Banca Generali S p A : Report of the Board of Statutory Auditors to the General Shareholders' Meeting

BANCA GENERALI S.P.A.

Board of Statutory Auditors' Report

pursuant to Article 153 of Legislative Decree 58/98 and Article 2429 Paragraphs 2 and 3, of the Italian Civil Code

Shareholders,

We have reviewed the Annual Integrated Report for the year ended 31 December 2020, which consists of:

• the Draft Separate and Consolidated Financial Statements of "Banca Generali S.p.A." for the year ended 31 December 2020, including the Notes and Comments and detailed accounting statements;
• the consolidated Report on Operations, integrated with non-financial information;
• documents prepared by Directors and duly forwarded to the Board of Statutory Auditors.

During the year, the oversight activity was conducted by the Board of Statutory Auditors, in compliance with the law and, specifically, of Article 149 of Legislative Decree No. 58/1998, and in accordance with the code of conduct recommended by the Roll of Certified Public Accountants and Commercial Experts, taking also account of Consob and Bank of Italy provisions included in the Corporate Governance Code, as well as in accordance with Article 19 of Legislative Decree No. 39/10.

The Board of Statutory Auditors herewith reports to the General Shareholders' Meeting that in the course of the year ended 31 December 2020 it carried out the following activities:

• it participated in 15 meetings of the Board of Directors, verifying that the resolutions adopted and implemented were in compliance with the law and the Articles of Association and ensuring that they were neither imprudent nor gave rise to conflicts of interest not adequately addressed and managed;
• it participated in 17 meetings of the Internal Audit and Risk Committee;
• it participated in 10 meetings of the Remuneration Committee;
• it participated in 9 meetings of the Nomination, Governance and Sustainability Committee;
• it participated in 7 meetings of the Supervisory Board, in light of the Board of Directors' Resolution passed on 12 April 2018 which entrusted the Supervisory Board's functions to the Board of Statutory Auditors;
• it participated in 20 regular meetings held to conduct its audits;
• it participated in 3 induction meetings;
• it requested and obtained from the Chief Executive Officer and General Manager and the Manager in charge of prepa- ring the company's financial reports or other Company Managers information concerning the Highly Significant Tran- sactions carried out by the Company, and acknowledged that such transactions were not considered clearly imprudent or risky, in potential conflict of interest, in contrast with resolutions adopted by the Shareholders' Meeting or such as to compromise the integrity of the company's assets;
• it exchanged information with the Chairmen of the Boards of Statutory Auditors of the subsidiary Generfid S.p.A. and of Nextam Partners S.p.A., Nextam Partners SGR S.p.A. and Nextam Partners SIM S.p.A., with the control body of the Luxembourg-based subsidiary BG Fund Management Luxembourg S.A., with the control body of the Swiss-based subsidiary BG Valeur S.A., as well as the Board of Statutory Auditors of the Parent Company, Assicurazioni Generali S.p.A., including in light of Consob's 2021 warning notices on Covid-19;
• it verified the instructions given by the Company to its subsidiaries, pursuant to Article 114, paragraph 2, of Legislative Decree No. 58/98, as well as the supervisory instructions issued by the Bank of Italy, and deemed that they were adequate;
• it issued legal opinions, including those relating to the main subjects listed below:
• • remuneration and incentivisation policies;
  • ICAAP and ILAAP process;
• it verified that its members possessed the independence requisites, as well as its own adequacy in terms of powers, functioning and composition, taking into account the scale, complexity and activities of the Bank. Moreover, it verified that the independent auditors possessed the independence requisites and found that the procedures adopted by the Board of Directors to ascertain its own internal independence compliance were adequate;
• It monitored the periodical self-assessment process of the Board of Directors and Board Committees, with the fol- lowing outcome:
• • the Board was found to be adequate in terms of number of members and to be balanced in composition between Independent and Non-independent directors, taking account of the size of the Board and its Committees, and in view of the management of possible conflicts of interest;
  • the current remuneration systems were found to be adequate and consistent with the Corporate Governance Com- mittee's recommendation regarding the remuneration of executive directors and remuneration policies were found to be adequate to the pursuit of the objective of the sustainability of the enterprise's activity in the medium-to-long term;
• it systematically monitored the functioning of the Internal Control and Risk Management System, stating its observa- tions on the interim and annual reports concerning the activities performed and the programmes to be implemented by different control functions. It also checked the implementation status of the activity plans and ensuing results. The system envisages line checks, risk management and compliance checks, controls against money laundering, and inter-

