transformation process underway, and in the development of human capital.

Thisview was underpinned, in 2019, by a number of facts: we invested in technology more than any other European market player; we launched the first PSD2-compliant open banking platform in the Eurozone; we forged strategic commercial partnerships in all business sectors and we furtherstrengthened our team, adding highly professional members with great expertise, hiring over 400 people in the 2017-2019 three-year period, putting diversity (experience, culture and age) to good use.

Together with our Partner Banks we cooperate actively with universities, research institutes, start-ups and developers. Through widespread scouting and disclosing, we want to bring to Italy the best innovation practices available on the international market, in order to simplify the daily life of citizens, businesses and public administration offices, and to foster a public debate on the benefitsthat digital payment services can bring to our Country's economic and social spheres.

Thanks to such results, Nexi Group is credited with the role of strategic infrastructure for the completion of the Italian digital society. We are now determined to include sustainability in our business model and in the operations we carry out on a daily basis for our clients, so as to achieve high social and environmental standards, respecting natural resources, human rights and diversity. The goal is crystal clear: we want to become the benchmark for the Country's progress and sustainable growth. Our first consolidated non-financial statement illustrates the results attained and the commitments taken so far, always transparently, with a view to create value for all our stakeholders.

We thank all the employees and collaborators of Nexi Group, who work every day with great enthusiasm and putting their expertise to good use, allowing us to achieve such results.

Out of our sense of duty, at Nexi we are all playing our part to ensure a correct functioning of this strategic infrastructure, which now - more than ever - is crucial for our Country.

The Chief Executive Officer Paolo Bertoluzzo

The Chairperson Michaela Castelli

METHODOLOGICAL NOTE

1.1	Reporting standards	6
1.2	Reporting period and scope	7
1.3	Reporting process	7

METHODOLOGICAL NOTE

Reporting standards

Nexi Group (hereinafter, also "Group" or "Nexi") publishes this document, the Consolidated Non-Financial Statement (hereinafter, also "Statement" or "NFS") pursuant to Legislative Decree no.254/2016 (hereinafter, also "Decree") and Consob Deliberation no. 20267 of 18 January, 2018.

The Statement was drafted in accordance with GRI standards, core option, defined by the GRI (Global Reporting Initiative) in 2016 and includes data and information concerning social and environmental aspects, staff, respect of human rights and anti-corruption measures and the Group's characteristics and activities. In accordance with GRI standards in terms of materiality, inclusiveness, sustainability context and completeness, the information reported in this Statement therefore ensures the understanding of Group activities, of the performance, of the impact on activities and stakeholders. The materiality analysis that guided the Group in defining such contents is described on page 24 and ff.

In defining the quality of the data and information reported in the Statement, we implemented GRI Standards for balancing positive and negative aspects, comparability, accuracy, promptness, reliability and clarity. Such data and information were processed through prompt extractions and calculations and, where specifically indicated, through estimates.

The GRI Context Index is available on page 95, it sums up the data and information reported in the Statement, taking into account the identified material aspects.

Nexi Group's Consolidated Non-Financial Statement was approved by Nexi SpA's Board of Directors and was subject to a limited audit by, PricewaterhouseCoopers SpA, in accordance with the criteria set forth under the International Standard on Assurance Engagement 3000 Revised. The Auditors' Report is attached to this Statement.

The Statement has been submitted to Consob supervisory authority and to the Milano, Monza and Brianza Company Register, pursuant to the modalities provided for by the law, and is available on the Nexi Group website, under the section Sustainability.

The Statement will be published regularly, on an annual basis.

Should you wish to request further information on the Statement, you may send an email to the Corporate Social Responsibility Function of Nexi Group csr@nexi.it.

Reporting period and scope

The data and information contained in this Statement concern the performance of Nexi Group over the period running from 1 January 2019 to 31 December 2019, the first year in which Nexi Group, as set up, was subjected to the reporting duties provided for by the Decree. The comparison with the previous years is therefore brief and qualitative.

The reporting scope of the Statement includes the Holding Company, Nexi SpA, and the following, entirely consolidated companies, as at31 December, 2019:

• Nexi Payments SpA, subsidiary, equity share held: 98.92%¹ ;
• Mercury Payment Services SpA,subsidiary, equity share held: 100%;
• Help Line SpA, subsidiary, equity share held: 69.24%.

Possible scope exceptions are reported in the Statement or in the GRI Content Index.

Reporting process

This Statement was drafted pursuant to the organisational procedure "Drafting of the consolidated non-financial Statement", which governs:

• responsibility and involvement of company offices, such as identifying and assessing the relevant material issues;
• extraction, collection and certification modalities of non-financial data;
• accountability activities of the corporate bodies, including the issuing of the favourable opinion of the Control Risk and Sustainability Committee on the materiality Matrix and Non Financial Statement and the approval of both by Nexi SpA's Board of Directors.

¹ The consolidation area also comprisesthe non core company BassmArt Srl, wholly owned byNexi Payments SpA, not relevant in terms of the Statement. Forsuch reason, BassmArt Srl data are not included in the report of some indicators, duly pointed out in the Statement.

NEXI GROUP HISTORY

NEXI GROUP HISTORY

Nexi was instituted on 10 November, 2017, inheriting the experience of ICBPI and CartaSi, with the goal of building, together with banks, the future of digital payment services in Italy. The Group undertakes to achieve such goal through specialisation, technology, expertise and economies of scale, including takeovers. For this reason, in the years that followed, with the aim of consolidating its leadership in digital payments services, the Group took over the company branch handling services for Banca Carige merchants, as a sign of continuity with the transactions carried out with Banca Monte dei Paschi di Siena and Deutsche Bank and with the start-up Sparkling 18 (one of the

THE NAMENEXI

"Nexi" comprises two key concepts: "next", meaning the future, associated with innovative products and services and "next" meaning proximity, associated with banks and millions of citizens and merchants who make and accept digital payments on a daily basis.

most innovative realities in the new digital payments scenario) and it completed the merger, by incorporation in Nexi Payments, with Bassilich SpA and Consorzio Triveneto SpA.

Rebranding (11/2017)

* The closing of the operation, expected to take place by summer 2020, is subject to clearance from the supervisory authority.

Still in 2018 - to make sure our Partner Banks would get the best possible service, a correct focus and all the required investments - a second reorganisation phase of the Group was started, aimed at separating digital payments-related activities from strictly banking-related activities concentrated in DEPObank, the new Italian Depository Bank created from a corporate spin-off and headed by executives and a Board of Directors completely separate and independent from that of Nexi Group.

In 2019 Nexi kept on focusing on the payment business by selling OASI SpA to Cedacri SpA, PayCare Srl to Comdata SpA and Moneynet SpA to IVS Group SA.

On 16 April, 2019 the Holding Company, Nexi SpA² was listed on Borsa Italiana's MTA stock market.

In December 2019, Nexi entered into a strategic agreement with Intesa SanPaolo, which further strengthened a previously existing business partnership between them: the acquisition of Intesa SanPaolo's merchant acquiring branch, which includes some 180,000 merchants. The closing of the operation, to take place by summer 2020, is subject to clearance from the supervisory authority. For Nexi, this operation represents a further step towards a stronger specialisation and towards an industrial scale, completing the path undertaken in 2017.

² As at31 December ²⁰¹⁹ Nexi SpA was held by Mercury UK HoldCo (60.1%), GIC PTE Ltd (3.2%) and 36.7% was floating.

The Group at 31 December 2019 Nexi SpA

The Holding Company Nexi SpA has holding and overseeing powers; it manages and coordinates other companies of the Group.

Nexi Payments SpA

Nexi Payments SpA runs payments and the issuing of electronic money. It is a member of the professional association IMEL (electronic money institutes) and it is subject to the mandatory supervision of the Bank of Italy. It holds 95% of BassmArt Srl, a company that deals with the management of IT, communication and commercial systems in fields such as art, culture and leisure.

Mercury Payment Services SpA

Mercury Payment Services SpA deals with digital payment acceptance by merchants (so-called acquiring) and is a member of the professional association of Payment Institutes. It is subject to the mandatory supervision of the Bank of Italy.

Help Line SpA

It provides its services to some of the major Italian banks, assisting their clients 24 hours a day,365 days a year.

Dichiarazione consolidata di carattere non finanziario 2019

13

NEXI GROUP BUSINESS

NEXI GROUP BUSINESS

"One day paying without cash will just be normal for everyone. That day is today."

Nexi believes that all payments will be digital, because it's handier, quicker, safer and because payment digitalisation can simplify people's lives, foster the development of businesses, improve public administration efficiency, hence supporting the growth of the Country as a system.

Nexi's mission is therefore to build, together with the banks, the future of digital payments in Italy, guiding their evolution, simplifying them, improving user experience, thus facilitating the purchase process for both clients and banks.

Consistently with its mission, in 2019 Nexi started the executive phase of its 2019-2023 strategic plan, the goal being that of consolidating its leadership in the digital payments market through investments in technology, services and expertise. The Group's strategy is based on five pillars:

• organic growth of business, leveraging product and service leadership;
• operational excellence, to provide simple and efficient services to the client;
• investments in technology, in expertise, in strengthening partnerships with banks;
• development of best-class talents and professionals in the sector;
• achievement of economies of scale and knowhow development via targeted acquisitions and partnerships.

Nexi Group is a leading digital payments company in Italy and has consolidated partnerships with some 150 banks; together, they manage over 41 million payment cards held by approximately 30 million cardholders, serve 900,000 merchants, operate 13,400 ATMs, 469,000 e-banking terminals, as well as 900 million clearing services transactions.

Nexi Group's business is based on long-term relations with about 150 banks, which account for 80% of the national banking market in terms of number of branches.

Nexi Group business units

Using its technology, Nexi Group connects banks, points of sale and citizens, making digital payments possible. The Group's business breaks down into three business units that cover the entire supply chain and the digital payments marketservices: Merchant Services & Solutions, Cards & Digital Payments and Digital Banking Solutions.

compared to the same

period

+6.9 in 2018 %

Merchant Services & Solutions

This business unit offers services and products for the merchants' acceptance of digital payments, it runs the POS payment terminals and customer care activities through the Help Line.

In 2019 the Group invested consistently in the development of services for big clients, through partnerships both with renowned, large-scale retailers and with e-commerce companies, offering innovative, mobile and omnichannel payment solutions.

Profit totalling

(accounting for roughly 49% of the Group's overall profit)

Cards & Digital Payments

This business unit provides products and services associatedwith physical and digital payment cards, for citizens and enterprises. It also worksto guarantee top-notch transaction reliability and safety by means ofsophisticated anti-fraud systems.

Profit totalling approximately Euro 387 million

(accounting for about 39% of Group profit)

compared to the same period in 2018 %

Digital Banking Solutions

This business unit offers a wide range of products and services to banks, payment institutes and electronic money institutes: from Clearing and Settlement services to the management of money collections and payments through the pertinent back-office activities, from Instant Payments to Digital Corporate Banking, from intermediation/brokerage and regulation services to public administration digitalisation services. On top of that, it provides self-banking ATMs, open banking solutions to help banks transform services, in accordance with the new European directive 2015/2366 on payment services (known as PSD2).

³ Profit in ²⁰¹⁹ included less ATM reselling activities compared with 2018. Net of such transaction, the ²⁰¹⁹ turnover of Euro ¹¹⁶ million is approximately 2% up compared with 2018.

DIALOGUE WITH STAKEHOLDERS AND MATERIALITY ANALYSIS

4.1 Nexi Group stakeholders	20
4.2 Definition of the materiality Matrix	24

DIALOGUE WITH STAKEHOLDERS AND MATERIALITY ANALYSIS

Nexi Group stakeholders

For Nexi, interfacing with stakeholders is an opportunity to better understand their needs and expectations, to then act upon them for defining corporate strategies. Dialogue with stakeholders is also considered a tool to manage and anticipate change in order to enhance services and products, as well as standard of living in the areas it operates.

Nexi Group stakeholders have been identified by analysing internal documents and by interviewing the management, considering the variables envisaged by the AA1000 Stakeholder Engagement Standard:

• accountability: subjects towards which we are, or we may be in future, accountable on legal, financial and operational levels;
• influence: subjects that are, or may, in the future, be able to influence the Group's ability to achieve its goals;
• tension: subjects that require immediate attention with reference to economic, social or environmental issues;
• dependence: ssubjects that greatly depend on the Group for their safety, subsistence, health or wellbeing;
• different standpoints: subjects whose different stances may help identify new opportunities.

Nexi Group stakeholders engagement modalities

Nexi holds direct relations with its stakeholders, on a daily basis. The issues dealt with and the modalities adopted for identifying the needs of all stakeholder categories and engaging them are detailed below.

Clients

Nexi Group clients break down into private customers, merchants, banks, businesses and public administration. Clients have their say through Customer Satisfaction surveys and we also identify their needs measuring the indicator of the Net Promoter Score (NPS). Our dialogue with Partner Banks also features several meetings, aimed at sharing strategic views on innovation in digital payment services and supporting their daily activities. Such activities and survey results are further described

under the section "Next to the Clients and looking to the future".

Employees

Dialogue with employees aims at informing, involving, engaging and making all colleagues participate in corporate initiatives, both the ones linked to typically HR issues (annual performance evaluation processes and People Surveys, as reported under the section "Nexi Group People") and the ones linked to the brand, to the business strategy, to products and services and to commercial activities.

Dialogue also aims to convey and strengthen company Values, engaging all colleagues in all daily activities through engagement initiatives, such as:

• internal functional and inter-functional events;
• corporate newsletter ("NOI");
• intranet section constantly updated with the main information concerning HR issues and business news;
• short video clips and emails. All video clips are subtitled, to allow employees with hearing problems to take part in company activities.

Institutions and Regulators

Relations with Regulators are dealt with on a daily basis through specific functions (Compliance & AML, complaints department, Legal & Strategic Affairs) that work to ensure compliance with the laws and to respond to all mandatory information requests orspecific requests. The Group has also joined the major national financial categories and actively supports dialogue with institutions on issuesregarding the Country's digitalisation process.

	NEXI GROUP IS A MEMBER OF THE FOLLOWING MAJOR ASSOCIATIONS
ABI - ASSOCIAZIONE BANCARIA ITALIANA	Italian Banking Association, which promotes initiatives for the growth of the banking and financial sector, with a view to boost competition, consistent with national and EU regulation.
ABI LAB	Research and Innovation Centre for the banking sector, sponsored by ABI to foster cooperation among banks, businesses and institutions for research and dissemination activities.
CONSORZIO CBI - CUSTOMER TO BUSINESS INTERACTION	Consortium created with ABI's support, which aims to digitalise payments and money collections. It manages "Servizio CBI", "Servizio CBILL" and Node services, defining the rules and technical/regulatory standards with a context of cooperation.
CTC - CONSORZIO PER LA TUTELA DEL CREDITO	A non-profit consortium that manages a system of positive and negative credit-related information (previously known as Risks Unit) for the containment of credit and operational risks, serving credit agencies, banks and citizens.
ASSOFIN - ASSOCIAZIONE ITALIANA DEL CREDITO AL CONSUMO E IMMOBILIARE	Association that gathers the major financial operators working in the consumer credit sector. It provides its members with coordination and representation services, legal, tax-related and administrative information and advice on issues of common interest through its internal Committees and by resorting to professionals and consultants.
ASSBB - ASSOCIAZIONE PER LO SVILUPPO DEGLI STUDI DI BANCA E BORSA	Association founded in 1973 to stimulate the academic and research sphere's interest in economic, financial and banking studies, so as to raise awareness and boost the professional development of our Country's banking and financial operators.
ASSONEBB - ASSOCIAZIONE NAZIONALE ENCICLOPEDIA DELLA BANCA E DELLA BORSA	Association for the development and spreading of the banking and financial culture, founded in 2005 following the transformation of the Institute of Banking Encyclopaedia and of Borsa SpA, founded in 1972 by a group of banks, including the Bank of Italy.
AGCM - AUTORITÀ GARANTE DELLA CONCORRENZA E DEL MERCATO	Independent administrative authority that supervises market competition.

Investors

Following Nexi's listing on Borsa Italiana's MTA stock market on 16 April, the Group has intensified its active and constant dialogue with investors and with the global financial community, in order to facilitate a better understanding of its business model, strategy, evolution and competitive position in the sector of reference, to ensure a fair assessment and build a long-lasting base of shareholders. In 2019, the Investor Relations Function met with 366 institutional investors, organising:

• six days of international conferences;
• a nine-day roadshow in major European and U.S. cities;
• one-to-one meetings/group meetings/conference calls;
• four institutional conference calls, to show the markets its quarterly economic performance and the deal sealed with Intesa SanPaolo to take over the merchant acquiring business.

In 2019, Nexi, through its Corporate Social Responsibility Function, started a proactive dialogue with the main ESG providers and ESG investment funds

through conference calls and participation in dedicated events. The Group also attended, for the first time, the assessment activities of Vigeo-Eiris and ISS-ESG, obtaining from the latter the status of Prime⁴.

Innovation community

Nexi, for the development of the Group's innovative solutions, constantly cooperates with an international ecosystem of fintech companies, start-up accelerators and incubators, commercial partners and developers and start-ups themselves.

The main initiatives taken by the Group in the field of innovation in 2019 were the following:

• Milano Digital Week;
• FinTech Stage Festival;
• Wired Next Festival;
• 2 Kaggle days events with data scientists;
• Cerved Next;
• Wired trends 2020.

