Risk Management Disclosure Report 2019

European Investment Bank GroupRisk Management Disclosure Report 2019

European Investment Bank Group Risk Management Disclosure Report 2019©European Investment Bank, 2020.All rights reserved.All questions on rights and licensing should be addressed to publications@eib.org.For further information on the EIB’s activities, please consult our website, www.eib.org. You can also contact our InfoDesk, info@eib.org.DisclaimerThe information presented in this report has not been subject to external audit.Published by the European Investment Bank. Printed on FSC Paper.

EIB Group Risk Management Disclosure Report 2019 | 1 Table of Contents 1. Overview of EIB Group 3 1.1. EIB 3 1.2. EIF 4 2. Executive summary 6 2.1. Key risk metrics dashboard 7 2.2. Capital adequacy 8 2.3. Liquidity 12 3. Introduction 13 3.1. Purpose 13 3.2. Scope of application 13 3.3. Disclosure criteria 13 3.4. Declaration on adequacy of risk management information provided 14 3.5. Approval process 14 3.6. Overview of the report 15 4. Risk governance 16 4.1. Risk management organisation 16 4.2. Risk management framework 19 4.3. Risk Appetite Framework 24 4.3.1. EIB's Risk Appetite Framework 25 4.3.2. EIF's Risk Appetite Framework 25 4.4. Risk management operational guidelines and processes 27 4.4.1. Credit risk 27 4.4.2. Financial risk 35 4.4.3. Operational risk 40 4.5. Compliance, conduct and reputational risks 43 4.6. Model risk 44 4.7. Pension risk 45 4.8. Climate change risk 46 5. Capital adequacy and risk weighted assets 47 5.1. Capital management 47 5.2. Own funds 49 5.3. Regulatory capital 51 5.4. Leverage ratio 53 5.5. Combined CRD IV Buffer 55 5.6. Eligible liabilities 56 6. Credit Risk 57 6.1. Portfolio composition 57 6.2. Credit risk mitigation 70 6.3. Standardised approach 72 6.4. Internal Ratings-Based approach 73

2 | EIB Group Risk Management Disclosure Report 2019 7. Counterparty credit risk 83 7.1. Counterparty credit risk management 83 7.2. Quantitative disclosure 85 8. Securitisation 88 8.1. Securitisation management 88 8.2. Quantitative disclosure 92 9. Market risk 95 9.1. Own funds requirements for market risk by approach 95 9.2. Foreign exchange risk 95 9.3. Traded market risk 97 9.4. Non-traded market risk 98 9.4.1. Interest rate risk in the banking book 99 9.4.2. Equity exposure in the banking book 101 10. Liquidity risk 103 10.1. Internal framework for liquidity risk management 103 10.2. Internal Liquidity Assessment Process (ILAAP) 105 10.3. Liquidity coverage ratio (LCR) 105 10.4. Net stable funding ratio 107 10.5. Asset encumbrance 107 11. Operational risk 109 12. Remuneration policy 111 13. Appendix 113 13.1. Appendix I - Risk taxonomy (risk definitions) 113 13.2. Appendix II - Abbreviations 115 13.3. Appendix III - List of figures 116 13.4. Appendix IV - List of tables 116 13.5. Appendix V - Reconciliation with financial statements 119 13.6. Appendix VI - CRR Disclosures compliance references 120

