Proposed Subsidiary Governance Model

Subsidiary oversight is exercised by designated senior executives within defined clusters,

coordinated and aligned through ExCo under the CEO’s authority, with escalation to the
Board limited to matters of strategic or prudential significance.

PARENT BOARD
(Strategy • Risk Appetite • Capital • Group Structure)
│
│ Oversight / Escalation
▼
CEO / EXECUTIVE COMMITTEE (ExCo)
(Central coordination • Consistency • Board gateway)
│
┌────────────────────┼────────────────────────────┐
│ │ │
▼ ▼ ▼
CLUSTER EXECUTIVE A CLUSTER EXECUTIVE B CLUSTER EXECUTIVE C
(e.g. CFO) (e.g. Head of Retail) (e.g. Head of Corp/IB)
Oversight of: Oversight of: Oversight of:
• Real estate subs • Insurance subs • Asset Mgmt / Inv. Svcs
• Holdings/SPVs • Bancassurance • Leasing / Factoring
│ │ │
│ │ │
▼ ▼ ▼
SUBSIDIARY BOARDS SUBSIDIARY BOARDS SUBSIDIARY BOARDS
(Statutory governance, strategy, management oversight)

Group Control Functions (apply across all layers)

Group Risk | Group Compliance | Group Legal | Group Internal Audit
Functional authority • Independent challenge • Escalation

1
ONE-PAGE SUMMARY – GROUP GOVERNANCE MODEL
Purpose
To implement a proportionate, efficient and EU-compliant governance model for the Group,
combining subsidiary autonomy with clear executive accountability, while preserving the
Parent Board’s focus on strategic and prudential matters.
Core Architecture
 Parent Board: strategy, risk appetite, capital & liquidity, structural decisions, CEO
oversight.
 CEO & Executive Committee (ExCo): central coordination, alignment and escalation
forum for subsidiary oversight.
 Cluster Executives: named senior executives responsible for oversight of defined
groups of subsidiaries, within delegated limits.
 Subsidiary Boards: full statutory responsibility and local governance.
 Group Control Functions: Risk, Compliance, Legal and Internal Audit with functional
authority.
Key Features
 Subsidiaries are grouped into clusters by nature and risk profile.
 3–4 senior executives exercise oversight and approval powers for their clusters.
 ExCo ensures consistency, resolves cross-cluster issues and acts as the gateway to
the Parent Board.
 No single dominant “subsidiary supervisor” role is created.
 Model is scalable, regulator-credible and aligned with EBA/EIOPA governance
expectations.

GROUP SUBSIDIARY GOVERNANCE FRAMEWORK

(Clustered Executive Oversight under ExCo)

Article 1 – Purpose and Scope

This Framework establishes the governance structure governing the relationship between
the Parent Bank and its subsidiaries, ensuring:
 compliance with applicable EU regulatory requirements (including CRD/CRR, EBA
Internal Governance Guidelines, Solvency II, DORA, AMLD and BRRD);
 clear allocation of responsibilities between the Parent Board, Parent management
and Subsidiary Boards;
 effective oversight combined with controlled autonomy for subsidiaries.
This Framework applies to all entities within the Group and is adopted by each Subsidiary
Board.

Article 2 – Governance Principles

2.1 Proportionality
Oversight intensity reflects the size, nature, regulatory status and risk profile of each
subsidiary, as determined under the tiering framework in Annex 3.
2.2 Controlled Autonomy
Subsidiaries retain autonomy in day-to-day business operations and local decision-making
within Group-approved strategies, policies and limits.

2
2.3 Delegation and Accountability
Executive oversight is exercised through delegation to named senior executives,
coordinated centrally through the CEO and ExCo, with escalation to the Parent Board limited
to matters of strategic or prudential significance.

Article 3 – Role of the Parent Board

The Parent Board retains ultimate responsibility for the stewardship of the Group and
exclusively approves:
a) Group strategy;
b) Group risk appetite framework;
c) Group capital and liquidity framework (including ICAAP/ILAAP);
d) material acquisitions, disposals and structural transactions;
e) appointment, assessment and removal of the Parent CEO;
f) approval of this Framework and material amendments;
g) annual approval of subsidiary tiering.
The Parent Board does not engage in routine operational or subsidiary-level approvals.