In 2019, the Group also held:

• a developers engagement programme (234 participants in the training programme, four training episodes, four video clips, four tech articles, four tests, identification of Nexi's Tech Ambassador);
• a DEV Community attended by 633 people;
• 10 events with target developers (Codemotion, Web marketing Festival, Prestashop and Digital Design Days).

Schools and Universities

Nexi liaises with schools and Universities and promotes dedicated digitalisation events.

• In particular, in 2019, Nexi:
• sponsored the 7th edition of"Una vita da social", an itinerant educational campaign promoted by the Postal and Communications Police and by the Ministry of Education, University and Research, as part of the Safer Internet Centre - Connected Generations project;
• supported the #zerobullismo project and contest, together with the association Every Child is my Child and with the Authority for Childhood and Adolescence, to counter the problem of bullying and cyberbullying, raising the younger generations' awareness of a correct use of the Internet, social networks and digital platforms. The project involved 75 differentschools;
• was the main partner of the Italian edition of Campus Party, the leading event on innovation and creativity that took place inMilan in July 2019, featuring severalmeetings attended by 20,000 participants;
• took part in #STEMintheCity, an initiative promoted by the Municipality of Milan together with several private and public partners and sponsored by the United Nations, aimed at spreading STEM culture (Science, Technology, Economics and Mathematics) and removing cultural barriers that drive student girls away from technical and scientific subjects.

Community and territory

Nexi, aside from the contribution ensured through its services and products, thought up to simplify the life and work of citizens and public administration, constantly fosters public debates and supports the spread of digital culture, not only through initiativesthought up forschools and Universities, but also through specialised training programmes for members of the judicial authority and of the criminal investigation police.

⁴ The "Prime" status certifies that Nexi meets ESG requirements for the specific "Software and IT Services" sector.

In particular, in 2019, Nexi set up seven training courses:

• Guardia di Finanza (Finance Police) Scuola di Formazione, Mestre, number of participants: 30;
• Direzione Nazionale Antimafia (National Anti-Mafia Bureau), Rome, number of participants: 25;
• Guardia di Finanza Nucleo Speciale Polizia Valutaria (Finance Police - Tax Police Special Unit), Rome, number of participants: 50;
• Carabinieri Comando Antifalsificazione Monetaria (Carabinieri - Unit for Combating Counterfeit Money), Rome, number of participants: 15;
• Carabinieri Marche (Carabinieri Regional Unit of the Marches), Macerata, number of participants: 60;
• Ministero degli Interni Polizia di Stato (Interior Ministry, State Police), Rome, number of participants: 30;
• Compartimento Polizia Postale (Postal Police), Milan, number of participants: 20.

Suppliers

The Group's Supply Chain Management Function and the figures in charge of expenditure regularly liaise with their suppliers, throughout the entire term of the contract. The Function also monitorsthe pertinentsatisfaction level. In some cases,specifically thought-upmeetings are held to address business issues, to overcome possible misunderstandings and to seize possible market opportunities.

Mass media

Relations with the mass-media are handled by the External Communication & Media Relations Function, which makes sure that all messages transmitted to the main press bodies, including digital ones, are consistent with corporate guidelines andwiththe activities carriedoutby theGroupwhile ensuring an adequate reputation and image of the Group. The website www nexi it regularly discloses all the issued press releases (the financial ones under the Investors section, the business ones under the Media Relations section). In particular, in 2019:

• media activities ensured a communication that was consistent with the listing process and in line with IPO-related regulatory tasks;
• press office activities consolidated the PayTech role of banks, increased the value of corporate products and services and favoured major commercial and business deals;
• media relations activities were conducted at relevant events and conventions, to boost the visibility of the company's participation.

Furthermore, still in 2019:

• 50 press released were issued, 23 of which concerning products/services/trade deals and 27 corporate aspects;
• 4,685 articles about Nexi were published on the national media: that's a 115% increase compared with the previous year.

Environment

Nexi talks to local and national institutions to make sure it meets law requirements concerning environment preservation. Nexi also liaises with AIAS (Italian Professional Association for Environment and Safety) through its Prevention and Protection Services Officer and is a Golden Donor of FAI (Italian Fund forthe Environment).

In 2019, no particular issues emerged from the dialogue with stakeholders.

The suggestions and improvement areas that emerged from the employee and customer satisfaction surveys are included under the sections "Nexi Group people" and "Next to the Clients and looking to the future".

Definition of the Materiality Matrix

Nexi conducted a materiality analysis involving the Group Functions, Top Management and corporate bodies. Material issues have been identified taking into account sector characteristics and benchmarks, the expectations of the Group's stakeholders and the strategic pillars of the business plan.

We have considered relevant the material issues that strongly impact the Group's economic, social and environmental performance and that could significantly affect stakeholder assessments and decisions, according to GRI standards.

The materiality analysis process breaks down into the following phases:

• identification of material aspects of the Group through the analysis of external sources and benchmarking activities for identifying the main reference laws, as well as national and European orientations (with a focus on the pertinent sector) and internal sources (in particular, the Group's Values and strategy, as well as the issues reported in the 2018 ESG Report⁵);

.

⁵ The "Environmental Social and Governance Report 2018" includes information on environmental, social and staff-related aspects, on the respect of human rights and on Nexi Group's anti-corruption measures. The Report was drafted pursuant to GRI Standards (core option) and submitted to independent advisors KPMG SpA for a compliance assessment with reference to a limited assurance. The Report is available on the website www nexi it under the section Investors, in the "2018 Report and Financial Statements" of Nexi SpA.

• relevance assessment of the Group's material issues, through 22 interviews with the middle management of alltheGroup's Functions and interviewswith the Top Management;
• identification of relevance of the stakeholders' material issues through the same interviews conducted for the management, mentioned above, considering, for all interviewed Functions, the dialogue and engagement channels used for each reference stakeholder;
• sharing of the assessment results with the Top Management, the Chief Executive Officer and the Chairperson of Nexi SpA, so as to ensure alignment with the businessstrategy;
• presentation of the materiality Matrix draft to the Control Risk and Sustainability Committee for a pre-emptive opinion, on 5 February 2019;

- approval of the materiality Matrix by the Board of Directors at the meeting held on 8 November 2019.

The materiality Matrix will be updated on a yearly basis, or more frequently, depending on the evolution of the Group's internal and external context, in accordance with the provisions of the organisational procedure "Drafting of the consolidated non-financial Statement".

In updating the 2020 materiality Matrix, the Group undertakes to directly involve the stakeholders in the material issues relevance assessment, in order to ensure the principle of inclusiveness of the stakeholders themselves and to better meet their expectations and interest.

NEXI GROUP'S MATERIALITY MATRIX

engagement channels used for each stakeholder of reference.

Relevant material issues for Nexi Group and its stakeholders6.

Clients

• Privacy and data security

Protection of privacy and permanent monitoring of corporate data security, including IT security.

• Customer satisfaction

Constant commitment in meeting the daily requirements of our clients, offering products and services that meet their needs, making sure that as many clients as possible enjoy access to the services offered.

• Business continuity

Reliability and operational continuity of the offered services.

•Operational excellence

Operational excellence for Clients and Partner Banks.

•Innovation

Innovation, through digitalisation and new technologies, of the business model and of the services offered.

• Transparency and fairness

Information and process transparency, ensuring a simple and correct communication with Clients and markets.

⁶ The material issue concerning respect of Human Rights was assessed taking into account the territorial, regulatory and business framework the Group operates in; it was then included in the following relevant material issues: "Employment and dialogue with trade unions", "Diversity and equal opportunities", "Promotion of health and safety", "Sustainable well-being and welfare".

Employees

• Staff training and development

Development and consolidation of the employees' expertise and skills.

• Talent attraction & Employer Branding

Attraction and retention of talents, ensuring a working environment consisting of competent, motivated and satisfied employees.

• Staff assessment and remuneration policies

Evaluation of career performance and development strategies in order to give employees the due value and ensure adequate remuneration.

• Diversity and equal opportunities

Adoption of initiatives promoting diversity and inclusion, preventing all forms of discrimination and guaranteeing fair growth.

• Well-being and sustainable welfare

Attention to well-being in the workplace and in the corporate environment in general, with a view to work-life balance and the needs of employees and their families.

• Employment and dialogue with trade unions

Management of turnover and hiring of employees in accordance with the workers' rights, promoting relations with workers' union representatives.

• Promotion of health and safety

Prevention, handling and training with reference to health and safety in the workplace.

Community

• Payment digitalisation in Italy

Supporting the Country's modernisation process with expertise and business solutions aimed at spreading digital payments.

Environment

• Energy efficiency and CO² emissions

Optimisation of consumption and actions in order to cut emissions.

• Responsible consumption and waste management Optimisation of resource use, focusing on the use of plastic and paper, and responsible waste disposal, promoting circularity.

Anti-corruption measures

• Conduct integrity

Promoting ethical compartments and countering active and passive corruption.

Supply Chain

• Responsible management of the supply chain

Responsible procurement and service quality monitoring.

GOVERNANCE

5.1	Corporate Governance	30
5.2	Board of Directors	30
5.3	Board Committees	3 1
	5.4 Board of Statutory Auditors	32
	5.5 Sustainability Governance	3 3

GOVERNANCE

Corporate Governance

Nexi Group's Corporate Governance followsthe recommendations and standards of the Corporate Governance Code of Listed Companies, promoted by Borsa Italiana. The corporate governance structure is based on a traditional model, consistent with the relevant laws on listed issuing companies, and breaks down asfollows:

• • Shareholders Assembly: this body expresses its opinion on the paramount decisions of the company, appointing the Board of Directors, approving the consolidated financial statement and amending the Statute;
• • Board of Directors: tasked with taking all the measures it deems necessary to achieve company goals, other than what the law explicitly assigns to the Assembly. The Board of Directors also devises Nexi Group's unitary business plan, aided by the several Board Committees;
• • Board of Statutory Auditors: body that holds administration-supervising tasks.

On 13 February, 2019, Nexi's Shareholders Assembly entrusted to PricewaterhouseCoopers SpA the legal audit of the Group'sstatutory and consolidated financial statements for the financial years 2019-2027 and the limited audit of the Group's consolidated financial statement for the half-year reports closing at 30 June of those financial years.

Governance also includes the organisation of powers and proxies.

All the information concerning Nexi's Corporate Governance is included, as duly authorised, in a separate report approved by Nexi's Board of Directors, the Report on Corporate Governance and Ownership Structures, drafted pursuant to article no. 23-b of the TUF and available on the website www nexi it under the section Governance.

The Board of Directors

The 13 members of Nexi's Board of Directors in office were appointed by the Shareholders Assembly on 13 February, 2019, for a term of three financial years, ending upon approval of the financial statement at 31 December, 2021.

The Board of Directors members meet integrity requirements, as well as the expertise and honesty criteria, in accordance with the law, they are also subject to the so-called prohibition on interlocking.

Pursuant to the Corporate Governance Code of listed companies, the Board of Directors, through coordinated actions with the Remuneration and Appointments Committee, conducted its assessment, with reference to 2019, on the size, composition, diversity and functioning of the very Board and its Committees. In particular: at least one third of the Board of Directors members in office belongs to the less-represented gender (roughly 31% of the Board of Directors members are women) and the Board of Directors is well balanced in terms of members that have a good knowledge of Nexi and of its Top Management and more recently appointed and independent members, who have the diversified expertise required to ensure an adequate composition of the Board itself.

ROLE OF THE CHAIRPERSON

Pursuant to article no. 17 of the Statute, the Board of Directors appoints one of its members as its Chairperson, if the Assembly hasn't already done so. The Chairperson convenes and chairs the Board of Directors, drafting its agenda and making sure that strategically relevant issues are given priority.

The Chairperson holds no managerial power of attorney, hence does not have an operating role.

ROLE OF THE CHIEF EXECUTIVE OFFICER

The management of Nexi Group is entrusted to the Chief Executive Officer, who also acts as General Manager.

The Chief Executive Officer, consistent with the policies established by the Board of Directors, manages and coordinates the several corporate sectors in order to implement the Group's unitary business model. The Chief Executive Officer guarantees the unitary coordination and management of the companies that fall within the Group's scope.

The self-assessment results were presented and discussed at the Board meeting held on 6 March, 2019 and summarised in the Report on Corporate Governance and Ownership Structures.

The Shareholders Assembly decides the remuneration of the Board of Directors' members. Further information on the policies and remuneration concerning the Board of Directors and Executives holding strategic tasks is provided in the Remuneration Report available on the website www nexi it under the Governance section.

Board Committees

In order to comply more efficiently with the rules and support the Group's decision-making processes, the Board of Directors has instituted, within its scope and through specific deliberations, the following Board Committees, which feature their own operational rules:

• the Strategic Committee provides advice, among other things, on the Group's strategic plans, business line performance, extraordinary operations, financial strategies and policies and organisational structure of the subsidiaries;
• the Risk Control and Sustainability Committee provides opinions on specific aspects concerning the identification of the major corporate risks, monitors the autonomy, adequacy, efficacy and efficiency of the Audit Function and makes suggestions/gives advice to the Board of Directors on sustainability-related issues;
• the Remuneration and Appointment Committee offers advice and suggestions to the Board of Directors when defining the remuneration policies for Board of Directors members and executives holding strategic responsibilities;
• the Related Party Committee provides opinions on transactions with the Group's related parties.

The members of the Board Committees are appointed by the Holding Company's Board of Directors in accordance with the pertinent regulations approved with the deliberation of 8 March 2019, which regulate composition, tasks and operating models.

BREAKDOWN OF THE BOARD OF DIRECTORS AND OF THE BOARD COMMITTEES

Office	Member	Executive	Strategic Independent Committee	Risk Control & Sustainability Committee	Remuneration and Appointment Committee	Related Party Committee	Age (30-50)	Age	(>50) Gender
Chairperson	Michaela Castelli		X				X		F
Vice Chairperson	Giuseppe Capponcelli		X					X	M
Director	Paolo Bertoluzzo	X	X					X	M
Director	Luca Bassi		X		X		X		M
Director	Francesco Casiraghi		X	X			X		M
Director1	Elisa Corghi		X	X			X		F
Director	Simone Cucchetti		X				X		M
Director	Federico Ghizzoni							X	M
Director	Maurizio Mussi						X		M
Director	Jeffrey David Paduch		X				X		M
Director	Antonio Patuelli		X			X		X	M
Director	Marinella Soldi		X	X	X	X		X	F
Director	Luisa Torchia		X		X	X		X	F

1. Member Robin Marshal resigned from office, owing to newly occurred professional reasons, effective as of 26 September 2019. That very day, the Board of Directors appointed, as co-opted member, Elisa Corghi, also appointing her Chair of the Risk Control and Sustainability Committee.

The Board of Statutory Auditors

The Board of Statutory Auditors, consisting of three statutory auditors and two alternate auditors, appointed by the Nexi SpA Shareholders Assembly on 13 February, 2019, checks that Holding Company Nexi SpA correctly conducts strategic control and management activities over the Group's companies and that it works closely with the subsidiaries' relevant bodies.

All auditors meet the professional, integrity and independence requirements set forth by the laws and there is sufficient diversity among its members in terms of gender, age, experience and know-how and educational background⁷.

Nexi SpA's Board of Statutory Auditors also acts as the Holding Company's Supervisory Body 231.

Office	Member
Chair	Piero Alonzo
Statutory Auditor	Mariella Tagliabue
Statutory Auditor	Marco Giuseppe Zanobio
Alternate Auditor	Tommaso Ghelfi
Alternate Auditor	Andrea Carlo Zonca

⁷ The diversities of the Board of Statutory Auditors result from the self-assessment process of Nexi SpA's Board of Statutory Auditors for the financial year 2019, presented and discussed at the BoD meeting of 6 March, 2019 and summarised in the Report on Nexi SpA's Report on Corporate Governance e Controlling and Ownership Structures.

Sustainability Governance

The Board of Directors is the body that sets goals and commitments in terms of sustainability and assesses the associated risks, opportunities and improvement areas. In doing so, it is supported by the Risk Control and Sustainability Committee (which offers advice, makes proposals and performs preliminary actions for the Board) and is assisted by the Corporate Social Responsibility Function.

In particular, the Risk Control and Sustainability Committee examines and assesses sustainability issues associated with running the business activity and with stakeholder interaction, as well as the data collection and consolidation system for drafting the consolidated non-Financial Statement.

The Corporate Social Responsibility Function coordinates and monitors the overall process for the drafting of the Statement and coordinates the sustainability strategy development, assisted by the Functions in charge of relevant sustainability management issues identified from time to time.

Nexi's Corporate Social Responsibility Manager reports to the Risk Control and Sustainability Committee at least once a year, when drafting the consolidated non-Financial Statement.

In 2019 and in the early months of 2020, the Committee attended four meetings, to discuss:

• work plans, roles and responsibilities of the Non-Financial Statement drafting process;
• identification of relevant material issues and opinions on the materiality Matrix;
• opinion on the contents of the 2019 consolidated non-financial Statement;
• benchmarking activities on sustainability-related issues;
• definition of the Sustainability Policy;
• analysis of the ESG (Environmental, Social and Governance) rating as part of the sustainability performance assessment the Group is involved in;
• evaluation of the Group's commitments in terms of sustainability.

