NATIXIS // 2021 Universal Registration Document

3 RISK FACTORS, RISK MANAGEMENT AND PILLAR III Risk management

Adapting product governance, especially the definition and validation of the target market, to operations is handled through dedicated Committees. Handling of customer complaints This framework ensures that: customers receive transparent information on how their V complaints are being handled; complaints are handled effectively; and V correctiveaction is enforced to remedy any problems identified. V Financial security 3.2.9.4 The Financial Security Department reports to Compliance and manages the anti-money laundering and counter-terrorist financing (AML/CTF), corruptionand fraud prevention framework, and ensures that Natixis and its branches and subsidiaries comply with financial sanctions and embargoes. 2021 was a year marked by the continuationof the work undertaken concerning: managing the financial security system; V indicators used by the Financial Security Supervisory Committee V (AMLSOC) which were harmonized for the parent company, subsidiaries and branches, both in France and abroad; the increase in the number of Natixis financial security teams; V the international sanction compliance framework, especially the V system for screening transactions and client databases; the KYC system by strengthening the management of the KYC V chain and in particular quality controls and the launch of new projects to harmonize and simplify KYC operational procedures and processes; work on the convergence of the financial security systems of the V Asset Management entities and the Natixis M&A stores with the Natixis global system; the training system through the deployment of a new AML-CFT V e-learning course for all Natixis employees and the completion of face-to-face/remote training for employees exposed to AML-CFT and Sanctions; the mapping of the risk of corruption for all Natixis entities, V in accordance with AFA’s recommendations; defining criteria for identifying staff exposed to the risk of V corruption and enriching the training material for staff exposed with practical cases illustrating the corruption scenarios identified as part of the corruption risk mapping exercise in order to personalize training according to the entities and business lines; the deployment of the KYS (Know Your Supplier) project on V supplier risk assessment, in most of the entities in France and internationally; the system for combating the financing of terrorism; V strengthening of the system for politically exposed persons. V Anti-money laundering and counter-terrorist financing As part of its efforts to combat money laundering and terrorist financing, in 2021 Natixis enhanced its AML-CTF framework by integrating the new requirements from laws and reports issued by French, European and international authorities and public bodies.

Protection of clients 3.2.9.3 and investors

The protection of customers’ interests is a core concern for Natixis that is reflected in the policies of every entity in France and abroad, as well as being included in its Code of Conduct. In all circumstances, employees are required to serve customers with diligence, loyalty, honesty and professionalism,and to offer financial products and services that are appropriate to customers’ abilities and needs. In this context, and in order to maintain a high level of customer protection, Natixis establishes and maintains a body of procedures and carries out controls on this topic. This resulted in the implementation of various systems used to manage KYC and other information, establish governance for products offered to clients and preserve their assets. Concerning the GDPR and the protection of clients’ personal data, see section [3.2.9.6] Personal data protection. Client information There is a client informationprocedureencompassingall the MiFID 2 obligations with respect to client onboarding, as well as the pre and post-trade information due to clients based on their status as non-professional clients, professional clients or eligible counterparties as defined by regulations. There is also a specific procedure for cost and expense information, and key information documents for packaged products to be provided to non-professional clients, thus ensuring Natixis’ compliance with PRIIPS obligations. Know Your Customer (KYC) The procedures for customer onboarding are in line with the various regulatory requirements governing the prevention of money laundering and terrorist financing (AML-CTF) and compliance with embargoes and sanctions, the prevention of corruption (Sapin II) and the prevention of tax avoidance (FATCA, AIE, DAC6). The onboardingprocedures are also designed to protect customers through compliance with MiFID, EMIR and the Dodd-Frank Act. The customer contact entry tool has been rolled out across all Corporate & Investment Banking locations. Protection of client financial instruments and funds If financial instruments or funds belonging to clients are held, the clients’ ownership rights to these assets are maintained and guaranteed. The use of client-owned financial instruments for the institution’sown purposes is only permitted if clients have previously given their express consent. Similarly, regulationsprohibit the signing of title transfer collateral arrangements with non-professionacllients. Product governance MiFID 2 and IDD (Insurance Distribution Directive) established the principle of product governance, which aims to define and regularly review a target market for all financial instruments and insurance products sold by Natixis and to ensure that the product was sold to the intended target. This includes ensuring that the distribution strategy is consistent with, and appropriate for, the target market. Product governanceapplies to all kinds of clients, regardless of their classification, and all products regardless of their level of complexity or trading venue.

156

NATIXIS UNIVERSAL REGISTRATION DOCUMENT 2021