548 ANNUAL INTEGRATED REPORT 2020

BANCA GENERALI S.P.A.

nal audit activity. Business operations and information flows amongst the various parties involved, including the Board of Statutory Auditors, were efficiently coordinated during the year. In the year under review, Internal Audit assessed that the internal control and risk management systems were efficiently implemented, and put forward certain recommendations and suggestions aimed at improving risk management and control, without highlighting any significant shortcomings. The Head of the Internal Audit function reports directly to the Board of Directors, while second-tier control functions (the Compliance and Anti Money Laundering Department and the Risk and Capital Adequacy De- partment) were assigned to report directly to the Chief Executive Officer, while continuing to report "functionally" to the Board of Directors, to which they have direct access and with which they communicate without restrictions or in- termediation. Overall, the Internal Control System was deemed adequate as a whole to the current governance system;

• information useful to discharging its supervisory duties was obtained through participation in sessions of the Internal Audit and Risk Committee, Remuneration Committee and Nomination, Governance and Sustainability Committee. The Board of Statutory Auditors received the various periodic reports in the course of the regular functioning of the above-mentioned Board Committees and deemed them to be adequate and consistent;
• it monitored complaints by investors, without discovering any shortcomings in internal procedures or the Company's organisational layout;
• it verified the general compliance of the Bank with the requirements for correspondence with and notices to the Super- visory Bodies, as well as compliance with industry regulations and the Articles of Associations;
• it assessed and verified the adequacy of the organisational structure with reference to issues falling within the remit of the Board of Statutory Auditors;
• it evaluated and verified the appropriateness of the administrative and accounting system, as well as its reliability in accurately representing operations through the information received by the Manager in charge of preparing the com- pany's financial reports, the Independent Auditors and the Head of Internal Audit, and information directly obtained from the heads of the respective functions, as well as data arising from examination of company records. With refe- rence to the application of law 262/2005 and the provisions of letter a), paragraph 1, Article 19 of Legislative Decree 39/10, the Board of Statutory Auditors also monitored the processes and activities carried out by the Bank, within the framework of the Financial Accounting Risk Governance activity, aimed at continuously assessing the adequacy of administrative and accounting procedures and the ensuing financial reports;
• it checked that the Bank adopted regulations, processes and structures suitable for monitoring and overseeing ban- king-related risks (market risks, credit risks, liquidity risks, exchange rate risks, operating risks, compliance and mo- ney laundering risks), as described in the Report on Operations and Notes and Comments;
• it evaluated the appropriateness of the internal capital adequacy assessment process (ICAAP);
• it evaluated the appropriateness of the internal liquidity adequacy assessment process (ILAAP);
• it verified, in concert with the Independent Auditors, that the foreign subsidiaries and Italian subsidiaries adopted a suitable administrative and accounting system such as to regularly report to the Company's management and Indepen- dent Auditors the economic and financial data required to draw up the Consolidated Financial Statements.

We hereby acknowledge that the Company discharged its obligations relating to the prevention of money laundering, with particular regard to Legislative Decree No. 231/2007, as further amended and extended, and the provisions of the Bank of Italy and the company's Financial Information Unit, including staff training, through the Anti-Money Laundering Service, within the Compliance and Anti Money Laundering Department.

In addition, the Company complied with data protection obligations, adopting the privacy principles laid down in the GDPR (General Data Protection Regulation) and designating an internal Group Data Protection Officer.

In addition, we acknowledge that during the year the Supervisory Board, whose functions are carried out by the Board of Statutory Auditors effective 1 April 2014, monitored the operation and compliance of the Organisational and Management Model, and verified that it has been properly updated and is suitable for preventing over time the commission of the crimes mentioned in the legislation. The work performed showed no irregularities that could be related to the crimes contemplated under the provisions of Legislative Decree No. 231/01.