In 2020, Nexi's Board of Directors will approve the Nexi Group Sustainability Policy in order to outline the Group's strategies and commitments in the sphere of social and environmental sustainability. The Policy shall be made available on the website www nexi it under the section Sustainability.

INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM

6.1 Enterprise Risk Management	37
6.2 The role of Compliance	40

INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM

Nexi SpA's Board of Directors has implemented an InternalControl and RiskManagement Systemthat complies with the provisions of the Corporate Governance Code and is consistent with the nature and size of the enterprise, in order to define the Group'srisk-management strategies and policies, and assess the suitability of the organisational, administrative and accounting structures ofstrategically relevantsubsidiaries⁸.

The Internal Control and Risk Management System is actually formed by the set of rules, procedures, organisational structures and resources, for the following purposes:

• efficiency and efficacy of corporate processes;
• preservation of the value of activities and protection from economic losses;
• reliability and integrity dof accounting and management information;
• ⁻compliance with the governing laws⁹, and with internal policies, plans, regulations and provisions.

The implementation and the assessment of the organisational, administrative and accounting structures and of the internal control and risk management system of subsidiariesNexi Payments and Mercury Payments Services are exclusively to be dealt with by the corporate bodies of said subsidiaries, pursuant to the supervision rules, as enacted in the Group Regulation on management and coordination activities.

The task of verifying the adequacy and efficacy of the Group'sInternal Control and Risk Management System on the whole, including information and information security, as well as compliance with the laws, Statute, supervisory rules, regulation and internal provisions, is entrusted to the Audit Function,which in 2019 issued its Internal Manual, which setsthe benchmarks and all the crucial steps to be followed in the audit process. In 2019 the Policy regulating the independent audit activities on Nexi and its suppliers was also issued. The aforesaid measures are part of the effort aiming to constantly enhance the efficacy of audit activities, particularly through an increasingly clear and direct link with the major corporate risks.

Verification and control activities included in the 2019 Audit Plan:

• Nexi Payments: verification of the compliance of the Management System for health and workplace safety, with reference to the requirements set forth by the BS OHSAS 18001:2007 standard, which entails full compliance with the regulatory aspects concerning worker safety and health, as provided for by Legislative Decree no.81/2008 and subsequent amendments and integrations;
• Mercury Payment Services: check of environmental crimes as per Legislative Decree no. 231/2001;
• Help Line: check of the adequacy of the Certification Management Systems UNI EN ISO 9001:2015 (Quality) and UNI EN 15838 (contact centre activities).

⁸The assessment of the organisational, administrative and accounting structure, with reference to the Internal Control and Risk Management System, is detailed in Attachment B to the Report on Remuneration available on the website www nexi it under the Governance section.

⁹ With specific reference to the supervisory and monitoring rules of payment systems for the supervised companies Nexi Payments SpA and Mercury Payment Services SpA.

Second-tier checks, which help define corporate risk measurement methodologies, check compliance with the limits ascribed to the several operational functions, check operational consistency of the individual productive areas with the ascribed risk-yield targets and with corporate operational rules of the Group's supervised companies, are entrusted to functions other than operational ones, specifically:

• the Risk Management Function, which includes the Operational Risks office, whose staff includes the Information Security Manager;
• the Compliance & AML Function (hereinafter, also "Compliance"), which encompasses the Anti-Laundering Function and the Group's Data Protection Officer (DPO) and strictly operates within the relevant regulatory scopes.

These are supported by the so-called Subject Matter Experts, namely, corporate structures that must ensure the activities and processes' constant compliance with the relevant regulations.

The Audit, Risk Management and Compliance Functions all work closely with the Board of Statutory Auditors and report to the Board of Directors and to the Risk Control and Sustainability Committee.

Enterprise Risk Management

In 2019, the Risk Management Function started working on the new Enterprise Risk Management (ERM) framework, which, in line with the Top Management's new vision and consistent with the recommendations of the Corporate Governance Code of listed companies, focuses on the management of major risks for the creation and protection ofvalue, by integrating risk management culture and practices in the processes that define performance strategies and management.

The ERM model mission and its benchmarks

The NEXI ERM model defines "risk" any uncertain event that may affect the achievement of goals or corporate strategies and impact performance, operations and/or reputation. The ERM model's mission is therefore to promote decision-making based on awareness, on expected results and on underlying risk profiles, thus ensuring an adequate management that is consistent with the company's propensity to risk.

To this end, Nexi Group's ERM model's goal is fourfold:

• to identify, prioritise and regularly monitor the major corporate risks, so as to guide investments and resources towards the most critical and relevant exposures for the Group's business;
• to assign roles and responsibilities for managing corporate risks in a clear and shared way;
• to give value the existing Risk Management permanent monitoring units, coordinating and enhancing them if possible;
• to spread the culture of risk and risk-based approach in the Group's decision-making processes, boosting the management's awareness of the major risks the company is exposed to.

The principles underpinning Nexi's ERM model are the following:

• comprehensive vision: by analysing all types of risk the Group is or might be exposed to under ordinary or stress situations;
• value-driven approach: focus on the most significant risks that may impact the Group's value drivers, the attainment of strategic goals and/or the business' sustainability in the long run;
• top-down approach: the Top Management, assisted by the Risk Management Function, identifies, prioritises and manages the major corporate risks;
• actionability: targeted use of the managed resources and mitigation of risks for which Nexi has leverage;
• collaboration: all organisational units of the Group are urged to actively contribute, consistent with their areas of expertise and activities, to the identification, assessment and management of risks, in accordance with the risk propensity defined by the Holding Company's Board of Directors;
• transparency: to be ensured with reference to the Group's risk profile and Board of Directors risk management strategies, as well as adequate information to shareholders and all relevant stakeholders.

Consistent with the Group's values, Nexi counters risks that may:

• lead to non-compliance with regulations, Supervisory Authority provisions and/or other rules applicable to the Group;
• lead to an interruption in the supply of services to Clients;
• jeopardise the protection of the data processed in Group operations.

NEXI'S ENTERPRISE RISK MANAGEMENT PHASES
------------------------------------------

RISK IDENTIFICATION	The Top Management deals with the identification of risk together with Risk Management Function. This activity aims to identify the major risk factors at the strategic level that may undermine the attainment of Group goals.
RISK EVALUATION	The risk assessment phase aims to prioritise previously identified events as a function of residual exposure, taking into account the mitigation actions set in place and the management system's consolidation in that respect.
RISK RESPONSE	For each of the risk identified in the previous phase Top Management evaluates the adequacy of the Management System set in place and consequently identifies the most suitable management strategy.
RISK MONITORING	The progress of action plans is regularly monitored so as to ensure proper and timely risk mitigation. Furthermore, the functions must report emerging risks in timely fashion.

RISK CATEGORIES POTENTIALLY APPLICABLE TO NEXI

Risk categories	Description	Risk management goals
Strategic risks Typical risks of the business, which can affect the Group's performance, particularly strategic decisions and/or significantly affect the Group's business model and its concrete applicability.		The risk management aims to raise awareness, including by quantifying the impact on corporate targets, where possible, so as to support decision making processes, making them more risk-aware.
Operational risks	Risks connected to the efficient and/or effective fulfilment of business processes, including those related to security, legal and contractual risks and/or those related to ICT systems, with negative repercussions on the Group's operations and/or performance.	The goal is to mitigate, in terms of impact and/or probability and from a costs/benefits standpoint that is consistent with the defined propensity to risk.
Non-compliance risks	Risks leading to judicial or administrative sanctions, significant financial losses or reputation damage as a result of the infringement of binding rules (laws, regulations), namely self-regulatory ones (e.g. statutes, codes of conduct, self-regulation codes).	Given the nature of such risks, compliance actions aim to minimise the event, taking in due account the timing necessary for adjusting to new, particularly complex rules and the alignment of new products and services to the regulatory framework in a rapidly evolving international market.
Financial risks Risks associated with the availability of capital, credit and liquidity management, and/or linked to the volatility of the main market variables (interest rates, exchange rates, etc).		Risk management activities aim to measure and monitor risks, ensuring a management that is consistent with the propensity to risk and with the established limits.

Identifying and evaluating ESG risks within the risk assessment

Since the goal is to both create and protect the value of all its stakeholders, Nexi considers Risk Management activities an integrating part of its sustainability strategies. Indeed, the structured and proactive management of corporate risks enables it to reduce, in time, the volatility of company performance and to protect tangible and intangible assets, which are the pillars of the Group's sustainability in the medium-long run.

The Risk Management Function collaborates in a

structured way with the Corporate Social Responsibility Function when it comes to managing ESG-specific matters, so as to ensure a better monitoring of the risk. Both Functions regularly submit the results of its activities to the Risk Control and Sustainability Committee. In 2019, the Group's risk assessment process also included ESG risks, specified in the risk model, in order to facilitate their identification and assessment during the interviews with the people involved in the process.

The following table highlights the relation between the materiality Matrix and the major ESG risks that emerged throughout the Enterprise Risk Management process, as well as the mitigation plan.

Relevant material issues	ERM Risks	Risk description	Mitigation plans
Privacy and data security	GDPR; Cyber Risk	Risk of theft or compromising of the personal data processed by the Group following external cyber attacks and/or disclosure of internal data and consequent impact on reputation or sanctions, pursuant to the GDPR	• Policies and procedures on IT security and data protection • Training/awareness of IT security • Technical monitoring for protecting data from external access (IPS, WAF, VPN with strong authentication, etc.) and internal access (DLP, tokenisation, database cyphering, etc.) • Cyber insurance coverage • ISO 27001 and PCI-DSS certifications
Business continuity	Business Interruption	Risk for the systemic or critical systems of the Group, or of an outsourcer, to be interrupted/unavailable due to natural events, possibly caused by climate change, resulting in the inability to serve Clients (banks, merchants and end customers) appropriately, in terms of timing and modalities	• Business Continuity and Disaster Recovery plans, tested on a yearly basis on the major critical processes and systems, collaborating (where possible) with our main outsourcers • Constant Risk Assessment and mitigation plans for the major operational risks • Business continuity and crisis management policies and procedures • Staff training on operational continuity • ISO 22301 certification
Responsible management of the supply chain	Vendor Risk	Risks10 of: • activity interruption, due to an operational block by the supplier • transfer of critical, not adequately protected know-how • outsourcing of critical skills; • suppliers' access to confidential data/ information • suppliers' financial and/or ethical conduct not consistent with Nexi principles • employment-related disputes • conflict of interests	• Mapping of suppliers and analysis of the risk scenarios associated with supply chains and relevant mitigation actions • Contract provisions concerning confidentiality and compliance with privacy and security laws
Operational excellence/ Customer satisfaction	Poor Service Performance	The offered service risks not being fully adequate and/or falling short of the Clients' requests, due to operational interruptions and/or manual errors, with consequent economic and reputation impacts	• Regular monitoring of specific customer satisfaction indicators (e.g. NPS)
			Continued

¹⁰ Incomplete list.

continued

Relevant material issues	ERM Risks	Risk description	Mitigation plans
Payment digitalisation in Italy	Italian regulatory evolution	The introduction of new laws by the Italian government concerning the use of hard cash and digital payments risks accelerating or slowing down the spreading of electronic payment instruments	• Regular monitoring of risk exposure
Talent attraction & Employer Branding	Loss of critical know how	Risk of not adequately developing and/ or updating the critical expertise required for the evolution of the business and/or	• Constant training of employees through courses held in classrooms or via online platforms
Personnel training and development	Building critical skills for the future	processes with a high technical content, resulting in the loss or unavailability of know how and skills that are critical for the future	• Mapping of critical IT skills • Performance Management tools for all employees
Transparency and fairness	Antitrust, Anti-Money Laundering, GDPR	Risk of non-compliance with the Antitrust, Anti-Money Laundering and GDPR rules and consequent exposure to inspections by the relevant authority	• Regular monitoring of risk exposure and of the drafted action plans • Operational policies and procedures • Online training for employees; • Targeted Antitrust Workshop for Top Management and key roles

With reference to ESG risks, it should also be noted that:

• the Compliance & AML structure is in charge of managing non-compliance risks, in order to prevent inconsistency with the governing laws and regulations. In particular: i) it provides advice and assistance to corporate Functions and bodies on all issues where non-compliance risk is high; ii) it assesses non-compliance risks, including the reputational aspect, and defines the methods and tools to be used to identify and assess/measure non-compliance risks and operational programmes for the management and control of non-compliance risks;
• for other types of risk (such as environment protection, labour law, health and safety at work and taxation laws), it is possible to resort to specific Subject Matter Experts, whose task is that of constantly ensuring compliance of activities and processes with the relevant laws. They have the responsibility of promptly flagging particularly relevant/serious events that emerge while conducting their activity or that they come to know of, which may represent a violation and/or a potential violation of the relevant regulation being monitored, indicating the planned and/ or undertaken corrective measures and the pertinent timing, the focal points of the time frame and the monitoring of pertinent initiatives.

As to other issues represented in the materiality Matrix ("integrity in corporate conduct", "innovation", "staff appraisal and remuneration policies", "diversity and equal opportunities", "well-being and sustainable welfare", "employment and labour relations", "health and safety promotion", "energy efficiency and CO² emissions", "responsible consumption and waste management"), no significant areas of risks have emerged.

The role of Compliance

Compliance with laws and regulations

The Compliance & AML Function is tasked with ensuring corporate operations compliance with the rules of the Group's supervised companies by means of checks carried out ex ante and constantly, following a risk-based approach.

Among other activities, the Compliance Function also assesses compliance with contractual provisions concerning communication to Clients and to Supervisory Bodies and on impacts deriving from new projects, with reference to the governing laws. It also provides assistance and advice following specific requests that may come from corporate bodies and supervised companies of the Group, concerning the relevant regulations.

In 2019, the Compliance Function started a review of the available IT assistance tools, in all the areas it manages, in order to optimise and boost efficiency of risk-management processes and of the activities assigned to it. Activities continued, in the supervised companies, for harmonising the non-compliance risk-management model. Still in 2019, activities for the enactment of the PSD2 directive in Italy carried on.

Furthermore, Nexi Payments adopted the "Consolidated regulation for the correct fulfilment of transparency duties", approved in April 2019, with the goal of regulating the roles and responsibilities that must ensure com-

40

pliance with the Transparency provisions, in accordance with the Bank of Italy's measure on the Transparency of banking and financial transactions and services of 9 February, 2011 and subsequent amendments.

The disclosure of correct and transparent information to customers is also guaranteed by the publishing of the documentation concerning the pre-contract guidelines available on the website www nexi it under the Transparency section.

TRANSPARENCY AND FAIRNESS IN MARKETING CAMPAIGNS: THE ROLE OF CUSTOMER VALUE MANAGEMENT

In conducting its activities, Nexi Group is guided by specific standards and guidelines in terms of transparency and fairness with its Clients; this is complementary to Transparency-related self-regulation duties managed by the Compliance Function. A responsible management of business communications to customers is ensured by a governance that focuses on the two Customer Value Management (CVM) Functions, dedicated to clients such as private citizens and merchants. CVM Functions have defined and formalised specific engagement rules for handling Client-oriented marketing campaigns.

The CVM Function for private Clients such as private customer daily monitors, in all campaigns, the indicators that check the frequency rate of contacts, cancellations and the so-called contact pressure, so as to ensure information adequacy and full compliance with the preferences expressed by Clients in terms of data treatment and privacy.

Anti-money laundering

The Head of the Compliance & AML Function is also in charge of Anti-Money Laundering for the Company and isthe Company's Anti-Money LaunderingOfficer,tasked with flagging suspicious operations, pursuant to article no. 42 of Legislative Decree 231. In conducting activities aimed at preventing and countering money-laundering and terrorism-financing operations, the Function adopted anti-money laundering and anti-terrorism Policies and Regulations, enacting EU Directive 2015/849, whose goal is to prevent the financial system from being used for money-laundering or terrorism-financing activities (so-called "4th Anti-Money Laundering Directive").

General Data Protection Regulation (GDPR)

The Compliance Function also includesthe Group's Data Protection Officer (DPO), tasked with monitoring, for all Group companies, compliance with the General Data Protection Regulation of 2016 and with any other enforced provision concerning the protection of people, with reference to the processing of personal data in Italy and in Europe11. The DPO must be involved in all issues related to personal data protection, offers advice on duties and compliance with governing laws, provides opinions on the data protection impact assessment, informs and gives advice to the Board of Directors, acts as liaising officer for the Personal Data Protection Supervisory Body and other stakeholders.

The Group's privacy regulation, called Personal Data Protection and Treatment, also regulates how privacy-related complaints should be handled. Furthermore, in order to bolster the protection of Nexi data, online training classes were organised for all employees, along with specialised workshops for the most affected Functions and roles.

In 2019, Nexi Payments' Compliance Function received 124 complaints by stakeholders and processed all of them: 110 came from natural persons (card holders) and 14 from legal persons. In six of the 124 complaints, Clients called for the national Data Protection Authority, which, in two cases, ordered the dismissal of the claim, declaring that Nexi had not infringed the personal data protection regulation. Only 15 requests concerned the Client's alleged privacy violation.

Over the past year, Mercury Payments Services Complaints Department received five complaints from stakeholders, all of which have been processed.

In 2019 no complaints came from regulation bodies with reference to privacy violations, nor complaints from Clients for identified data losses and thefts.