Article 4 – Role of the CEO and Executive Committee (ExCo)

4.1 Positioning
The Executive Committee (“ExCo”), chaired by the CEO, acts as the central Group-level
coordination, alignment and escalation forum for subsidiary oversight.
4.2 Core Responsibilities
Within authority delegated by the Parent Board, ExCo:
a) ensures consistent application of Group strategy, risk appetite and governance standards
across subsidiaries;
b) oversees the exercise of delegated oversight and approval powers by cluster executives;
c) reviews subsidiary matters that are cross-cluster, borderline against delegation limits, or
of heightened regulatory or reputational sensitivity;
d) resolves differences of assessment between cluster executives;
e) determines whether matters require escalation to the Parent Board.
4.3 Escalation
ExCo escalates to the Parent Board only matters that may materially affect:
 Group strategy;
 Group risk appetite;
 Group capital or liquidity position; or
 the Group’s overall reputation or regulatory standing.
4.4 No Substitution of Subsidiary Governance
ExCo does not assume day-to-day management of subsidiaries nor replace the statutory
responsibilities of Subsidiary Boards.

Revised Article 4 – Role of the CEO and Executive Committee (ExCo)

(replace existing Article 4 with the following consolidated version)
4.1 Positioning
The Executive Committee (“ExCo”), chaired by the CEO, acts as the central Group-level
coordination, alignment and escalation forum for subsidiary oversight.
4.2 Core Responsibilities
Within authority delegated by the Parent Board, ExCo:

3
a) ensures alignment of subsidiary activities with Group strategy, risk appetite and capital
framework;
b) oversees the exercise of delegated powers by Cluster Executives;
c) reviews subsidiary matters that are cross-cluster, borderline against delegation limits, or
of heightened regulatory or reputational sensitivity;
d) resolves differences of assessment between cluster executives;
e) determines whether matters require escalation to the Parent Board.
4.3 Exclusions
ExCo does not act as a substitute board for subsidiaries and does not engage in routine
operational approvals.

New Article 4A – Principles of Executive Oversight and Decision Discipline

4A.1 Strategic, Not Transactional Oversight

Subsidiary oversight by the CEO and Executive Committee (“ExCo”) is exercised primarily
through strategic alignment, pattern recognition and exception management, rather than
systematic review of individual subsidiary transactions.
ExCo focuses on:
 consistency of approach across clusters,
 emerging trends, outliers and systemic issues, and
 matters with cross-cluster, prudential or reputational implications.
Routine subsidiary decisions within delegated authority are not brought to ExCo unless
escalation criteria are met.

4A.2 Delegation Framework and Use of Operating Boundaries (Optional Tool)

Within the delegation framework approved by the Parent Board, ExCo may determine that
certain subsidiary decisions are governed through pre-defined operating boundaries or
envelopes, rather than case-by-case approvals.
Such boundaries may relate, inter alia, to:
 strategic or financial parameters,
 capital usage or dividend capacity,
 risk limits or control indicators, or
 other relevant metrics.
Where operating boundaries are applied:
 Subsidiaries and Cluster Executives may act autonomously within those boundaries;
 escalation is required only where a boundary is exceeded or at risk of being
exceeded.
The use, scope and duration of any such boundaries are determined by ExCo and may vary
by cluster or subsidiary.

Article 5 – Cluster Executive Oversight Model (Option B2)

5.1 Appointment and Clustering
The CEO assigns defined clusters of subsidiaries to selected senior executives (the “Cluster
Executives”), based on business nature, risk profile and organisational alignment.

4
5.2 Responsibilities of Cluster Executives
Within delegated authority, each Cluster Executive:
a) oversees strategy, budgets, performance and governance of subsidiaries within their
cluster;
b) exercises approval or endorsement powers in accordance with the Decision Rights Matrix
(Annex 2);
c) ensures alignment with Group policies and Strategy Letters;
d) escalates matters exceeding delegated limits or raising cross-cluster implications to ExCo.
5.3 Nature of Oversight
Cluster Executive oversight is governance-focused and does not constitute operational
management or interference with subsidiary executive functions.