We acknowledge that the company adopted, inter alia, the following main codes, policies and procedures, which were duly updated during the year, where needed:

• Internal dealing, setting up the Internal Dealing Register;
• Insider information, with the introduction of the Insider Register;
• Related party and connected party transactions and transactions of greater importance;
• Transactions with parties that have powers of management, administration and control over the bank;
• Internal policies governing control mechanisms for risk assets and conflicts of interest involving connected parties;
• Order execution and transmission policy;
• Conflict of interest policy;
• Internal rules;
• Contingency funding plan;
• Single risk management policy;
• Risk Appetite Framework;
• Fair value policy;
• Group policy on service outsourcing;
• Equity investment management policy;

FINANCIAL STATEMENTS OF BANCA GENERALI S.P.A. 549

BANCA GENERALI S.P.A.

• Policy of enhancement of third-party financial instruments;
• Inducement policy;
• Policy for the classification of customers;
• Investment portfolio management process;
• Compliance policy;
• Compliance rules;
• Internal Audit policy;
• Internal Audit regulations;
• Internal control system policy;
• Internal code of conduct;
• Policy for managing customer complaints;
• IT security policy;
• Succession policy;
• Commercial policy;
• Policy for the management of credit risk mitigation (CRM) techniques;
• Manager in Charge of the Internal Control System Policy;
• Internal Fraud Policy;
• Strategic Guidance Policy on Information and Communications Technology (ICT);
• Whistleblowing procedure;
• Non-AuditServices Procedure
• Policy on provisioning for risks due to the management of litigation;
• Policy on the internal transfer rate system;
• Lending rules;
• Finance rules;
• Rules on escalation limits and process
• Group rules;
• Data Protection Policy;
• Dividend Policy;
• IFRS 9 Policy;
• Transfer Pricing Policy.

The Company has also adopted the new edition of the Corporate Governance Code for Listed Companies. The Company has not appointed a lead independent director for the reasons described in the Corporate Governance and Ownership Structure Report.

We acknowledge that in 2020, the Bank operated in strict compliance with the "Procedure for Related Party and Connected Party Transactions and Transactions of Greater Importance", which lays down specific operating rules governing fact-finding procedures, decision-making powers, record-keeping and disclosure obligations; these transactions and relevant information are given in the Directors' Report on Operations and Notes and Comments.

We also acknowledge that in 2020 the Company's intra-group transactions were of a financial and commercial nature, and regarded the supply of services, as described in the Directors' Report on Operations and Notes and Comments.

We acknowledge that Banca Generali complies with the Assicurazioni Generali S.p.A.'s tax consolidation scheme.

We acknowledge that the Company is subject to management and coordination by "Assicurazioni Generali S.p.A." and that all related statutory obligations have been duly discharged.

We acknowledge that the Directors' Report on Operations and Notes and Comments contain the information regarding the possession of own shares and parent company shares, in respect of which the respective restricted reserves were set aside.

The Bank complies with applicable capital requirements (Common Equity Tier 1, Tier 1, Total Capital Ratio) set forth in the supervisory provisions; detailed information on capital regulatory requirements and capital ratios is given in the Di- rectors' Report on Operations. The Pillar 3 disclosure, prepared in accordance with Part VIII of Regulation (EU) No. 575/2013 (CRR), describes the prudential regulatory provisions for banks concerning capital requirements.

We acknowledge that the Company drew up the Remuneration Report on the Banking Group's remuneration and incenti- visation policies, as well as the report on their implementation.

We acknowledge that Part I) of the Notes and Comments provide information on the share-based payment plans.

During the reporting year, there were no atypical and/or unusual transactions to be reported, nor were such transactions undertaken with parties other than related parties such as intra-group entities or third parties. "Atypical and unusual transactions" are defined as all transactions that due to their significance/materiality, the nature of the counterparties, the subject matter of the transaction (including in relation to ordinary operations), the transfer pricing method and/or timing of occurrence (near the end of the reporting period) may give rise to doubts as to the accuracy/completeness of the infor-

550 ANNUAL INTEGRATED REPORT 2020

BANCA GENERALI S.P.A.

mation presented in the financial statements, conflicts of interest, the safeguarding of company assets and the protection of minority shareholders.

No "Highly significant" transactions were undertaken with related parties in 2020. In addition, as thoroughly described in the Directors' Report on Operations, some related party transactions qualifying as "moderately significant" transactions were carried out, besides ordinary or recurring transactions effected at arm's length, the effects of which are analysed in the dedicated section of Notes and Comments.