¹¹ EU regulation 679/2016 (GDPR) and Legislative Decree no. 196/2003, amended by Legislative Decree no. 101/2018.

CONDUCT INTEGRITY AND ANTI-CORRUPTION MEASURES

7.1	Code of Conduct	44
	7.2 Organisation, Management and Control Model 231	45
7.3	Whistleblowing	45
	7.4 Antitrust programme	46

CONDUCT INTEGRITY AND ANTI-CORRUPTION MEASURES

Code of Conduct

Nexi Group firmly condemns, with no exception whatsoever, all forms of active and passive corruption and it advocates a conduct based on criteria such as legality, transparency, common sense and personal ethics, consistent with the corporate values and procedures, knowing it will not expose the Group to risks connected to non-compliance with the rules and to reputational damage.

Furthermore, the Group not only forbidsthe payment and promise of money, but also any offer of gifts, contributions in kind, such as sponsorships, jobs, disclosure of confidential information concerning financial instruments that are capable of affecting the market or that may be exploited to obtain other benefits or profits.

Such principles underlie the Code of Conduct of all Group companies and are an integrating part of the Model, as per Legislative Decree no. 231/01, which promotes and guides the conduct of all its recipients, administrators, auditors, employees, provisional employers, consultants and cooperators of any kind, as well as agents, attorneys and any other subject that may act in the name and on behalf of the Group.

The principles of the Code of Conduct are further detailed below:

Human Resources, principles for the protection and promotion of employees, such as:

• enforcement of equal opportunities, upholding the standards of objectivity, know-how and expertise, ruling out nepotism when looking for and selecting personnel;
• definition of business plans, adequate training and development programmes that aim to put to good use the expertise and know-how of everyone, based on merit;
• prevention of all forms of workplace harassment (psychological, physical, sexual). By no means does the Group accept any form of discrimination based on age, health conditions, gender, sexual orientation, religion, race, opinion and/or political, union and cultural affiliation.

Health, safety and environment, provision and handling of work venues and settings that ensure the employees' safety and health, in accordance with the relevant national and international regulation.

The Group strives to comply with all applicable legal provisions concerning the environment, including by raising awareness and engaging personnel (both in-house and external) directly involved in the management of environmental impacts.

Conduct in business activities, Group relations with the several stakeholders, including shareholders, clients, suppliers, public administration, competitors: such relations are based on compliance with the laws and with the applicable regulations, including the ones concerning confidentiality and protection of personal data, anti-money laundering, anti-corruption, antitrust and handling of privileged information.

Organisation, Management and Control Model 231

Nexi Group companies feature an Organisational and Control Model, as per Legislative Decree no. 231/2001 (hereinafter, also "Model 231")¹² approved by the Board of Directors, following the green-lighting of the Supervisory Body of the individual Group companies (namely, the Board of Statutory Auditors), to ensure the correct running and constant update of the Model itself.

All organisational structures and activities are subject to checks linked to the enforcement of Model 231 and to compliance with the Code of Conduct. Such checks are carried out by the Supervisory Body of each Group company, which report to the Corporate Bodies and draft and implement, through the Group's Audit Functions, the yearly programme of the relevantsupervisory activity.

The year 2019 saw the kick-starting of the project for the review and harmonisation of the several Models of the Group companies, which resulted in the completion of Models 231 and of the Codes of Conduct of Nexi SpA and Nexi Payments SpA,with a viewto integrating the contentsin theGroupmission and adjusting themto complywith the guidelines set out in the new version of the Model. In order to ensure a constant review of the contents, updating activities have been started in all Group companies, so as to enact the latest legislative measures concerning structure organisation.

Whistleblowing

The Group provides dedicated information channels that facilitate information flow and flagging of illegal conduct, by both employees and external staff, that infringes internal rules, regulations and procedures, including the violation of the Code of Conduct and of Model 231.

In particular, all information flows can be directed:

• to an email box of the Supervisory Body¹³;
• to a telephone number specifically dedicated to whistleblowing, available 24 hours a day, all year round, with a permanently operating answering machine;
• in the event of anonymous flagging, by mail to the legal office of the Group company, to be sent to the attention of the Supervisory Body;
• to the figure in charge of the internal whistleblowing system, namely the Head of the Group's Compliance Function, or the Audit Function (if they are to be informed of the whistleblowing) which then notifies the Supervisory Body.

Anyone that, in good faith, reports a situation shall be protected by the Group from any kind of retaliation, discrimination or penalisation, that said, the whistleblower's identity shall remain concealed.

¹² The Model ²³¹ of Nexi SpA and Nexi Payments, including the relevant Codes of Conduct, are available on the website www nexi it, for Mercury Payments on the website www.mercurypaymentservices.it and forHelp Line on thewebsitewww helpline it.

¹³All Group companies have ^a dedicated email box in their Code of Conduct.

TRAINING ACTIVITIES AIMED AT PREVENTING AND COUNTERING CORRUPTION

In 2019 all employees were administered a training course (either in e-learning modality or in classrooms) on Model 231, which included a section on Whistleblowing and on the Code of Conduct.

On 26 June, 2019, the Holding Company's Board of Directors attended a training session on anti-corruption. Model 231 and relevant updates is shared with employees by means of specific internal email or intranet communications.

All the Group's newly-hired staff must complete the training within 90 days of the hiring date.

In the accreditation process suppliers are requested to explicitly subscribe the acknowledgement of Nexi's Code of Conduct and Model 231 on the Suppliers Portal.

Employees trained in anti-corruption procedures,	2019
broken down into professional categories14	Total	Percentage
Managers	28	29.5
Middle managers	327	51.3
All other employees	740	61.9
Total employees	1,095	56.8

The Antitrust Programme

In 2019 Nexi started an intense Antitrust Programme, to give all employees a set of shared information on the pertinent major risks and illegal conducts, to formalise and update the rules and procedures underlying a sound management of antitrust-related matters and to allow business to take action within a well-defined scope, also to seize competitive market opportunities.

In greater detail, in December 2019, Nexi SpA's Board of Directors approved the Antitrust Code of Conduct, the Guidelines for Antitrust Authority inspections and an organisational procedure for reporting or requesting clarifications on conduct apparently non-compliant with the provisions of the Antitrust Code of Conduct.

All Group employees were requested to explicitly confirm acknowledgement of the internal regulation.

Still in December 2019, a mandatory training, for all employees, on the Programme's Antitrust-related matters was launched. Further specific training initiatives, for different corporate levels, will be taken in 2020.

¹⁴ Training is still underway as this Statement is being drafted.

NEXT TO THE CLIENTS AND LOOKING TO THE FUTURE

8.1 Customer centricity	50
8.2 Innovation at Nexi Group	52
8.3 Data security	54
8.4 Business continuity and operational excellence	55

NEXT TO THE CLIENTS AND LOOKING TO THE FUTURE

Closeness and future are the two concepts that have inspired the Nexi brand: next, as in future & innovation, releasing groundbreaking products, services and solutions; next, as in standing next to Banks and to millions of citizens and merchants that, every day, make and accept digital payments.

Next to the Clients and looking to the future are therefore the principles that triggered Nexi's transformation ever since its inception: in order to make these two concepts tangible for its Clients, the Group has constantly invested in technology and know-how, focusing on product, service and security excellence. Specifically, in 2019 alone, Nexi invested Euro 167 million, that's 17% of the yearly profits.

Customer centricity

For Nexi, Clients play a central role: daily activities, new products, innovation and investments are becoming increasingly client-centric. For this reason, the Nexi constantly monitors and identifies the Clients' needs, through Customer Satisfaction surveys, continual detection and analysis of Net Promoter Scores (NPS) and associated feedback and by managing and analysing complaints and feedback on digital application stores.

Customer Satisfaction

In 2019 Nexi continued to investigate the satisfaction level of its Clients, both ordinary citizens and merchants, with reference to the products and services employed, brands and specific processes that involved them. The customer satisfaction survey, which was also conducted to compare results with the Group's major competitors, was carried out on a quarterly basis and based on 930 telephone interviews with card holders and 960 with merchants.

The following key results emerged:

• Private customers, in the second half of 2019, confidence grew in terms of Nexi advisability, following an initial phase that envisaged the approach to a new brand, thanks to the improvement of the Client's overall satisfaction. The NPS indicator realigned to the values observed in the period that immediately preceded the rebranding process, which took place in 2017. Compared with 2018, greater stability in all indicators was noticed, confirming that Nexi is perceived as being closer to the customer in times of need, compared to its competitors;
• Merchants, surveys conducted in the second half of 2019 revealed that a good recovery was underway, following the drop in customer satisfaction experienced in the early months of the year, and that recovery stood out well compared with the drop experienced by the competitors.

Merchants particularly focused on pricing, for both Nexi and competitors. The perception ofNexi'sinnovation and service communication was on the rise.

Identifying the Clients' needs

In 2019 we further identified our Clients' needs by conducting surveys and constantly analysing the NPS indicator and feedback concerning the overall experience perceived by Clients and their interfacing with Nexi. The analyses of the suggestions and remarks received led to the identification and planning of specific measures aimed at enhancing the service. Specifically:

• the introduction of new surveys, for example on the handling of Client complaints and on the user experience of the Nexi Business App for merchants;
• extending this service to Partner Banks, specifically including the experience perceived for some of the Digital Banking Solutions business unitservices;
• the creation of the first dashboard for integrating the NPS indicator with the operational KPIs perceived by Clients (for example the POS installation time perceived by merchants).

NEXI'S BRAND AWARENESS AND REPUTATION

Nexi isincreasingly associatedwith innovation and is identified as a technology-driven, forward-looking modern company.

Brand awareness monitoring shows a remarkable growth in the reputation of the Nexi brand: among Clients, awareness has reached 40%, with peaks of 47%.

Nexi's reputation, monitored according to the Rep Track Score global standard of the Reputation Institute, hassoared by over five points compared with late 2018, reaching 69 points, with peaks in excess of 70¹⁵.

The Company's customer culture

• TheGroupalsowantstospreadthe cultureof client-centricity among all employees, regardless of their role, in order to improve service levels and relations with the clientsthemselves, thus achieving excellency.

To this end, several Change Management initiatives were started in 2018, they were continued in 2019 and will be further enhanced in 2020. Some of these initiatives include the Top Management's regular listening to a selected number of Client calls, complying with privacy rules, in order to devise specific improvement measures;

• creation, on the Nexi intranet, of the "Next to the Clients" section, containing interviews with end Clients, as well as all the initiatives underway;
• sharing, during the corporate staff meetings, of the results that emerged from the latest surveys, for collecting and acknowledging the end Clients' perception of Nexi and its services.

In 2019 Nexi also fielded a number of initiatives for involving Partner Banks, including Nexi Days, namely, days for the creation of business networks of banks, which are updated on the offer of cards, mobile payments and SmartPOS. Furthermore, several webinar sessions were set up to share market approach, innovation ideas and new payment solutions for private citizens, merchants and businesses.

The following initiatives were taken in 2019:

• 8 events on public relations, attended by roughly 550 sector players;
• 4 events on the positioning in the bank market (ABI il Cliente, ABI trasformazione, Banking Summit, ABI Salone dei pagamenti) with over 10,000 sector players;
• 7 events on dialogue and relations with Partner Banks, with about 650 participants overall;
• 4 Cashless City training events, attended by 330 bank branch managers and executives;
• 15training events on the territory for ten Partner Banks, attended by 749 branch managers;
• 22 training webinars for a widespread dialogue on business networks;
• 10 events with associations of the trade, involving three Partner Banks and 2,400 sector stakeholders.

Handling complaints

Complaint management is based on the principles of transparency, assistance and quality. It is a foremost tool for handling and monitoring customer satisfaction.

^{15 A} survey yearly collectsthe opinion of 2,000 people and indicatesthe reputation level through an indicator based on ⁴ questionsthat assess emotional association with the company and provide an overview on 7 more rational aspects: Leadership, Performance, Products/Services, Innovation, Workplace, Governance, Citizenship.

To this end, the Group has devised a set of internal rules that define its roles, responsibilities and modus operandi, to help identify critical areas and areas where there is room for improvement. That's where the Group may intervene to bolster the Clients' trust and to reduce operational and reputational risks.

The Client may submit a complaint in writing or by following the procedures described on the websites www nexi it and www.mercurypayments.it under the sections Nexi Payments and Mercury Payment Services¹⁶. The dedicated Functions must answer each complaint, in writing, within 15 days, in accordance with the rules set forth under the self-regulation initiatives or with the supervisory regulation on payment systems complaints.

The Function in charge of handling complaints also deals with processing clarification requests coming from Supervisory Bodies concerning banking and financial transactions and services, and must regularly provide the due information flow to the Group's corporate bodies.

NUMBER OF COMPLAINTS IN 2019 AND MAJOR REASONS

Major reasons	Number of complaints	% on total
Dispute	4,433	59.3
MPS merchant acquiring contract provisions	1,121	15.0
Card services	497	6.7
Other 17	1,415	19.0
Total	7,466	100.0
Complaint outcome	Number of complaints	% on total
- rejected	5,857	78.4
- accepted	1,555	20.8
- currently being processed	54	0.8
Total	7,466	100.0

Most of the complaints received in 2019 were ascribable to disputes that were closed by denying refund to the Client (accounting for 59% of the major reasons). The second major complaint reason (accounting for 15.0% of the total) were complaints concerning contract terms referring to services of the merchant acquiring business acquired from Monte dei Paschi di Siena in 2017.

Innovation at Nexi Group

Medium to long-term strategic evolution goals and yearly development initiatives are set forth by the Group's Strategy Innovation Function. The latter also supports Top Management and the Board of Directors in defining, monitoring and reviewing guidelines with respect to the Group's strategic planning.

The Function is constantly engaged with the international digital innovation ecosystem, comprising the fintech community, start-up accelerators and incubators, developers, venture capitalists and merchant banks, commercial partners and start-ups themselves.

The Function's goal is to accelerate innovative and technologically advanced solutions in the payments sector and to provide Clients outstanding service.

MAIN AWARDS RECEIVED BY NEXI IN 2019

Award	Product	Prize
Financial Innovation Italian Award	#ioVINCO	3rd prize
Netcomm Award	XPay	1 st prize
MF Innovation Award	SmartPOS	1 st prize
MF Innovation Award	YAP	1 st prize
Innova Retail Award	SmartPOS	1 st prize
ADI Design Index	CFO mobile front end app	Lombardy Excellence Award

¹⁶ Mercury Payment Services handles complaints for direct issuing Clients and for retail cards Clients.

¹⁷ The category "Other" mainly includes repricing-related complaints (183 complaints, that's 2.5%) concerning the unilateral modification of the terms for cardholders in late 2017, complaints concerning POS activation and reconfiguration (170 complaints, that's 2.3%) and #iosi programme complaints (151, 2.0%).

In 2019 Nexi's leading product and service innovations focused on:

• expanding the SmartPOS applications ecosystem via:
• AdMove, an innovative app designed to create hyperlocal mobile advertising campaigns;
• IziCap, a major CRM & Loyalty player on the French market with an emphasis on payment-card tokenisation technologies;
• Google, who are set to feed its Google My Business app into Nexi SmartPOS terminals so as increase merchant online visibility;
• driving use of digital payment solutions and consumer market innovation via a range of agreements with major Partner Banks that target mobile and wearable payments and new card management services such as spending control and instalment payments for purchases;
• launching YAP, a smartphone payment app designed for young consumers aged 12 and above;
• supporting the public sector pursuant to Italian digitalisation agency AgID guidelines, accelerating the Smart Cities agenda in Italy, especially in the area of payments, smart mobility and public transport services.

The past two years have witnessed concerted investment in open banking so as to seize the opportunities issuing from the EU's PSD2 directive. In that respect, during 2019 Nexi established important open banking partnerships.

Open banking

The year 2019 saw continuing development of technologically advanced fintech solutions, foremost among which:

• CBI Globe (Global Open Banking Ecosystem);
• the CBI Consortium platform which manages the technological gateway infrastructure that enables banks, third parties as well as end clients to access reporting and payment functions in keeping to PSD2 rules;
• the Payment Initiation Service Providers(PISP)software-as-a-service solution, developed internally and addressed at Partner Banks and large businesses;
• to enable an innovative paymentservice that allows banks and businesses to manage revenue seamlessly and delivers end clients a simple digital user experience;
• start of accreditation with the central regulator as Account Information Service Provider (AISP) and as PISP.

In 2019 Nexi was also engaged in groundwork for the February 2020 launch of a new Italian fintech hub. The preparatory stage was carried out in collaboration with Plug and Play, leaders in start-up incubation and acceleration, with a portfolio of 1,400 start-ups and 350 corporate partners in 2019 alone. Nexi partnered with Plug and Play as Founding Anchor Member of the Milan-based fintech hub and as Anchor Member of the European fintech hub in Frankfurt.

Establishing the new hub, which ranks as a major connector between Italy, Europe and the Silicon Valley, serves a twin objectives: firstly, to attract and promote and grow fintech and talents to Italy so as to breed innovation and new businesses that benefit our Partner Banks; secondly, to export all-Italian fintech leaders and to increase their international profile such that they may establish new commercial partnerships and business opportunities.

Strategic partnerships

In the area of e-commerce, in 2019 the Group established strategic partnerships with tech giants and international leaders in the sector, among whom:

• Shopify, forthe integration ofNexi Businesssolutionswithin the world's most used e-commerce platform;
• Sodexo, for the acceptance of its mealvouchers by Nexi POSs;
• Union Pay, forthe acceptance of its branded cardsin Italy.