5.4 Accountability and Escalation Discipline

Cluster Executives are accountable for the quality, timeliness and proportionality of
oversight exercised within their delegated remit.
Matters shall not be escalated to the CEO or ExCo unless:
 they exceed delegated authority,
 they raise cross-cluster implications, or
 escalation criteria under this Charter are met.

New Article 5A – Fast-Track Subsidiaries

(Measure 5, without ExCo bypass)
5A.1 Designation
ExCo may designate certain subsidiaries as Fast-Track Subsidiaries, based on governance
quality, risk profile, audit outcomes and supervisory track record.
5A.2 Effect
For Fast-Track Subsidiaries:
 oversight intensity may be reduced,
 reporting frequency may be streamlined, and
 approvals may be exercised at Cluster Executive level within broader delegation
parameters.
Fast-Track designation does not remove ExCo oversight nor alter escalation obligations.

Article 6 – Subsidiary Boards

Subsidiary Boards retain full responsibility under applicable law for:
 local strategy and business oversight;
 internal governance and control systems;
 appointment and supervision of local management;
 compliance with Group frameworks and regulatory requirements.
Approval or endorsement by Parent management complements but does not replace
Subsidiary Board duties.

Article 7 – Group Control Functions

Group Risk, Compliance, Legal and Internal Audit exercise functional authority over their
respective local counterparts in accordance with Annex 1, providing independent challenge,
consistency and escalation across the Group.

5
Article 8 – Reporting and Review
The CEO provides consolidated reporting to the Parent Board at least quarterly.
This Framework is reviewed annually and updated as necessary.

New Article 9A – Standardised Decision Documentation

9A.1 Decision Templates
To support efficient and consistent decision-making, ExCo shall adopt standardised, concise
decision templates for subsidiary matters subject to endorsement or approval.
Such templates shall be proportionate to the nature and risk of the decision and avoid
unnecessary documentation.

New Article 9B – No Shadow Escalation

9B.1 Escalation Discipline
Subsidiary matters shall not be escalated directly to the CEO or individual ExCo members
outside the governance processes set out in this Charter.
Any escalation must first be assessed within the applicable delegated framework (including
Cluster Executive oversight and, where relevant, ExCo consideration).
This provision aims to ensure transparency, consistency and effective delegation.

ANNEX 1 – Functional Reporting Lines (Risk, Compliance, Legal, Internal Audit)

 Dual reporting (administrative to subsidiary CEO; functional to Group head).
 Mandatory escalation of material risks, breaches and legal issues.
 Group Internal Audit fully centralised.

ANNEX 2 – Subsidiary Tiering Criteria

 Tier 1: regulated/material subsidiaries – enhanced oversight.
 Tier 2: medium materiality – balanced oversight.
 Tier 3: low materiality – light-touch oversight.
Tiering informs delegation depth, not legal responsibility.

ANNEX 3 – Decision Rights Matrix

Key principle:
 Cluster Executives approve within limits.
 ExCo resolves cross-cluster or borderline matters.
 Parent Board approves only strategic/prudential items.

Operating Boundaries and Delegation

Where ExCo determines that decisions within a given category are governed by pre-defined
operating boundaries or envelopes, decisions taken within those boundaries are deemed
compliant with the Decision Rights Matrix and do not require additional approval, subject to
applicable escalation rules.

6
ANNEX 4 - Standardised Decision Documentation
How these templates reduce bureaucracy
 Clear gateway rule: if Template A does not fit → Template B
 No duplication: ExCo confirms alignment, does not re-analyse
 Control functions give explicit signals, not long notes
 Escalation is explicit, not defensive

TEMPLATE A – SIMPLIFIED DECISION NOTE

(Repeating / Not Significant Matters)
Design intent:
 1 page
 No annexes
 Used for speed and consistency
For routine, recurring or low-risk decisions that fall clearly within delegated authority.