With reference to corporate social responsibility, the Directors' Report on Operations provides a summary of the 2020 results achieved in the various areas of the Banking Group's social responsibility, restated according to the GAV (Global Added Value) method.

With regard to the consolidated non-financial report, in accordance with the guidance provided by Assonime, the Board of Statutory Auditors provided high-level oversight of non-financial reporting systems and processes within the framework of its monitoring of sound management practices.

Within the framework of the activities performed by the Board of Statutory Auditors in its capacity as Internal Control and Audit Committee - it bears remarking that all members of the Board of Statutory Auditors are proficient in accounting and/or auditing, as well as in financial services and the banking sector, and are also independent of the entity at which they serve in a control function - during the sessions of the Board of Directors held in 2020 the Board of Statutory Auditors provided information on the findings of the statutory audit and the periodic meetings held with the independent audi- tors, including in light of Consob's 2021 warning notices on Covid-19.

Pursuant to Article 19 of Legislative Decree No. 39/2010, the Board of Statutory Auditors also informed the Board of Directors of the findings of the statutory audit and submitted the additional report pursuant to Article 11 of Regulation (EU) No 537/2014 issued by the independent auditors today, in addition to constantly monitoring the financial reporting process and the effectiveness of the internal control and risk management systems.

By resolution of the Shareholders' Meeting of 23 April 2015, the auditing firm BDO Italia S.p.A. was granted the assignment to audit the half-yearly report, the separate and consolidated annual financial statements. This assignment will be terminated by mutual agreement to allow the appointment of KMPG S.p.A., the audit firm in charge of auditing services for the Group to which Banca Generali belongs. The Board of Statutory Auditors reviewed the plan of audit activities in 2020 and periodically exchanged information with the Independent Auditors, who never reported any facts, circumstances or irregularities that would need to be disclosed to the Board of Statutory Auditors. In 2020, the Independent Auditors verified regular bookkeeping practices and correct assessment of operations in the accounting entries, and that the Financial Statements for the year ended 31 December 2020 reflected the accounting books and records. The Independent Auditors issued today clean reports on the separate and consolidated Financial Statements for the year ended 31 December 2020. The Independent Auditors also issued their report on the Consolidated Non-Financial Report pursuant to Article 3, paragraph 10, of Legislative Decree No. 254/2016 and Article 5 of Consob Regulation No. 20267.

The Independent Auditors have also issued the statement confirming their independence and the absence of the causes of incompatibility contemplated in Articles 10 and 17 of Legislative Decree No. 39/2010.

During the year, the independent auditors were paid a total of 204,000 euros for statutory auditing.

The following additional assignments were also granted to the independent auditors, BDO Italia S.p.A.:

• the assignment to conduct a limited examination of the consolidated non-financial report of Banca Generali S.p.A. and its subsidiaries in respect of the year ended 31 December 2020 for the purposes of the issuance of the attestation required by Decree No. 254/2016, for a total of 38,000 euros;
• the assignment to conduct a gap analysis of the Group's non-financial information in respect of the requirements of Legislative Decree No. 254/2016 and the International (Integrated Reporting) Framework, in order to permit the Banca Generali Group to develop an adequate 2020 Annual Integrated Report, for a total of 39,000 euros;
• the assignment to conduct a limited, voluntary audit of the third-quarter financial statements to determine interim profit for the purposes of calculating Common Equity Tier 1 capital (regulatory capital) pursuant to Article 26, para- graph 2, of Regulation (EU) No 575/2013 and Bank of Italy Circular No. 285 of 17 December 2013, for a total of 10,000 euros;
• the assignment to audit the half-yearly reporting package of Banca Generali S.p.A. at 30 June 2020, prepared for the purposes of consolidation by the Parent Company, Assicurazioni Generali S.p.A., for a total of 11,000 euros;
• the assignment to audit the reporting package of Banca Generali S.p.A. at 31 December 2020, prepared for the purpo- ses of consolidation by Assicurazioni Generali S.p.A., for a total of 16,000 euros;

> assignment to provide support in defining a methodological approach instrumental to implementing a non-financial KPI monitoring system, for a total of 50,000 euros;

• the assignment to produce the certification required by Article 26(2) of Regulation (EU) No 575/2013 of 26 June 2013 in order to support the application to include separate and consolidated profit for the year ended 31 December 2020 in Common Equity Tier 1 capital, for a total of 15,000 euros;
• assignment to conduct a gap analysis on the organisational processes and solutions adopted by the Bank to prepare the