Data security

Nexi has set up an Information Security Management System (ISMS), consistent with the Group's risk propensity profile, to protect the Group's information assets.

Designed in line with ISO standards and best practices within the sector, Nexi Group's ISMS also reflects Bank of Italy rules, domestic privacy regulations and laws applicable to the sector (e.g. mandatory Payment Card Industry Data Security Standard certification, otherwise known as PCI DSS compliance).

As a top corporate priority, data security has been the subject of substantial investment at Nexi Group in recent years. Investments have tracked best practices within the sector and have bolstered Nexi's security mechanisms at both the organisational and technical levels. Priority interventions focused on boosting network security and SOC services/threat intelligence, bolstering EDR technologies, introducing SCA/Access Management/API Gateway systems and File Integrity Monitoring technology.

The Group's commitment to ensuring the security of its information assets and to maintaining its ISMS was formally laid out in the "Information Security Policy" document approved by the Nexi BoD in July 2019. The latter policy document is integral to the ISMS, which, with reference to any automatically processed data, also details what Group structures, internal rules, operational protocols, procedures and technical documents govern any planning, design and implementation, roles and responsibilities, processes and resources, staff behaviours and oversight in respect of ensuring:

• confidentiality, implying that information, subject to set protocols, can only be accessed by expressly authorised parties;
• integrity, implying that information, subject to set protocols, can only be edited by expressly authorised parties, such that completeness, accuracy and compliance of information is ensured during acquisition, storage, processing and presentation;
• availability, implying that information, subject to set protocols, can only be accessed and used by expressly authorised parties and processes if and only if an actual need or requirement to do so arises.

In further complementto the ISMS,the RiskManagement Function's internal IT risk analysis service allows for assessments on the effectiveness and efficiency of ICT control processes.

INFORMATION SECURITY - CERTIFICATIONS

Nexi Payments The ISMS Information Security Management System has secured ISO 27001 certification for its data storage services (i.e. IT processes and Business services). As an AgID-approved Certification Authority (CA), Nexi Payments also provides Certification and Payment Security services. Having also secured eIDAS certification, these services provide Clients with trust services which are valid throughout the European Union.

Nexi Payments, Help Line and Mercury Payment Services are PCI DSS-certified by the Payment Card Industry Security Council, ensuring payment card data management is carried out to Payment Card Industry data security standards. In addition to the general PCI DSS standards, Nexi Payments and Mercury Payment Services have secured PCI PIN certification, for PIN data management, and Three-Domain Secure PCI 3DS certification. Mercury Payment Services, for its part, has also secured Card Production Physical Security/Card Production Logical Security PCI CPP/ CPL certification.

Nexi boasts a team of hi-tech specialists and advanced systems tasked with supporting the Group in early identification and prevention of fraud.

More specifically, during 2019 several solutions were deployed in the following areas:

• fraud prevention and management: as part of the "Fraud Digital Transformation" initiative, new cloud-based artificial intelligence solutions have improved the ability to detect and pre-empt fraudulent transactions, bringing the ADR rate to 86% from 77%, and reduced the percentage of false positives to 70%. End-to-end fraud and commercial dispute management was subject to a dedicated reengineering project, due for full implementation within 2020, leveraging Salesforce front-end and back-office services;
• card renewal and delivery: deliveries are now carried out via registered rather than insured mail, providing for identical security levels and improving customer experience. Mail delivery of PIN numbers has been replaced by either text messaging or forwarding via the Nexi Pay App.

	NEXI SERVICES FOR SECURE CLIENT TRANSACTIONS
NEXI SMS ALERT	Nexi's SMS Alert service provides notice of every single transaction carried out with any given card, i.e. cardholders receive a text message for each payment.
SMS SERVICES	Thanks to SMS Services, cardholders can use text messages to request information on recent transactions, card balance, balance available, #IoSi points and much more. The service provides for easy access to a wealth of information. With the ioCONTROLLO text message service, for instance, cardholders can check on total weekly spending.
NEXI PAY APP	The Nexi Pay app includes a notifications feature which informs cardholders of any transaction or purchase exceeding 2 euro.
EMAIL ALERT	The Email Alert service allows users to receive email alerts, which they can schedule at their own convenience, providing information on balance available and recent transactions.
3D SECURE	3D Secure is a fraud protection system linked to the Visa and Mastercard networks, i.e. Verified by Visa and Mastercard® SecureCode™, that protects online purchases. When carrying out a payment, cardholders receive a text message containing a one-time security code that they must use to confirm payment.
ANTI-PHISHING	Nexi leverages anti-phishing services that are able to identify and proactively block phishing campaigns 18.

Business continuity and operational excellence

Service reliability underpins operations. As such, pursuant to standing laws and regulations and consistent with the Group's risk propensity profile, Nexi has developed a Business Continuity Management System (BCMS) tasked with ensuring its ability to deliver critical services at minimum acceptable service levels.

A team of specialists is constantly engaged in defining and testing business continuity strategies to tackle scenarios such as IT systems becoming unavailable or instances whereby critical units and/or staff become unavailable.

Significant resources have been allocated to business continuity planning, in terms of technology, to increase IT resilience, and in technical and organisational terms.

Nexi Group's BCMS has secured ISO 22301 certification, thus ensuring it provides for the following:

• Business Impact Analysis (BIA) for critical business operations, to ensure business continuity;
• Risk Impact Analysis (RIA) for business continuity in line with Group risk propensity;

¹⁸ Phishing is ^a type of internet fraud that aims to deceive users. It usually involves sending misleading emails that swindle Clients into handing over payment card details.

• policies and commitments are in place at all levels within the organisation;
• business continuity solutions are in place and tested annually to ensure plan effectiveness;
• management, training and awareness reviews.

The management system is subject to continuous improvement according to the Deming Cycle model, ensuring it is constantly reviewed and updated, and also consists of a body of policy and also features a body of auditable documentation designating and relating to planning, design and implementation, roles and responsibilities, processes and resources.

The regular attention toward the operational excellence, finalized to the progressive increase of the provided service levels, allowed in 2019 the launch of some initiatives included in a dedicated Program, including:

• customer care digital transformation: an Interactive Voice Response (IVR) solution was developed based on innovative natural language understanding technology. Handling some half a million interactions, the Group's Virtual Assistant system continued to provide excellent service;
• card personalisation: card personalisation activities were internalised and a new site was implemented, providing for an increase in production capacity and cost optimisation. The executive plan is scheduled for implementation in 2020;
• merchant services: Salesforce-based implementation of the Partner Bank merchant on-boarding programme continued, with Salesforce solutions also leveraged in managing installation, maintenance and replacement procedures for POS terminals. Implementation of target processesisto be completed within 2020;
• regulatory compliance: as well fulfilling process and operations compliance requirements pursuant to the PSD2 Directive, the Group hasidentified areasfor compliance relative to the 4th Anti-Money Laundering Directive;
• monitoring service level indicators: purpose-made dashboard applications have contributed to further strengthening SLI monitoring activities with respect to operational performance and services delivered to Clients. Detailed reporting tools were developed for POS terminal installation and maintenance management purposes. Service Level Agreements performance and reporting relative to Partner Banks continued.

QUALITY MANAGEMENT - CERTIFICATION

In 2019 the following companies secured quality management certification:

• Nexi Payments quality management system is ISO 9001-certified with respect to the design, development and management, in collaboration with Partner Banks, of digital payment solutions for corporate, merchant, small and medium-sized businesses and banking clients. ISO certification also extends to the design, implementation and management of software solutions and IT services, technology and applications outsourcing and servicing thereof. Said solutions and services are targeted at the Payment Systems market with a focus on financial institutions, public administrations and businesses, and include, for example, ACH services, web-based and mobile e-banking solutions and services, interbank corporate banking and e-invoicing.
• Help Line SpA is ISO 9001-certified with respect to its inbound customer care services, its account information and payment initiation services, its customer support services for licensed and serviced Nexi Payments SpA cards and POS terminals for cardholders, merchants and Partner Banks, and its fraud prevention services for licensed and serviced Nexi Payments SpA cardholders and merchants. Help Line is also certified under UNI 15838, a standard designating requirements for customer contact centres and providing client-centred best practices guidelines designed to meet client expectations. Transitioning towards the new UNI EN ISO 18295 standard, which replaces UNI 15838, was initiated in December.
• Mercury Payment Services SpA is certified under ISO 9001 with respect to its financial services for card payment collection via POS terminals, its development of software applications, its over-the-phone customer support services, its payment card personalisation issuing services.
• BassmArt Srl is certified under ISO 9001 with respect to its information, communication and commercialisation services management in the area of heritage, culture and leisure.

NEXI GROUP PEOPLE

9.1	Performance Management	64
9.2	Training	64
9.3	Rewards	66
9.4	Sustainable welfare	68
	9.5 People Survey	69

NEXI GROUP PEOPLE

We at Nexi Group view our People as key strategic levers and as fundamental contributors to our success. Engaged in a profound cultural transformation as of 2017, we have combined our drive towards a common organisational identity, based on a Value system centred on our Clients, on building the future, on excellence and on staying simple, with firm a desire to foster a sense of belonging among our employee, engaging each and every one them in building the present and future Nexi.

The transformation journey started in 2017 has allowed Nexi to attain major results and to engage in projects which confirm its standing as a leader in

the digital payments market, a standing consistent with our industrial plan which is centred on principles of profitable and sustainable growth, on technological and digital innovation and transformation, as well as operations excellence and human capital development.

In committing to the transformation process, the Group has become a highly diverse organisation, in terms of professional and cultural backgrounds, as well as skills, gender and age, through organic growth of new managers, professionals and specialists and via the acquisition of new capabilities following corporate actions and the boosting of skills already present within the Group.

Live for customers

Make it simple

It is our business to make life easier for customers, even when complexity takes over.

We focus on what matters most.

We value forthrightness and communicate what matters.

We make quick decisions and are fast on our toes.

We make life easier for our colleagues also.

Build together

We stick together, through thick and thin.

We can see things through with a smile.

We share a vision and willing to claim a stake in it.

We know how to leverage our backgrounds, ideas and skills in service of bigger goals.

In keeping with Nexi Values and in line with pillars of the Group's industrial plan, on a staff management footing the Group has built its People Strategy around the goal of developing the best team of people on the market in terms of skills and leadership, and has done so also with a view to promote the kind ofstaff diversity and inclusion that is instrumental in building a One Nexi.

Nexi's People Strategy seeks to harness the capabilities, passions, skills and expertise of each and every employee, so as to:

• create enduring value for all Group stakeholders;
• pursue and ensure the sustainability of the organisation's growth in the medium to long term;
• establish a performance and merit-based culture;
• bolster Nexi Group's leadership among publicly listed tech companies with respect to people management and development.

Nexi fosters and promotes all aspects of diversity that contribute to making what it is.

NEXI GROUP PEOPLE: THE NUMBERS The entirety of the Group's workforce is hired pursuant to collective domestic labour agreements. The vast majority of employees, i.e. 99.3%, are employed on permanent contracts. Trade union membership totals 889, namely 46.1% or the total workforce. Udine (cividale) 78 Padua 82 Milan 1,456 Florence 117 Siena 27 Rome 80 Bologna 75 Granarolo 23 Anzola 52

63

Nexi's People Strategy is deployed via the following key processes:

Performance Management

Performance Management is the process via which, based on merit, employee contributions to business performance are gauged.

The criteria applicable to performance appraisal are subject to transparent shareholder, employee and external third-party disclosure, and the process leading to their definition is underpinned by two questions:

• WHAT: clear and measurable, qualitative and quantitative, individual and organisational goals;
• HOW: actions and behaviours with respect to set corporate values.

The appraisal process is underpinned by management-employee dialogue and development sessions, where the parties discuss annual performance, future goals and aspirations and individual development and training avenues.

In 2019 a total of 1,873 employees engaged in Performance Management processes, namely 97% or the organisation's people¹⁹.

Training

Training is viewed as a strategic lever at Nexi Group. and is delivered via an integrated system of personalised schemes it via innovative methods and approaches, each striving to harness and develop the skills, capabilities and passions.

Training is provided using a range of tools and highly differentiated content, all of which inspired by best practices within the market as well as by inherent expertise within the Group.

The effectiveness of training programmes is measured through tests and participant satisfaction surveys based on the Net Promoter Score20, tool leveraged in our customer surveys.

In keeping with Nexi's Values and its business strategy.

As of 2019 and with a focus on the medium to long term, the Group is engaged in a process of multi-year planning with respect to training. Plans thus issued are subject to annual review and focus on the following skill subsets.

In 2019 a Learning Management System (LMS) was adopted for the purposes of monitoring and advertising all courses available to employees.

During the course of the year, employees received an average 40 hours training each²¹.

¹⁹ The Performance Management system is available to all employees on either temporary or permanent contracts who have spent at least three months at the Group. Appraisals carried out in 2019 relate to employee performances in 2018. Appraisals relative to 2019 performances have been completed. The performance indicator accountsfor employees as at December31, 2019, all employees who took part in Dialogue and Development (March 2019) and in the Mid-Year Check (July-August 2019).

Employees hired during the last quarter of ²⁰¹⁹ were not engaged in the process. BassmArt's seven employees are not included. ²⁰ The Net Promoter Score (NPS) is an indicator of perceived customer (i.e. cardholders, merchants, banks) experience and is designed to drive continuous improvement. ²¹ The data does not include training hours provided to BassmArt Srl employees (i.e.7 employees).

Business.	The scope here is to ensure staff is always up to speed with respect to our business, sector trends, positioning, strategy and Nexi products and services. Training aims to provide for a common language and understanding of business categories, ensuring everyone at Nexi Group is on the same page. Designed by the Nexi Group for its people, the course dubbed "Pay UP: Payments Present and Future" (Pay UP: i pagamenti di oggi e di domani) was set up for precisely the latter purpose.
One nexi.	The scope here is to disseminate Nexi Values and to establish a single, common identity organisation-wide. That is achieved by promoting and harnessing diversity with respect to expertise, skills, capabilities and passions, as well as individual soft skills. The course catalogue includes 15 distinct modules. In 2019 Nexi launched its Leadership Academy, providing two-year courses to managers selected via Predictive-Index testing. Built around individual and group coaching sessions, the courses aim to enhance participant accountability and ownership with respect to objectives as part of end-to-end human resources and/or process management exercises.
Specialistic.	The scope here is to provide for learning, updating and enhancement of specialist knowledge relevant to specific professional and business area categories. The 2019 Training Programme issued in the delivery of several and diverse courses, focusing on operational excellence, team leadership (expressly for team leaders at Help Line), personal assistants and embodying the Nexi HR ethic, the Digital Academy, and graduate on-boarding. Tailored to the Nexi model and its in-house skills needs, an IT skills-mapping programme - based on the European e-Competence Framework and on the Milan Politecnico Digital Readiness Model - was launched to track current and future skills requirements. Results obtained thus far have allowed for identification of Subject Matter Experts and for further definition of what training initiatives to deploy over the next 3 years for the purposes of bridging skills gaps for any given role.
Technical.	The scope here is to provide for skills expansion and crossover through courses delivered externally, as well as events and conferences. The tools and the methods provided as part of such training are designed to ensure both continuous operational improvement and that participants engage in staying abreast of technological and/or regulatory developments. In 2019, for instance, applications were submitted for Microsoft and ITIL certification.
Compliance.	The scope here is to provide compulsory training in respect of the knowledge necessary to ensure legal and regulatory compliance, so as to protect individuals, the organisation and its Clients. The courses span a variety of topics, ranging from privacy, to anti-money laundering and health and safety at work, and are specifically tasked with ensuring knowledge essential to legal and regulatory compliance requirements22 . In 2019 the bulk of training focused on Corporate Criminal Liability (Model 231), Market Abuse, Insider and Antitrust Threats, Privacy and IT Security Championing (in cooperation with the CISO's information security division). Other initiatives addressed workplace health and safety awareness and behaviours.

²² On that note, training with respect to regulatory and legal compliance is subject to direct approval by the relevant functions within the organisation in keeping with provisions under law (for instance, anti-money laundering training is approved by the Board of Directors, while training on Corporate Criminal Liability and Model 231 is approved by the Compliance Function). It is worth noting that new employees must complete all listed course within 90 days of being hired.

Rewards

Rewards are based on the four principles and systems which underpin Nexi Group's remunerations and career advancements schemes:

VALUES AND BUSINESS STRATEGY ALIGNMENT

COMPETITIVENESS AND FAIRNESS COMMUNICATION PERFORMANCE

TRANSPARENCY AND

Values and business strategy alignment

Key to ensuring alignment between Nexi goals and employee actions and behaviours, this system is based on fine-tuned packages that balance fixed and variable remuneration.

On that note, variable incentives schemes are crucial drivers of both performance and impact with respect to corporate performance and are geared towards ensuring that performance measurement metrics and targets are consistent with business objectives in the medium to long term.

Performance

With an especially keen focus on top performers, our remuneration policies establish a one-to-one, merit-based link between remuneration and employee performance and contributions to our sustainable business results. To allow alignment with respect to set targets and to provide grounds for prospective corrective actions, at least one feedback session is envisaged.

Competitiveness and fairness

Each component of each remuneration package, at all levels within the organisation, is attuned to roles and responsibilities.