1. Decision Summary
 Decision requested:
 Entity / Cluster:
 Decision owner:
 Frequency: ☐ recurring ☐ ad hoc
 Effective date:

2. Delegation & Alignment Check

 Delegated authority applies: ☐ Yes ☐ No
 Within approved strategy / policies: ☐ Yes ☐ No
 Within any applicable operating boundaries (if used): ☐ Yes ☐ N/A
(If any “No”, use Template B.)

3. Impact Snapshot
 Financial impact: ☐ immaterial ☐ within budget
 Risk impact: ☐ no change ☐ within existing limits
 Regulatory / compliance impact: ☐ none ☐ unchanged
 Reputational sensitivity: ☐ low

4. Control Functions Confirmation

(tick-box confirmation – no narrative)
 Risk: ☐ reviewed / not required
 Compliance: ☐ reviewed / not required
 Legal: ☐ reviewed / not required

5. Escalation Assessment
 Escalation required: ☐ Yes ☐ No
 Reason (if Yes): ___________________

6. Decision
 Approved by:
 Date:

7
 Decision method: ☐ delegated ☐ written / silence

8
TEMPLATE B – DECISION NOTE (SIGNIFICANT MATTERS)
(Strategic, Prudential or Exceptional Decisions)
For material, non-routine or sensitive decisions requiring senior executive or ExCo
consideration. Design intent:
 Normally 2–3 pages max
 Focused on decision clarity, not narrative
 Suitable for ExCo and Board packs

1. Executive Summary (max 5 lines)

 Decision requested:
 What / Why now:
 Key issue for decision-makers:

2. Context & Rationale

 Background:
 Strategic relevance:
 Alternatives considered (brief):

3. Delegation & Governance

 Decision authority required: ☐ Cluster Executive ☐ ExCo ☐ Parent Board
 Delegation exceeded or unclear: ☐ Yes ☐ No
 Cross-cluster implications: ☐ Yes ☐ No

4. Impact Assessment
Financial
 P&L impact:
 Capital / liquidity impact:
Risk
 Key risks introduced or changed:
 Alignment with risk appetite:
Regulatory / Compliance
 Supervisory sensitivity: ☐ low ☐ medium ☐ high
 Notifications / approvals required:
Reputational
 External visibility or sensitivity:

5. Control Functions Input

(Short, explicit statements – no long memos)
 Risk: ☐ supports ☐ supports with conditions ☐ concerns
 Compliance: ☐ supports ☐ supports with conditions ☐ concerns
 Legal: ☐ supports ☐ supports with conditions ☐ concerns
(Any “concerns” must be summarised in 2–3 lines.)

6. Recommendation
 Recommended option:

9
  Conditions / mitigants:
 Fallback if not approved:

7. Escalation & Decision Path

 Escalation required to Parent Board: ☐ Yes ☐ No
 Decision forum: ☐ ExCo ☐ Written / silence ☐ Board
 Timing constraints:

8. Decision
 Decision taken:
 Conditions attached (if any):
 Decision-maker(s):
 Date:

Design intent
 Normally 2–3 pages max
 Focused on decision clarity, not narrative
 Suitable for ExCo and Board packs

10
 ANNEX 5
EXECUTIVE COMMITTEE (ExCo)
DELEGATION & OVERSIGHT GUIDELINES

1. Purpose
These Guidelines set out how the Executive Committee (“ExCo”), under the authority of the
CEO, delegates oversight and approval powers in relation to subsidiaries, in line with the
Group Governance Charter.
They aim to:
 support efficient and timely decision-making,
 ensure clear accountability at senior management level, and
 maintain robust supervisory alignment without unnecessary escalation.
These Guidelines are internal management rules and do not alter the statutory
responsibilities of the Parent Board or Subsidiary Boards.

2. Role of ExCo in Delegation

ExCo is the single executive authority responsible for:
 defining the scope and limits of delegated powers,
 assigning responsibilities to Cluster Executives,
 ensuring consistency across clusters, and
 acting as the escalation forum for exceptional or cross-cutting matters.
ExCo focuses on strategic oversight and exception management, not routine subsidiary
approvals.