FINANCIAL STATEMENTS OF BANCA GENERALI S.P.A. 551

BANCA GENERALI S.P.A.

descriptive document pursuant to the Regulation implementing Articles 4-undecies and 6, paragraph 1 (b and c-bis), of Legislative Decree No. 58/98 relating to the depositing and sub-depositing of brokerage client assets, for a total amount of 22,000 euros;

• assignment to issue the annual report required under Article 23, paragraph 7, of the Regulation implementing Articles 4-undecies and 6, paragraph 1 (b and c-bis), of Legislative Decree No. 58/98 relating to the depositing and sub-deposi- ting of brokerage client assets, referring to financial year 2019 for a total of 18,000 euros and to financial year 2020 for a total amount of 14,000;
• assignment to provide support in assessing the maturity level of the integration of the sustainability criteria into the Bank's risk management policies as required by the recent European legislation, for a total amount of 55,000 euros, of which 16,500 euros with regard to 2020 and 38,500 euros with regard to 2021.

The Manager in charge of preparing the company's financial reports and the Chief Executive Officer and General Manager issued the statement and attestation of compliance required under applicable regulations in the field of accounting and financial statements disclosure.

The Board of Statutory Auditors nonetheless controlled the general criteria used in preparing the financial statements, as well as their compliance with the law and specific regulations regarding the preparation of financial statements of banking institutions.

The Financial Statements were prepared in compliance with Legislative Decree No. 38/2005 and in accordance with the accounting standards issued by IASB and related IFRIC interpretations. Moreover, they were based on "Instructions for the preparation of company's financial statements and the consolidated financial statements of banks and financial institutions that are parent companies of banking groups" issued by the Bank of Italy. The Notes and Comments explain the accounting criteria adopted and provide the necessary information as required by current laws, including information on credit risk, market risk, liquidity risk and operating risk. The Directors' Report on Operations provides information on operations, highlighting developments underway and the potential outlook, and the banking Group's development and re- organisation process in the reporting year. In their Report, Directors illustrate the main risks and uncertainties to which the Company is exposed.

The Chief Financial Officer illustrated to the Board of Statutory Auditors the accounting treatment applied to goodwill and the impairment process performed on intangible assets, and agreed on the related recognition.

In carrying out our supervisory activity, as described above, no other significant facts emerged that need to be reported to relevant Supervisory Bodies or that are worthy of mention in this report.

The Board of Statutory Auditors acknowledges that the Consolidated Financial Statements of the Banca Generali Group were prepared in compliance with Legislative Decree No. 38/2005 and in accordance with the accounting standards issued by IASB and IFRIC interpretations. Moreover, they were based on "Instructions for the preparation of company's financial statements and the consolidated financial statements of banks and financial institutions that are parent companies of banking groups" issued by the Bank of Italy. Following the merger of the subsidiaries Nextam Partners S.p.A. and Nextam Partners SGR S.p.A. into Banca Generali S.p.A., the scope of consolidation has changed with respect to the previous year and now includes the parent company, Banca Generali S.p.A., and the subsidiaries BG Fund Management Luxembourg S.A., Generfid S.p.A., BG Valeur S.A., Nextam Partners SIM S.p.A. and Nextam Partners Limited (in liquidation). The performances of the subsidiaries are discussed in the Directors' Report on Operations.

We acknowledge that no complaints were received pursuant to Article 2408 of the Italian Civil Code.

We acknowledge that during the year no complaints were received.

Lastly, the Board of Statutory Auditors has no proposal to submit to the General Shareholders' Meeting pursuant to Article 153, paragraph 2, of TUF.

We inform you that we deem that the 2020 Financial Statements, as presented to you by the Board of Directors, may be approved by you and we express a favourable opinion regarding the allocation of the profits, as proposed by the Board of Directors.

We thank you for the trust you placed in us. We also remind you that, upon approval of these Financial Statements, our term of office will expire and we therefore ask you to pass all relevant resolutions on this regard.

Milan, 29 March 2021

The Board of Statutory Auditors

Massimo Cremona - Chairman

Mario Anaclerio - Acting Auditor

Flavia Daunia Minutillo - Acting Auditor

552 ANNUAL INTEGRATED REPORT 2020