Packages are weighted against the impact and the responsibilities given roles entail and are based on internationally accepted and predefined banding standards, so as to ensure that remuneration is fair and consistent with prospective roles.

External benchmarking ofsalaries, benefits, paymixes and pay levels against relevant peer groups is carried out with the support of an independent consulting company.

This ensures that standards with respect to market are constantly monitored, both domestically and internationally. The goal is to ensure that the remuneration packages provided are effective in terms of their market competitiveness,so asto attract and retain key skills, and ensure fair treatment within the organisation.

Transparency and communication

Remuneration criteria are subject to transparent shareholder, employee and external third-party disclosure.

The key components of remuneration are as follows:

Key components	Key characteristics
Fixed remuneration	Yearly gross salary is a fixed amount with respect to the remuneration total and is defined in line with the employee's responsibilities and impact, ensuring fair remuneration that is benchmarked against the market.
Short-term MBO and EVA bonuses	These incentives are based on results delivered short-term, i.e. 1-year, benchmarked against an array of mutually consistent predefined, measurable performance targets.
	Bonuses are allocated based on a role and department basis. The EVA bonus is tied to business performance and is allocated to all employees, with the exception of Senior Management.
Long-term LTI plans	These are variable pay incentives which, based on banding and performance criteria, are made available to select Group employees. They involve gifted Nexi stock awards over medium to long-term performance periods of three years. Maturity is conditional to performance against specific goals.
Welfare Programmes & Benefit	Benefits are a valuable addition to the pay mix and, as part of the broader remuneration package, reflect to Group's engagement with respect sustainable welfare. Benefits vary depending both on beneficiary and type and their assignment is both consistent with practices within the market and pursuant to standing rules, regulations and collective labour agreements.
	For more details concerning benefits refer to the "Sustainable welfare" section.
Severance package and non-compete compensation	In keeping with the Remuneration Policy approved by the Nexi SpA Shareholders' Meeting, these, combined, only apply to top tier executives and the Chief Executive Officer.
#Fai la differenza	The scheme involves sizeable cash awards earmarked for specific projects and rewards individual employees for their outstanding contributions and their proven track record with respect to Group Values.
	In 2019 the Group allocated these funds for performance with respect to the "Build Together" Value which underpins the organisation's fostering of internal collaboration.

In keeping with policy, Nexi Group reviews its remuneration policy once a year, with a focus on:

-meritocracy;

• external benchmarking;

-internal fairness principles.

Within the scope of policy the type of interventions may include:

• pay rises, rewarding consistently high levels of performance;

• promotions, i.e. vertical paygrade rises, acknowledging increased and lasting levels of responsibility, professionalism,skills and autonomy;

• one-off discretionary bonuses, acknowledging outstanding year-long performance and results.

In 2019, on favourable conclusion of the IPO process, Nexi Group shareholders agreed to issue awards to all staff, proportional to their impact, in recognition of their commitment and contributions to the Group.

Furthermore, in the light of the growing attention Nexi is giving to sustainability-related topics, a specific variable remuneration goal attached to People Value will be introduced in 2020. Such goal aims to keep management constantly focused on long-term growth targets, such as value-creation for stakeholders. For further information please see the Remuneration Report available under the Governance section of our website at www nexi it.

Sustainable welfare

As of 2017, Nexi Group kick-started the Nexi Welfare programme comprising a diverse range of initiatives, services and benefits which address the welfare of its People and their families, creating long-term, sustainable value for employees, families and communities. Expanding and adding to standard contract welfare provisions in the pursuit of practices guided by excellence, the programme strives to deliver the following:

• breed a focus on the well-being of individuals and on the differentiated needs of each of the generationsthat contribute to the Group'smake-up;
• deliver real impacts with respect to employee motivation, productivity and job satisfaction, conducive to a sense of communitywithin the organisation;
• make the organisation attractive to skilled, expert professionals and resources, both domestically and internationally;
• inject innovation and efficiency in economic and organisational resource management, maximising employee perception value-wise and reinvesting a portion of accrued tax benefits.

The main benefit made available to Group employee are:

• complementary pension schemes on top ofstate pensions;
• healthcare cover for employees and members of their households;
• paid time off work for medical consultations, including those attended by members of the employee's household who are disability certified;
• annual grants for every disability-certified member of employee households, plus additional annual grants for the special educational and training needs of children with certified learning difficulties;
• insurance advice, on and off-site, with reference to insurance policies, as well as discounts on home and car insurance;
• discounts on annual travel pass schemes;
• options to sacrifice EVA bonuses, either in whole or in part, towards pension funds and/or non-monetary benefits, with three main advantages;
• amounts sacrificed towards flexible benefits are not subject to national insurance or income taxation, such that gross amounts equal net;
• company cash back for employee choosing to sacrifice bonuses;
• service differentiation at discounted rates.

Results achieved in 2019 are satisfactory, with 17% of Nexi Payments and Help Line employees electing for bonus sacrifice, and 64% at Mercury Payments Services.

Thanks to the Group's endeavours on the labour relations front, 2019 witnessed the signing of several collective agreements that have expanded the Nexi Welfare offering.

They include:

• supplementary agreements between unions and employers Nexi Payments and Help Line, issuing in further improvements to the benefit of Nexi Group employees and their families with reference to a better work-life balance; flexibility with respect to daily start and finish times, as well as lunch break times, has increased; paid time off work allowances for medical consultations have increased by providing employeeswith additional allowancesforthe medical needs of household members; yearly allocations with respectto time offwork and grantsmade available to employees with disability-certified household members have increased;
• supplementary agreements between unions and employers Mercury Payment Services have issued in the adoption of supplementary health insurance for members of employee households. Employees continue to benefit from discounted rates for a range of banking services, such as current accounts, overdraft facilities, loans and mortgages. Furthermore, pursuant to the 2017 supplementary collective agreements, 2019witnessed confirmationof capped allowancesfor employee expenseswith respect to goods and services relevant to their children's educational and vocational needs.

The Group's smart working initiative will kick off in 2020, providing for flexible work and workplace arrangements via the adoption of collaborative tools outside designated office spaces - the end goal being to ensure all employees are able to strike a better work-life balance.

People Survey

People Survey are the main tool leveraged by Nexi Group in listening to its people. They provide employees with a platform to share their opinions and feedback, both of which not only are ofvalue to the process of gauging the effectiveness of actions in place but are also useful to identifying new initiatives and internal improvement.

Provided annually, the survey involves a questionnaire which can be submitted anonymously and is designed to address key aspects of the organisation's main initiatives moving forward. The survey address, for instance, the clarity of strategies adopted, alignment with respect to priorities, teamwork methods and cross-team collaboration, confidence inNexi initiatives and howto improve effectiveness.

Engagement in the second round of the People Survey at Nexi²³was substantial, with 88% of employees responding to the questionnaire, signalling a conspicuous 7.1% rise compared to the previous year.

Second round survey results were analysed in January 2019 in a recorded video session with the Chief Executive Officer, made available for download to all employees on the company intranet.

The results were further discussed during Function-level and all-hands meetings, and were disseminated at the relevant Area or Business Unit levels so as to evaluate targeted improvement interventions.

Key findings issuing or underscored by the People Survey include:

• a higher engagement index;
• -greater claritywithrespecttocompany strategy andgoals;
• progress with respect to the Group transformation process;
• -merit and awardswere perceived asfair.

Key areas for improvement were identified as including:

• operational obstacles with respect to implementing all strategiesin parallel at a time of great Group change;
• the need for greatersimplicity asregardssupport processes and tools;
• greater emphasis needed on collaboration through hard rather than skills.

Upon addressing areas for improvement, the Group identified several actions to be taken in 2019 and assigned responsibilities for their delivery. Said actions are summarised in the table below.

Simplicity	Collaboration	Capabilities	Recognition
Process simplification • Purchase order system (procurement cycle) • Opening and closing IT	New workplaces and working methods • CasaNexi • Collaborative Tools	Learning • Completion of the digital Pay-Up training programme • Management training	Extra mile awards • The #Fai la differenza award (centred on the "Build Together" value)
support tickets	Promoting knowledge and	Job rotation	Fine-tuning HR processes
Working tools improvement	aggregation among Nexi people		• Broadbanding
• laptop/mobile	• Lunch with Top Management • Greater Top Management	Job posting	• Performance Management and Rewards
Communicating organisational change • Short video presentation on roles and assignments	engagement at branch offices • Identifying focal points at branch offices

Actions are monitored on a monthly basis and findings are submitted to Top Management quarterly. Approximately 60% of the envisaged actions were fully implemented by close of 2019, delivering positive outcomes. In November 2019 the third round of the People Survey was launched and preliminary findings testify to a substantial 7% rise in the Engagement Index, to a global Satisfaction Indexin excess of70% and, by and large, to the effectiveness of the actions taken in respect of key areas of improvement.

²³ The ²⁰¹⁸ People Survey addressed the year ending in October 2018.

HEALTH AND SAFETY

HEALTH AND SAFETY

The Group has adopted a Health and Safety Management System (HSMS) compliant with UNI-INAIL guidelines. The HSMS consists of a health and safety Policy, a Manual underpinning all aspects of management, a body of documents detailing organisational procedures as relevant to each and every aspect of health and safety regulations (i.e. (Communication and Consultation, Emergency Management, Health Monitoring, Information and Training, Supplier Accreditation and Appraisal, Accidents and Occupational Illness, Workplace Risk Assessment, Monitoring of Workplace Risks, Interference RiskAssessmentDocuments, Risk Evaluation and ImprovementManagement).

TheHSMS is currently subjectto reviewin viewof a transition from current compliance with respect to UNI-I-NAIL guidelinesto the UNI ISO45001standard in 2020. In 2019, as part of monitoring and control of regulatory compliance with respect to health and safety, a heightened focuswas placed on verification ofthe technical and professional standards of Nexi Group suppliers, as well as on assessing potential workplace Interference Risk.

With reference to such risks,significantscope for risk attenuation stands to be achieved by way of focus groups on work-related stress risks. Focus groups based on homogenous employee group were rolled out during the last two months of 2019 and the evaluation process is due for completionwithin the first half of 2020.

Furthermore, in 2019 a fresh risk assessment round involving all Group places of work was carried out, with a keen focus on premises that in 2018 belonged to Bassilichi SpA (i.e. Florence, Monteriggioni, Padua and Granarolo dell'Emilia).

In 2019 a total of 21 accidents occurred at Nexi Group, none of which fatal.

Other Group health and safety performance indicators are listed in the GRI Content Index.

73

SUPPLY CHAIN

SUPPLY CHAIN

In selecting its suppliers the Group abides by standards of utmost transparency and efficiency so as to ensure full impartiality at every stage of the process. The Group is committed to ensuring a level playing field for all suppliers and delivers on that objective via an impartial assessment process guided by fairness, economy, quality, innovation, continuity and ethical considerations which are in line with its Procurement Policy and are pursuant to the individual Codes of Conduct of each of its companies.

Pursuant to the Group's internal Supplier Accreditation and Evaluation policy, suppliers vying to take part in any procurement process must submit to an accreditation procedure prior to securing listing within the Group's Registry of Suppliers²⁴. Following accreditation, registration is conditional to reading and accepting the principles set forth under Model 231 and the Code of Conduct. During registration, and on a quarterly basis thereafter, the Group carries out due diligence so as to verify whether suppliers have maintained eligibility from a technical standpoint, have secured or maintained any necessary

certifications, are compliant with laws and regulations governing social responsibility, and maintain solid fundamentals. Failure to deliver on these eligibility requirements leads to striking off the Register of Suppliers. With a view to mitigating all potential risks, any supplier recourse to subcontractors is subject to express approval and verification by Nexi. Suppliers based abroad25 are subject to additional accreditation requirements involving the submittal of both signed copies of their contracts and the privacy by design questionnaire.

Allsuppliers aremonitored by SpendingManagersso as to assess supplied service or product quality and compliance with contractual commitments (SLAs). Following such assessments, the Supply Chain Management Function scores its degree of satisfaction with respect to the procurement relationship. The evaluation process is carried out at least once a year with a view to identifying any actions conducive to improvement and to review relationships with its suppliers from a strategic standpoint.

²⁴ All suppliers of goods and services are subject to the accreditation prerequisite with the sole exception of strategic institutional partners that are either irreplaceable or that deliver to capped orders of under Euro 30,000 per annum. Said cap does apply to Mercury Payment Services' suppliers.

²⁵ With the exception of suppliers fulfilling orders below Euro 30,000, institutional partners or strategic suppliers.

The entire process is subject to monitoring by the Audit Function, which also monitors higher-risk or critical suppliers.

Where Nexi Payments is crucially dependent on outside suppliers, in order to minimise its information assets risks with respect to process knowledge or data losses, the provisions of the Policy on Outsourced Business Functions apply. Said policy setsforth clear rules concerning the processes underpinning supplier selection and supplier risk control and mitigation, and defines the control and responsibility principles applicable to said processes. The scope of such provisions is more clearly understood

with reference to Nexi Group's ICT infrastructure processing activities, which, by and large, are outsourced to third parties - first and foremost, in terms of strategic relevance, SIA and EquensWorldline.

At time of reporting no critical issues have arisen as a result of activities outsourced to the abovementioned suppliers.

As at December 31, 2019, the Group's supply chain is 90% comprised of Italian suppliers, accounting for 93% of total supply chain expenditure. The remaining 7% refers to suppliers abroad.

ENVIRONMENTAL IMPACT MANAGEMENT

12.1 Waste management	81
12.2 Real Estate strategy	82
12.3 Data centres solutions	83
12.4 Responsible consumption	83

ENVIRONMENTAL IMPACT MANAGEMENT

Nexi's responsible use of natural resources in the course of its activities is underpinned by the Code of Conduct of each of the Group's member companies. Environmental crimes prevention is subject to express provisions under internal procedure rules and to oversight pursuant to Model 231.

Aspects pertaining to climate change as referenced under "energy efficiency and CO² emissions" are managed and monitored within Nexi, also by way of select initiatives, by the Functions tasked with managing the Group's work premises, supplies and IT infrastructure.

In due consideration of its role as a PayTech company, in 2019 Nexi has continued its Data Centres energy efficiency drive via its Nexi Blu project.

Furthermore, 2019 saw Nexi renegotiate its power supply contracts for its offices and Data Centres, harnessing electricity generated via certified renewable sources or low-carbon plants, thus taking a further step ahead in its energy transition²⁶.

A breakdown of Group CO² emissions (Scope 1, 2 e 3) is provided in the GRI Content Index at the end of the hereby consolidated non-financial Statement.

²⁶ The Milan Marcallo facility ranks as the only exception. Nexi owned data centres are powered by certified renewable energy.

THE NEXI BLU PROJECT FOR DATA CENTRES

As of 2018, in line with IT Strategy and as part of the Nexi Blu project, Nexi has engaged in a process of Data Centres insourcing and consolidation. Given its strategic asset status, the project seeks to ensure that IT infrastructure is subject to tighter Group governance, is more reliable and delivers more energy-efficient performance.

In 2019 the project witnessed completion of insourcing for Nexi Payments' four Data Centres, now housed at two satellite locations outside Milan (i.e. Pero e Settimo Milanese) and managed by leading data centre service providers with proven domestic and international track records. The IT infrastructure hosted at these Data Centres is power-supply rated at GWh 1.252. The service providers at both locations implement energy-efficient solutions, based on international best practices and tried-and-tested technologies, and are ISO 9001 and ISO 14001 certified.

Energy efficiency is life-cycle engineered, spanning design, planning and implementation, and extends to the operations phase via monitoring & control systems and technologies, and is an built-in feature of both individual components and overall architecture. Efficient, environmentally friendly cooling is provided by groundwater in the summer months and by ambient air in the winter. Combined, this system delivers substantial energy savings compared to traditional cooling plants. Inside the facilities, cooling optimisation is achieved through airflow separation and flowrate control systems. Combined with rack by rack local temperature measurements, this ensures that all systems operate at temperature levels consistent with specifications.

These solutions provide for Power Usage Effectiveness (PUE) ratios of below 1.6 at both locations (i.e. 1.55 and 1.58), compared to market-leading PUEs of 1.2.

In 2020 the Nexi Blu insourcing project will extend to two data centres formerly owned by former Bassilichi (which joined the Group in 2018), and two Mercury Payment Services data centres. On completion, the project will provide for even further energy efficiency by decommissioning obsolete systems and via the adoption of facilities equipped with state-of-the-art energy and cooling systems.

The Group is, furthermore, committed to limiting its environmental impact by:

• improving its waste management cycle by resorting, where possible, to sustainable waste disposal methods;
• ensuring maintenance of its premises and plants with a view to gradually improve their environmental performance in keeping with its Real Estate Strategy;
• leveraging innovative low-impact technologies and solutions at its Data Centres, above and beyond the Nexi Blu project;
• promoting responsible use of resources such as paper and plastic in daily operations and activities.

Environmental performance indicators are listed in the GRI Content Index at the end of the hereby consolidated non-financial services.

Waste Management

With respect to materials used in the course of business activities, recovery and recycling are a fundamental to Nexi's waste management approach. The latter is governed by specific internal procedures that designate roles and responsibilities, types of waste, methods and procedures, and whether waste is processed first-hand or by service providers, thus ensuring full compliance with reference to applicable rules and regulations.