3. Delegation to Cluster Executives

3.1 Appointment and Scope
ExCo designates senior executives as Cluster Executives, each responsible for oversight of a
defined group of subsidiaries.
Delegation may vary by:
 subsidiary tier (Tier 1 / 2 / 3),
 risk profile,
 regulatory status, or
 governance maturity.
3.2 Nature of Delegated Powers
Delegated powers may include, within defined limits:
 approval or endorsement of subsidiary strategies and budgets,
 approval of products, initiatives and outsourcing arrangements,
 oversight of performance, risk and governance matters,
 approval of senior subsidiary appointments (subject to fit-and-proper rules).
Delegation is governance-focused and does not constitute operational management.

4. Delegation Instruments
ExCo may use one or more of the following instruments:
4.1 Decision Rights Matrix (Annex 2 to the Charter)
The baseline allocation of decision rights across governance actors.

11
4.2 Specific Delegation Decisions
Formal ExCo decisions specifying:
 scope of authority,
 financial or risk limits,
 duration of delegation,
 reporting and escalation expectations.
4.3 Operating Boundaries / Envelopes (Optional)
ExCo may approve pre-defined operating boundaries within which Cluster Executives and
subsidiaries may act autonomously.
Boundaries may relate to:
 financial performance,
 capital usage or dividend capacity,
 risk metrics or control indicators,
 volume or scale of activities.
Where boundaries apply, escalation is required only if a boundary is exceeded or at risk of
being exceeded.

5. Fast-Track Subsidiaries
5.1 Designation
ExCo may designate subsidiaries as Fast-Track Subsidiaries based on:
 stable governance and management,
 clean audit and supervisory track record,
 sustained compliance with risk appetite.
5.2 Effect
For Fast-Track Subsidiaries, ExCo may:
 broaden Cluster Executive delegation,
 streamline reporting frequency and depth,
 reduce routine ExCo involvement.
Fast-Track status does not remove ExCo oversight or escalation obligations.

6. Escalation Discipline
6.1 When to Escalate to ExCo
Cluster Executives escalate matters to ExCo where:
 delegated limits are exceeded or unclear,
 cross-cluster impacts arise,
 regulatory, reputational or prudential sensitivity is elevated,
 material deviation from strategy or risk appetite is identified.
6.2 No Shadow Escalation
Subsidiary matters shall not be escalated directly to the CEO or individual ExCo members
outside these Guidelines.
Any informal approach must be redirected into the formal governance process.

7. ExCo Decision Methods

7.1 Collective Decisions
Matters with cross-cluster or strategic relevance are decided collectively by ExCo.
7.2 Written / Silent Procedure

12
ExCo may approve matters through a written or silence procedure where appropriate, in
accordance with agreed timelines.
7.3 Confirmation, Not Duplication
Where a Cluster Executive has acted within delegation, ExCo’s role is to confirm alignment,
not to re-approve the decision.

8. Decision Documentation (Templates)

8.1 Standard Templates
All matters submitted to ExCo or Cluster Executives for approval or endorsement shall use
standardised, concise templates, proportionate to risk and materiality.
Templates typically include:
 decision requested,
 alignment with strategy and delegation,
 financial and risk impact,
 confirmation by Risk, Compliance and Legal (as applicable),
 escalation assessment.
8.2 Proportionality
Documentation should be as short as reasonably possible. Annexes are used only where
necessary.

9. Review and Adjustment

ExCo reviews delegation arrangements at least annually and may:
 expand or restrict delegation,
 introduce or withdraw operating boundaries,
 grant or revoke Fast-Track status.
Adjustments are documented and communicated to relevant stakeholders.

10. Relationship with the Parent Board

These Guidelines operate within the framework approved by the Parent Board.
ExCo ensures that:
 matters requiring Board approval are escalated promptly, and
 Board reporting reflects patterns, trends and exceptions, not routine approvals.

13