NATIXIS -2020 Universal Registration Document

CORPORATE GOVERNANCE Management and oversight of corporate governance

reviewing, without prejudice to the responsibilities of the V Compensation Committee, whether the incentives set out by Natixis’ compensation policy and practices are compatible with this latter’s situationwith regard to the risks to which it is exposed, its capital, its liquidity and the probability and scheduling of the expected benefits; assisting the Board of Directors in reviewing the aforementioned V governance mechanism, assessing its effectiveness and ensuring that corrective measures have been taken to remedy any shortcomings; regularly examining the strategies and policies governing the V taking, management, monitoring and reduction of the risks to which Natixis is or could be exposed, including risks created by the economic environment. To that end, at least once a year the Risk Committee analyzes the documents used to define and monitor Natixis’ risk appetite, namely the Risk Appetite Statement and the Risk Appetite Framework. The Risk Committee studies all limit changes that took place between two annual reviews, including changes to industry-based limits; examining compliance risk monitoring-related items at least once V a year, pursuant to Article 253 of the French Ministerial Order of November 3, 2014 on internal control of banking sector businesses, payment services, and investment services; giving its opinion on the appointment or dismissal of the Head of V General Inspection at Natixis; ensuring that the findings of assignments carried out by the V General Inspection Department and by regulatory and supervisory authorities (specifically the Autorité de Contrôle Prudentiel et de Résolution, ACPR – French Prudential Supervisory Authority) are followed up on; to that end, a summary of General Inspection Department reports on Natixis and its subsidiaries is prepared for the Risk Committee, which also receives all reports from the regulatory and supervisory authorities (specifically the ACPR) on Natixis and its subsidiaries; addressing Natixis’ annual internal audit program, including audits V of subsidiaries, with this program being presented to the Committee at least one week prior to its approval. At the proposal of the Chairman, the Risk Committeemay, if deemed appropriate by the Committee and after consulting the Chairman of the Board of Directors, invite to its meetings any Natixis manager (includingmanagersof one of the main subsidiariesor the Chairman of its Risk Committee)who is able to shed light on issues handled by the Risk Committee. It can also invite the Chief Financial Officer, the Chief Risk Officer, the Corporate Secretary, the Natixis Head of General Inspection, the BPCE Head of Inspection Générale, and Natixis’ Statutory Auditors. The Chief Risk Officer, the Compliance Officer, and the Natixis Head of General Inspection have permanent direct access to the Risk Committee. C – Work of the Risk Committee in 2020 The Risk Committee met eight times in fiscal year 2020. The attendance rate was 88% for the year as a whole. Each director’s individual attendance rate at Risk Committee Meetings is provided in section 2.1.4 of this chapter (see directors’ individual fact sheets) . Within a reasonable amount of time before a Committeemeeting, a file containing the items on the agenda is sent to each director via a secure digital platform for review and analysis in preparation for the meeting.

Risk Committee 2.2.2.2 A – Organization The Risk Committee is composedof five members. At December 31, 2020, the Risk Committee was composed as follows:

Chairman

Bernard Oppetit

BPCE, represented by Catherine Halberstadt

Member Member Member Member

2

Nicole Etchegoïnberry Catherine Pariset Christophe Pinault

Two of the five members are independent members (Catherine Pariset and Bernard Oppetit). Note that the opinions and recommendationsof the Risk Committee are adopted if the majority of members present, including the Chairman, vote for them. The Chairman and the members of the Risk Committee have an enhanced understanding of Natixis’ risk management and internal control as a result of their extensive expertise gained over the course of their professional careers. The Risk Committee has been chaired by Bernard Oppetit since December 17, 2014. B – Role and powers Natixis’ Risk Committeehas Internal Rules specifying its powers and its operating procedures, the latest version of which was approved by the Board of Directors on November 7, 2017. Under the authority of the Natixis Board of Directors, the Risk Committee’s primary duties are in particular: advising the Board of Directors on the bank’s overall strategy and V risk appetite, both current and future; assisting the Board of Directors when it checks the V implementationof that strategy by the executivemanagers and by the Head of Risk Management; issuingan opinion on the proceduresestablishedby Natixis that are V used to ensure compliance with regulations as well as risk monitoringand control; to that end, it receivesthe reportsof Natixis’ Risk Committees and thoseof its subsidiaries,as well as the reports on risks, specifically operational, market or counterparty risks, prepared at the behest of the Company’s Chief ExecutiOvefficer; monitoring the effectiveness of the internal control and risk V management systems; assisting the Board of Directors in determining guidelines and V verifying that the executive managers have properly implemented the supervisorymechanisms, especially in terms of the separation of duties and the preventionof conflicts of interest, that ensure the Company is effectively and prudently managed; reviewing, pursuant to its remit, whether the prices of products and V services proposed to clients are compatible with Natixis’ risk strategy. If these prices do not correctly reflect the risks, the Committee presents the Board of Directors with an action plan to remedy the situation;

81

www.natixis.com

NATIXIS UNIVERSAL REGISTRATION DOCUMENT 2020