Waste sorting at the workplace

Pursuant to standing rules and regulations on waste management and disposal, waste is sorted at the workplace using waste sorting bins and is collected for subsequent disposal by commercial cleaning and sanitation companies. Special or hazardous waste is managed by certified hazardous product disposal companies which are subject to accreditation and selection via the Group's Supply Chain Management Function. Prior to handover for disposal, the waste is classified, and all required permissions and paperwork is verified and provided for.

POS terminal decommissioning

Disposal of Nexi Group POS Terminals at end of life cycle, whether due to obsolescence or replacement, is regulated by specific buyback agreements with POS suppliers, to whom the old terminals are resold in exchange for new ones. All duties pertaining to the disposal of the old terminals rest with suppliers.

ATM machine decommissioning

The disposal of obsolete ATM machines and of any of their components, whether belonging to Nexi or its Partner Banks, is carried out by accredited and certified waste disposal contractors²⁷.

Nexi verifies that such machinery and components are appropriately disposed of through appropriate checks that are carried out in accordance with internal procedures. In 2019, group-wide, Nexi replaced staff desktops and notebooks with higher performance equivalents. A total of 1,000 such devices were donated to Italy's Carabinieri police force.

Real Estate Strategy

Nexi Group's Real Estate Strategy, which took effect in 2018 and continued throughout 2019, aims to improve working spaces both in terms of energy efficiency and of employee quality of life so as to ensure that premises are safe, comfortable, fit for purpose and environmentally friendly.

This strategy has also entailed reorganising designated places of work with a further view to creating synergies among the employees of the Group'svarious companies, in line with overriding goals concerning the establishment of a single, common organisation identity. In May 2019 Mercury Payment Services employees were transferred from their former offices, joining theirNexi Payments colleagues at the Group's Milan headquarters in Corso Sempione and at its other Milan offices in Via Livraghi, contributing to substantial energy savings.

In addressing and managing the energy impact of itsreal estate²⁸ the Group leverages external Energy Management services tasked with:

• identifying actions, interventions, procedures or any other initiative conducive to promoting efficient energy uses;
• drafting an energy management report based on, among other parameters, economies and end uses;
• completingmandatoryMinistry of EconomicDevelopmentsurveysfor corporate recipients of energy grants.

In 2019 Nexi Group set its sights on boosting its environmental performance via a range of initiatives designed to curb its energy consumption and greenhouse gas (GHG) emissions. The initiatives targeted two major sections of its Milan headquarters in Corso Sempione 55-57 in view of their sizeable energy uptake driven by size (i.e. 41.540 square metres, namely 58% of all Group office floor space), as well as the age of the building and employee numbers. On a more specific note, in 2019 the following facilities interventions were planned and carried out:

• overhaul of old central heating/cooling systems and installation of geothermal heat pumps, dismantling of old central heating/cooling units and replacement with next generation systems which, combined with geothermal groundwater heat pumps,stand to curb energy uptake and emissions. Once overhaul is complete, this energy efficient system is expected to deliver utility bill savings between 15% and 18%. The overhaul was carried in two stagesso asto ensure business continuity at alltimes. Stage one was both commenced and completed in summer 2019; stage two commenced in November 2019 and is due for completion in 2020;
• replacement of the four central lifts, serving both sections of the building, as well as being more energy efficient, the new lifts come with an advanced call reservation system that optimises lift scheduling and delivers further energy savings. Installation commenced in November 2019 and is due for completion in March 2020;
• corridor lighting replacement as part of the restyling of corridors throughout the building involving replacement of trims and fixtures, new LED lighting will be installed. Corridor space accounts for 11% of the building's floor space. The tenders process is due for completion in 2020 and work will be staggered during the course of the entire year.

²⁷ As well as ATMs, the list also includes so-called "Base B" devices (that are largely used for healthcare service payments) and "TCRs" (Teller Cash Recyclers). Machine parts and components are handled by the Bologna Granarolo facility, which also provides for repairs, and the Empoli facility hosted by ICT Logistica. Disposal is

always carried out by certified third party service providers. ²⁸ Thisincludes all premises hosting Group employees, i.e. Bologna (Anzola and Granarolo), Milan, Florence (including BassmArt Srl offices), Padua, Siena, Udine (Cividale), Mercury Payment Services' payment card production plant outside Milan (Marcallo) and its Milan data centre facilities (Sesto San Giovanni and Viale Richard).

In 2020 Nexi Group is setting its sight on further boosting its commitment to securing strategic goals and aims to do so by engaging in energy efficiency and consumption surveys at its other branches, including its Florence offices.

Water consumption

In 2019, to provide for more efficient water usage, old water taps in toilets throughout Nexi's Milan headquarters were replaced with modern photocell-activated electronic taps. Water savings interventions with respect to industrial and fire-extinguishing water systems were carried out at Mercury Payment Services' Marcallo plant outside Milan.

Data centre solutions

As well as pressing ahead with the Nexi Blu project, the Group is drafting plans which, over the course of the coming years, will gradually and steadily phase out old IT systems and replace them with next generation ones that benchmarked against like performance are less energy consuming. Future IT systems also stand to allow for reduced physical storage requirements by delivering higher performance per unit size, thus lowering demands on space and which in turn spell savings in terms of data centre refrigeration requirements.

Responsible consumption

Nexi is committed to protecting the environment and to disseminating thatvalue among theGroup's people by fostering awareness of the environmental impacts of daily behaviours.

In 2019 Nexi embarked on a set of projects geared towards the adoption of sustainable materials within the organisation and towards promoting good practices.

Under the "Less is More" umbrella, these projects look to encourage employeesto find alternativesto drinking water out of plastic bottles and also to deliver new rules concerning the use of paper prints to circulate documents or provide presentations.

The latter part ofthe initiative isinspired by a 2019 initiative by the Board of Directors to go entirely paperless, which resulted in a 25% reduction in paper use compared to 2018.

Due for roll-out in 2020, the "Less is More" initiative actively looks to on-board new Group employees, testifying to Nexi's keen focus with respect to younger generations' concerns for the environment.

GRI INDICATORS

GRI INDICATORS

NEXI GROUP PEOPLE

GRI 102-8 INFORMATION ON EMPLOYEES AND OTHER WORKERS

		31.12.2019
Employee total by gender (no.)	Men	Women	Total
Employees (HC)	1,033	896	1,929
Other associates	28	20	48
- internships	6	4	10
- temporary contracts	17	16	33
- partnerships	5	-	5
Total	1,061	916	1,977

		31.12.2019
Employees by type of contract (no.)	Men	Women	Total
Full-time	1,010	575	1,585
Part-time	23	321	344
Total	1,033	896	1,929

	31.12.2019
Employees by type of contract and geographical area (no.)		Permanent		Temporary	Permanent	Temporary
	Men	Women	Men	Women	Total	Total
Milan	779	677	10	4	1,456	14
Florence	73	44	-	-	117	-
Rome	52	28	-	-	80	-
Bologna (Granarolo, Anzola)	46	29	-	-	75	-
Padua	40	42	-	-	82	-
Udine (Cividale)	17	61	-	-	78	-
Siena	16	11	-	-	27	-
Total	1,023	892	10	4	1,915	14

GRI 405-1 DIVERSITY OF GOVERNANCE BODIES AND EMPLOYEES

Employees by professional category and age (no., %)	31.12.2019
	Men	Women	Total	Men	Women
Senior Managers	76	19	95	3.9	1.0
Middle Managers	416	222	638	21.6	11.5
Other employees	541	655	1,196	28.0	34.0
Total	1,033	896	1,929	53.6	46.4

Employees by professional	31.12.2019
category and age (no., %)	<30	30-50	>50	Total	<30	30-50		>50 Totale
Senior Managers	-	58	37	95	-	3.0	1.9	4.9
Middle Managers	11	421	206	638	0.6	21.8	10.7	33.1
Other employees	37	894	265	1,196	1.9	46.3	13.7	62.0
Total	48	1,373	508	1,929	2.5	71.1	26.3	100.0

GRI 401-1 NEW EMPLOYEE HIRES AND EMPLOYEE TURNOVER

	31.12.2019
Incoming and outgoing employees by gender (no.)	Men	Women	Total
Incoming employees1	259	180	439
Outgoing employees	62	32	94
Total	321	212	533

1. Including 315 employees (i.e. 187 men, 128 women) enlisted following 2018 integration of former Bassilichi Group and DEPObank staff effective as of January 1, 2019.

	31.12.2019
Turnover rate by gender (%)	Men	Women	Total
Incoming employees 1	25.1	20.1	22.8
Outgoing employees	6.0	3.6	4.9

1. Including 315 employees (i.e. 187 men, 128 women) enlisted following 2018 integration of former Bassilichi Group and DEPObank staff effective as of January 1, 2019.

	31.12.2019
Incoming and outgoing employees by age (no.)	<30	30-50	>50	Total
Incoming employees1	29	287	123	439
Outgoing employees	7	56	31	94
Total	36	343	154	533

1. Including 315 employees (i.e. 187 men, 128 women) enlisted following 2018 integration of former Bassilichi Group and DEPObank staff effective as of January 1, 2019.

	31.12.2019
Turnover rate by age (%)	<30	30-50	>50	Total
Turnover rate (incoming) 1	60.4	20.9	24.2	22.8
Turnover rate (outgoing)	14.6	4.1	6.1	4.9

1. Including 315 employees (i.e. 187 men, 128 women) enlisted following 2018 integration of former Bassilichi Group and DEPObank staff effective as of January 1, 2019.

	31.12.2019
Incoming and outgoing employees by geographical area (no.)	Incoming employees 1 Outgoing employees
Milan	165	79
Florence	118	4
Rome	30	3
Bologna (Granarolo, Anzola)	27	5
Padua	72	2
Udine (Cividale)	-	1
Siena	27	-
Total	439	94

1. Including 315 employees (i.e. 187 men, 128 women) enlisted following 2018 integration of former Bassilichi Group and DEPObank staff effective as of January 1, 2019.

	31.12.2019
Turnover rate by geographical area (%)	Milan	Florence	Rome	Bologna (Granarolo, Anzola)	Padua	Udine (Cividale)	Siena
Turnover rate (incoming) 1	8.6	6.1	1.6	1.4	3.7	-	1.4
Turnover rate (outgoing)	4.1	0.2	0.2	0.3	0.1	0.1	-

1. Including 315 employees (i.e. 187 men, 128 women) enlisted following 2018 integration of former Bassilichi Group and DEPObank staff effective as of January 1, 2019.

GRI 404-1 AVERAGE HOURS OF TRAINING PER YEAR PER EMPLOYEE

	31.12.2019
Training hours by professional category and gender (no.)1	Men	Women	Total
Senior Managers	1,917.2	523.0	2,440.2
Middle Managers	18,231.3	9,293.0	27,524.3
Other employees	21,906.1	26,087.6	47,993.8
Total	42,054.6	35,903.6	77,958.2

Average training hours by professional category and gender (no.) 1		31.12.2019
	Men	Women	Total
Senior Managers	25.2	27.5	25.7
Middle Managers	43.8	41.9	43.1
Other employees	40.5	39.8	40.1
Total	40.7	40.1	40.4

1. The data does not include training hours provided to BassmArt Srl employees (i.e.7 employees).

Ratio of basic salary and remuneration of women to men (%)	31.12.2019
	Pay	Remuneration
Senior Managers1	86.9	94.8
Middle Managers	89.7	89.5
Other employees	93.3	89.6

GRI 405-2 RATIO OF BASIC SALARY AND REMUNERATION OF WOMEN TO MEN

1. The data does not include figures for the CEO and positions directly reporting to him. Basic yearly salary is presented as gross. Remuneration is calculated as pay plus any bonus or incentives scheme.

GRI 404-3 PERCENTAGE OF EMPLOYEES RECEIVING REGULAR PERFORMANCE AND CAREER DEVELOPMENT REVIEWS

Percentage of employees involved in the PM system by professional category and gender1 (%)	31.12.2019
	Men	Women	Total
Senior Managers	98.7	94.7	97.9
Middle Managers	96.9	96.4	96.7
Other employees	96.7	97.7	97.2
Total	96.9	97.3	97.1

1. The data relative to Performance Management does not include training hours provided to BassmArt Srl employees (i.e.7 employees).

GRI 403-2 TYPES OF INJURY AND RATES OF INJURY, OCCUPATIONAL DISEASES, LOST DAYS, AND ABSENTEEISM, AND NUMBER OF WORK-RELATED FATALITIES

	31.12.2019
Accidents by type	Men	Women	Total
At work	1	1	2
En route	9	10	19
Total	10	11	21

	31.12.2019
	Men	Women	Total
Absenteeism rate (%)1	2.8	3.7	3.2

1. Number of employee absences by total number of theoretical hours in the period. Employee absences do not include holiday leave, study leave, maternity or paternity leave, compassionate leave and blood donation leave.

	31.12.2019
Accident indexes1	Men	Women	Total
Severity index	9.7	12.3	10.9
Frequency index	0.1	0.3	0.2
Occupational illness rate	5.2	7.2	6.1
Tasso di malattie professionali	0.0	0.0	0.0

1. Incidence Index: number of accidents at work/total number of employees. Severity index: number of lost days due to accidents/total number of hours worked*1,000. Frequency index: number of accidents/total number of hours worked*1,000,000. Occupational illness rate: total number of cases of occupational illnesses/ total hours worked*200,000.

ENVIRONMENTAL IMPACT MANAGEMENT

GRI 301-1 MATERIALS USED BY WEIGHT

Materials by (t)	31.12.2019
Non-recycled paper	181.5
Envelopes	20.0
Plastic (for payment card personalisation)	14.0
Boxes	11.0
Cardboard	2.0
Toner	0.8
Total	229.3

GRI 306-2 WASTE BY TYPE AND DISPOSAL METHOD

Waste by type (t)	31.12.2019
Hazardous waste1	532.0
Recycled or reused hazardous waste	532.0
Non-hazardous waste2	89.0
Recycled or reused total non-hazardous waste	89.0
Total	621.0

In 2019 no advanced of Nexi SmartPOS terminals were decommissioned.

1. Hazardous waste includes toner cartridges, lamps, computer screens, electronic equipment, lea-acid batteries and certain unserviceable equipment (European Waste Codes EWC 160211 and 160213). The vast majority of hazardous waste, namely 531 tons, refers to decommissioned ATMs and their components.

2. Non-hazardous waste includes paper, cardboard, alkaline batteries, iron, steel, certain unserviceable equipment, shredded credit cards and card personalisation waste (European Waste Code - EWC 160214)

GRI 303-1 WATER WITHDRAWAL BY SOURCE

In 2019, Nexi withdrew and consumed water from the public water system to the extent of 49,927 cubic metres, of which 33,392 obtained from aqueducts and 16,535from surface waters.

GRI 302-1 ENERGY CONSUMPTION WITHIN THE ORGANIZATION

GRI 305-1 DIRECT (SCOPE 1) GHG EMISSIONS

GRI 305-2 ENERGY INDIRECT (SCOPE 2) GHG EMISSIONS

Energy consumption	31.12.2019
Direct emissions - Scope 1 (tCO2 e)	1.189,1
Total direct consumption (GJ)	21.363,1
- renewables (GJ)	846,6
- photovoltaic total (kWh)2	235.153,0
- non-renewables (GJ)	20.516,6
- natural gas total (m3)1	306.977,0
- company fleet diesel (litres)	212.724,5
- company fleet diesel (litres)	6.323,3
Indirect emissions - Scope 2 (tCO2 e) (Location-Based)3	78.505,1
Indirect emissions - Scope 2 (tCO2 e) (Market-Based)4	74.961,2
Total indirect consumption (GJ)	43.613,5
- renewables (GJ)	40.836,6
- renewable electricity (kWh	11.343.507,0
- non-renewables (GJ)	2.776,9
- non-renewable electricity (kWh)	346.532,0
- district heating (cogeneration plant) (kWh	424.820,0

1. The figure does not include photovoltaic power generated at the Group's Bologna facilities in Granarolo and does not include photovoltaic power generated September through toOctober 2019 at the Group's Udine premisesin Cividale owing to figures not being available.

2. The figure does not include natural gas consumption figures at the Group's Bologna facility in Granarolo.

3. Location-based Scope 2 emissions are calculated based on indirect consumption using location-based emission factors subject to special definitions under Italian banking association ABI Guidelines consistent with GRI environmentalstandards.

4. Market-based Scope 2 emissions are calculated based on the percentage of renewable energy consumption that is certified production-side by suppliers for the whole of 2019 (i.e. applicable to all Nexi Group offices, branches and data centres except for the Marcallo plant) and on emission factors assigned to Italy's residual mix by the Association of Issuing Bodies.

GRI 305-3 OTHER INDIRECT (SCOPE 3) GHG EMISSIONS

	31.12.2019
Indirect emissions - Scope 3 (tCO2 e)	624.7
Business trips1 (Km)
- by car	1,299,917.0
- by train	3,626,487.0
- by place	1,430,890.0

1. The data does not include figures pertaining to BassmArt Srl (i.e.7 employees).

RECONCILIATION STATEMENT OF MATERIAL TOPICS AND GRI CONTENT INDEX

RECONCILIATION STATEMENT BETWEEN REGULATORY DOMAINS, MATERIAL TOPICS AND GRI STANDARDS

Legislative Decree No. 254/2016	Material topics as relevant to Nexi Group GRI Reference Standards		Scope of Impac ts
		Impact within Nexi Group	Impact outside Nexi Group1	Limitations
Staff	Talent attraction & employer branding	Employment: 401-1	Group-wide
	Employee training and development	Training & Education: 404-1	Group-wide
	Staff appraisal and remuneration policies	Diversity and Equal Opportunities: 405-2 Training & Education: 404-3	Group-wide
Staff/Human Rights	Diversity and equal opportunities	Diversity and Equal Opportunities: 405-1, 405-2 Non-Discrimination: 406-1	Group-wide
	Well-being and sustainable Welfare	Employment: 401-2	Group-wide
	Employment and labour relations	Stakeholder Engagement: 102-41 Labour/Management Relations: 402-1	Group-wide
	Health & safety promotion	Occupational Health & Safety: 403-2	Group-wide
Clients	Privacy and Data security	Client Privacy: 418-1	Group-wide	Clients
	Customer satisfaction	*	Group-wide	Clients
	Business continuity	*	Group-wide	Clients/ Communities and Districts
	Operational excellence	*	Group-wide	Clients
	Innovation	*	Group-wide	Clients/Innovation community/ / Communities and Districts
	Transparency	Marketing and Labelling: 417-3	Group-wide	Clients
Supply Chain	Responsible supply chain management	Supply Chain: 102-9 Procurement Practices: 204-1	Group-wide	Suppliers
Environment	Energy efficiency and CO2 emissions	Energy: 302-1 Emissions 305-1, 305-2, 305-3	Group-wide	Communities and Districts/ Environment
	Responsible consumption	Water and Effluents: 303-1	Group-wide	Communities and
	and waste management	Material: 301-1 Effluents and Waste: 306-2		Districts/ Environment
Community	Payment digitalisation in Italy	*	Group-wide	Communities and Districts/ Innovation community
Corruption	Integrity in corporate conduct	Ethics and Integrity: 102-16, 102-17 Anti-corruption: 205-2, 205-3 Anti-competitive Behaviour: 206-1 Socioeconomic Compliance: 419-1	Group-wide	Clients/Communities and Districts

* With reference to these topics, which are not directly envisaged under specific GRI Standards, see the GRI Content Index for descriptions of the management approaches adopted by Nexi and of their relative performance indicators.

1. The contents which refer to impacts external to the Group in the table shown below constitute qualitative information to aid comprehension of the scope of the business versus the main stakeholders.

GRI CONTENT INDEX DRAFTED IN ACCORDANCE WITH THE CORE OPTION OF THE GRI STANDARDS29

Disclosure	Description of the indicator	Page No./Notes
GRI 102: GENERAL DISCLOSURES 2016
ORGANISATIONAL PROFILE
102-1	Name of the organisation	Pp. 6-7
102-2	Activities, brands, products, and services	Pp. 16-17
102-3	Location of headquarters	C.so Sempione 55, 20149, Milan
102-4	Location of operations	Pp. 10; 62
102-5	Ownership and legal form	Pp. 6-7; 12
102-6	Markets served	Pp. 16-17
102-7	Scale of the organisation	Pp. 16-17
102-8	Information on employees and other workers	Pp. 62;90
102-9	Supply chain	Pp. 76-77
102-10	Significant changes to the organisation and its supply chain	Pp. 6-7; 10-11; 76-77
102-11	Precautionary Principle or approach	Pp. 37-38
102-12	External initiatives	Pp. 21-24
102-13	Membership of associations	P. 22
STRATEGY
102-14	Statement from senior decision-maker	Pp. 2-3
102-15	Key impacts, risks and opportunities	Pp. 37-38; 86
ETHICS AND INTEGRITY
102-16	Values, principles, standards and norms of behaviour	Pp. 44-46; 61
102-17	Mechanisms for advice and concerns about ethics	Pp. 45-46
GOVERNANCE
102-18	Governance structure	Pp. 30-33
102-22	Composition of the highest governance body and its committees	Pp. 32-33
STAKEHOLDER ENGAGEMENT
102-40	List of stakeholder groups	Pp. 20-24
102-41	Collective bargaining agreements	P. 62
102-42	Identifying and selecting stakeholders	Pp. 20-24
102-43	Approach to stakeholder engagement	Pp. 20-24
102-44	Key topics and concerns raised	Pp. 20-24; 50-52; 69

²⁹ No omissions for 2019.

Disclosure	Description of the indicator	Page No./Notes
REPORTING PRACTICE
102-45	Entities included in the consolidated financial statements	Pp. 6-7
102-46	Defining report content and topic boundaries	Pp. 24-27; 86
102-47	List of material topics	Pp. 24-27
102-48	Restatements of information	This is the first-ever consolidated non-financial Statement published by Nexi GrouP.
102-49	Changes in reporting	This is the first-ever consolidated non financial Statement published by Nexi GrouP.
102-50	Reporting period	Pp. 6-7
102-51	Date of most recent report	This is the first-ever consolidated non financial Statement published by Nexi GrouP. In 2018 Nexi published its Environmental, Social and Governance Report within its 2018 Nexi SpA Report and Financial Statements. The document is available for consultation the financial statements section of the www.nexi.it website.
102-52	Reporting cycle	Pp. 6-7
102-53	Contact point for questions regarding the report	Pp. 6-7
102-54	Claims of reporting in accordance with GRI Standards	Pp. 6-7
102-55	GRI Content Index	Pp. 98-102
102-56	External assurance	P. 101
	ECONOMIC PERFORMANCE: TOPIC SPECIFIC STANDARDS
	GRI 204: PROCUREMENT PRACTICES 2016
GRI 103	Management approach 2016	Pp. 76-77
204-1	Proportion of spending on local suppliers	P. 77
	GRI 205: ANTI-CORRUPTION 2016
GRI 103	Management approach 2016	Pp. 44-46
205-2	Communication and training about anti-corruption policies and procedures	P. 46
205-3	Confirmed incidents of corruption and actions taken	In 2019 no incidents involving corruption, unlawful conduct, violations of the Code of Conduct or provisions under Model 231 occurred and no actions were taken leading to fines, sanctions or litigation against Nexi's employees or its commercial partners.
GRI 206: ANTI-COMPETITIVE BEHAVIOUR 2016
GRI 103	Management approach 2016	Pp. 44-46
206-1	Legal actions for anti-competitive behaviour, anti-trust and monopoly practices	In 2019 no legal actions, ongoing or terminated, were pursued on anti competitive, anti-trust or monopoly grounds, nor were any reports filed with reference to inappropriate conduct with an anti-trust bearing.
ENVIRONMENTAL PERFORMANCE: TOPIC SPECIFIC STANDARDS
GRI 301: MATERIALS 2016
GRI 103	Management approach 2016	Pp. 80-81; 83
301-1	Materials used by weight or volume	P. 90

Disclosure	Description of the indicator	Page No./Notes
GRI 302: ENERGY 2016
GRI 103	Management approach 2016	Pp. 80-83
302-1	Energy consumption within the organization	P. 91
	GRI 303: WATER AND EFFLUENTS 2016
GRI 103	Management approach 2016	Pp. 80-81; 83
303-1	Water withdrawal by source	P. 90
GRI 305: EMISSIONS 2016
GRI 103	Management approach 2016	Pp. 80-83
305-1	Direct (Scope 1) GHG emissions	P. 95
305-2	Energy indirect (Scope 2) GHG emissions	P. 91
305-3	Other indirect (Scope 3) GHG emissions	P. 95
GRI 306: EFFLUENTS AND WASTE 2016
GRI 103	Management approach 2016	Pp. 80-82
306-2	Waste by type and disposal method	P. 90
	SOCIAL PERFORMANCE: TOPIC SPECIFIC STANDARDS
	GRI 401: EMPLOYMENT 2016
GRI 103	Management approach 2016	Pp. 60-68
401-1	New employee hires and employee turnover	Pp. 97-98
401-2	Benefits provided to full-time employees that are not provided to temporary or part-time employees	Nexi Group provides benefits to all its employees making no distinction between professional categories or contract type (whether full-time or part-time), and ensures that employee parental leave rights an upheld pursuant to standing laws and regulations.
	GRI 402: LABOUR/MANAGEMENT RELATIONS 2016
GRI 103	Management approach 2016	Pp. 60-68
402-1	Minimum notice periods regarding operational changes	Minimum notice periods regarding operational changesNexi Group upholds provisions within Italy's national CCNL collective bargaining agreements and within supplementary CIA agreements pertaining to trade union engagement, both on a scheduled basis and otherwise, including under any circumstances leading changes to the structure of the organisation designed to better manage its activities, and is fully committed to consultation procedures envisaged by contract or by law.
	GRI 403: OCCUPATIONAL HEALTH AND SAFETY 2016
GRI 103	Management approach 2016	P. 72
403-2	Types of injury and rates of injury, occupational diseases, lost days, and absenteeism and number of work-related fatalities	Pp. 89
	GRI 404: TRAINING AND EDUCATION 2016
GRI 103	Management approach 2016	Pp. 64-68
404-1	Average hours of training per year per employee	P. 88
404-3	Percentage of employees receiving regular performance and career development reviews	P. 89

Disclosure	Description of the indicator	Page No./Notes
	GRI 405: DIVERSITY AND EQUAL OPPORTUNITY 2016
GRI 103	Management approach 2016	Pp. 62-63
405-1	Diversity of governance bodies and employees	Pp. 30-32; 89
405-2	Ratio of basic salary and remuneration of women to men	P. 89
	GRI 406: NON DISCRIMINATION 2016
GRI 103	Management approach 2016	Pp. 44-45
406-1	Incidents of discrimination and corrective actions taken	In 2019 no confirmed instances of discrimination were reported.
	GRI 417: MARKETING AND LABELLING 2016
GRI 103	Management approach 2016	P. 41
417-3	Incidents of non-compliance concerning marketing communications	In 2019 no incidents were identified of non-compliance with respect to neither regulations or voluntary codes of conduct pertaining to marketing communications, including advertising, promotional activities and sponsorships, nor regulations on transparency.
	GRI 418: CUSTOMER PRIVACY 2016
GRI 103	Management approach 2016	Pp. 41; 65
418-1	Substantiated complaints concerning breaches of customer privacy and losses of customer data	P. 41
	GRI 419: SOCIOECONOMIC COMPLIANCE 2016
GRI 103	Management approach 2016	Pp. 44-45
419-1	Non-compliance with laws and regulations in the social and economic area	In 2019 the Group received no significant fines were levied on the economic front. No penalties were received on grounds of non-compliance with respect to laws and regulations on the social front.
	CUSTOMER SATISFACTION
GRI 103	Management approach 2016	Pp. 50-52
DATA SECURITY
GRI 103	Management approach 2016	Pp. 54-55
BUSINESS CONTINUITY
GRI 103	Management approach 2016	Pp. 55-56
	OPERATIONAL EXCELLENCE
GRI 103	Management approach 2016	Pp. 55-56
INNOVATION
GRI 103	Management approach 2016	Pp. 52-53
	DIGITALISATION OF PAYMENTS IN ITALY
GRI 103	Management approach 2016	Pp. 23-24; 52-53

AUDITORS' REPORT

Independent auditor's report on the consolidated non-financial statement

pursuant to article 3, paragraph 10, of Legislative Decree No. 254/2016 and article 5 of CONSOB Regulation No. 20267 of January 2018

To the Board of Directors of Nexi SpA

Pursuant to article 3, paragraph 10, of Legislative Decree No. 254 of 30 December 2016 (the "Decree") and article 5 of CONSOB Regulation No. 20267/2018, we have performed a limited assurance engagement on the consolidated non-financial statement of Nexi SpA and its subsidiaries (hereafter the "Group") for the year ended 31 December 2019 prepared in accordance with article 4 of the Decree and approved by the Board of Directors on 6 March 2020 (hereafter the "NFS").

Responsibility of Management and those charged with Governance for the NFS

The Directors are responsible for the preparation of the NFS in accordance with article 3 and 4 of the Decree and with the "GRI-Sustainability Reporting Standards" defined in 2016, hereafter the "GRI Standards", identified by them as the reporting standards.

The Directors are responsible, in accordance with the law, for the implementation of internal controls necessary to ensure that the NFS is free from material misstatement, whether due to fraud or unintentional errors.

Moreover, the Directors are responsible for identifying the content of the NFS, within the matters mentioned in article 3, paragraph 1, of the Decree, considering the activities and characteristics of the Group and to the extent necessary to ensure an understanding of the Group's activities, its performance, its results and related impacts.

Finally, the Directors are responsible for defining the business and organisational model of the Group and, with reference to the matters identified and reported in the NFS, for the policies adopted by the Group and for the identification and management of risks generated and/or faced by the Group.

The Board of Statutory Auditors is responsible for overseeing, in the terms prescribed by law, compliance with the Decree.

Auditor's Independence and Quality Control

We are independent in accordance with the principles of ethics and independence set out in the Code of Ethics for Professional Accountants published by the International Ethics Standards Board for Accountants, which are based on the fundamental principles of integrity, objectivity, competence and professional diligence, confidentiality and professional behaviour. Our audit firm adopts International

Standard on Quality Control 1 (ISQC Italy 1) and, accordingly, maintains an overall quality control system which includes processes and procedures for compliance with ethical and professional principles and with applicable laws and regulations.

Auditor's responsibilities

We are responsible for expressing a conclusion, on the basis of the work performed, regarding the compliance of the NFS with the Decree and with the GRI Standards. We conducted our engagement in accordance with "International Standard on Assurance Engagements ISAE 3000 (Revised) – Assurance Engagements Other than Audits or Reviews of Historical Financial Information" (hereafter "ISAE 3000 Revised"), issued by the International Auditing and Assurance Standards Board (IAASB) for limited assurance engagements. The standard requires that we plan and apply procedures in order to obtain limited assurance that the NFS is free of material misstatement. The procedures performed in a limited assurance engagement are less in scope than those performed in a reasonable assurance engagement in accordance with ISAE 3000 Revised ("reasonable assurance engagement") and, therefore, do not provide us with a sufficient level of assurance that we have become aware of all significant facts and circumstances that might be identified in a reasonable assurance engagement.

The procedures performed on the NFS were based on our professional judgement and consisted in interviews, primarily with company personnel responsible for the preparation of the information presented in the NFS, analysis of documents, recalculations and other procedures designed to obtain evidence considered useful.

In particular, we performed the following procedures:

• 1 analysis of the relevant matters reported in the NFS relating to the activities and characteristics of the Group, in order to assess the reasonableness of the selection process used, in accordance with article 3 of the Decree and with the reporting standards adopted;
• 2 analysis and assessment of the criteria used to identify the consolidation area, in order to assess their compliance with the Decree;
• 3 comparison of the financial information reported in the NFS with that reported in the Group's Consolidated Financial Statements;
• 4 understanding of the following matters:
  • − business and organisational model of the Group, with reference to the management of the matters specified by article 3 of the Decree;
  • − policies adopted by the Group with reference to the matters specified in article 3 of the Decree, actual results and related key performance indicators;
  • − main risks, generated and/or faced by the Group, with reference to the matters specified in article 3 of the Decree.

With reference to those matters, we compared the information obtained with the information presented in the NFS and carried out the procedures described under point 5 a) below; understanding of the processes underlying the preparation, collection and management of the significant qualitative and quantitative information included in the NFS. In particular, we held meetings and interviews with the management of Nexi SpA and we performed limited analysis of documentary evidence, to gather information about the processes and procedures for the

collection, consolidation, processing and submission of the non-financial information to the function responsible for the preparation of the NFS.

Moreover, for material information, considering the activities and characteristics of the Group:

• at holding level
  • a) with reference to the qualitative information included in the NFS, and in particular to the business model, the policies adopted and the main risks, we carried out interviews and acquired supporting documentation to verify their consistency with available evidence;
  • b) with reference to quantitative information, we performed analytical procedures as well as limited tests, in order to assess, on a sample basis, the accuracy of consolidation of the information;
• for the subsidiary Nexi Payments SpA, which was selected on the basis of its activities, its contribution to the performance indicators at a consolidated level and its location, we carried out site visits during which we met local management and gathered supporting documentation regarding the correct application of the procedures and calculation methods used for the key performance indicators.

Conclusions

Based on the work performed, nothing has come to our attention that causes us to believe that the NFS of Nexi Group as of 31 December 2019 has not been prepared, in all material respects, in compliance with articles 3 and 4 of the Decree and with the GRI Standards.

Other aspects

As mentioned in "Methodological Note", no comparative data are presented in the NFS because the year ended 31 December 2019 represents the first year in which Nexi Group is subject to the reporting obligations in accordance with the Decree; therefore there are no comparative data subject to audit.

Milan, 3 April 2020

PricewaterhouseCoopers SpA

Signed by Signed by

Lia Lucilla Turri Paolo Bersani

(Partner) (Authorised signatory)

This report has been translated from the Italian original solely for the convenience of international readers. We have not performed any controls on the NFS 2019 translation.

Nexi SpA

Corso Sempione 55, 20149 Milano T. +39 02 3488.1 • F. +39 02 3488.4180 www nexi it Milano, Monza Brianza and Lodi Registry of Companies, Tax Code 09489670969 Representative of Nexi Vat Group - VAT n. 10542790968 Register of Economic Activities (REA) Milano 2093618 Share Capital € 57.070.707,00 fully paid in

Concept, Graphic design

www mercuriogp eu