Overview of EIB Group The EIB Group (also ‘the Group’) consists of the European Investment Bank (‘EIB’ or ‘the Bank’) and the European Investment Fund (‘EIF’ or ‘the Fund’). EIBThe European Investment Bank was created by the Treaty of Rome in 1958 as the long-term lending institution of the European Union (‘EU’). The EIB enjoys legal personality and financial autonomy and is endowed with its own decision-making bodies. The EIB’s Statute is drawn up as a Protocol (No 5) annexed to the Treaty on European Union (‘TEU’) and the Treaty on the Functioning of the European Union (‘TFEU’). In accordance with Article 51 TEU, it forms an integral part of both Treaties.In accordance with its statutory framework, the mission of the Bank is to contribute towards the integration, balanced development and economic and social cohesion of the EU Member States (‘MS’). To achieve this, the EIB raises substantial volumes of funds on the capital markets and lends these funds on favourable terms to projects furthering EU policy objectives. Due to the particular nature of the EIB, its mission and its shareholder structure, there are a number of important aspects that differentiate the EIB from commercial banks:GovernanceUnder its Statute the EIB is governed by a three-layer structure: the Board of Governors (‘BoG’), the Board of Directors (‘BoD’) and the Management Committee (‘MC’).SupervisionThe EIB is neither subject to requirements for an authorisation nor supervised by an external supervisory banking authority, and consequently is not subject to the supervisory review and evaluation process (‘SREP’). Notwithstanding, the Bank is committed through its Statute to conforming to best banking practice (‘BBP’), which includes adherence to relevant EU banking legislation and guidelines, in line with the principles determined by the competent EIB governing bodies. The Audit Committee (‘AC’), as part of its statutory duties, is required to verify, and report to the Board of Governors, that the activities of the Bank conform to best banking practice applicable to it. According to the BBP Guiding Principles, the EIB should assess and determine which best banking practice rules apply to it on an individual as well as on a consolidated basis.Public-policy driven, operating on a non-profit-making basisThe EIB differs considerably from commercial banks in that its activity is driven by public policy objectives and it operates on a non-profit-making basis, as specified in Article 309 TFEU. As such, the Bank does not have a specific statutory target for return on equity, but rather aims at generating an income that shall enable it to meet its obligations, to cover its expenses and risks and to build up a reserve fund.TaxationThe EIB is not subject to national taxation and benefits from the provisions of the Protocol on Privileges and Immunities annexed to the EU Treaties (Protocol No 7).EIB Group Risk Management Disclosure Report 2019 | 3

Financial protection and preferred creditor statusThe principle of supremacy of EU primary law and the principle that the property of the EIB shall be exempt from all forms of requisition and expropriation, as enshrined in the EIB Statute, are deemed to guarantee a full recovery of the EU sovereign exposures on maturity. The EIB’s exposures to the EU Member States benefit from the EIB’s preferred creditor status. Such exposures are treated as posing no risk of loss to the EIB and are therefore not taken into account for purposes of determining the EIB’s capital requirements. However, similarly to other creditors, the EIB is bound by the majority decision based on collective action clauses included in debt instruments issued by EU Sovereigns. When operating outside the EU, the EIB is deemed to enjoy treatment comparable to that of other international financial institutions.Mandate businessThe EIB originates business on its own risk, and to a lesser extent through a risk-sharing mechanism by which a third party – the Mandator – provides credit enhancement to the EIB or on behalf of third parties at their own risk.Shareholder structureThe EIB’s shareholders comprise all EU Member States, which in addition to paid-in capital also commit themselves to provide additional capital to such extent as may be required for the Bank to meet its obligations, upon the request of the EIB (callable capital).Accounting standardsThe EIB uses the EU Accounting Directives for its stand-alone statutory accounts and the International Financial Reporting Standards (‘IFRS’) as adopted by the EU for its consolidated financial statements. Since 2009 a second set of consolidated financial statements is also produced under the EU Accounting Directives.1.2. EIFThe EIF was established in 1994 by decision of the Board of Governors of the EIB, with legal personality and financial autonomy.The EIF is a specialist provider of risk finance to small and medium-sized enterprises (‘SMEs’). It develops and implements equity and debt financial instruments which respond to the current financing needs of European businesses.Similarly to the EIB, there are a number of important aspects that differentiate the EIF from commercial actors. The following elements apply to the EIF:GovernanceUnder its Statutes the EIF is also governed by a three-layer structure: the General Meeting, the Board of Directors and the Chief Executive.SupervisionThe EIF is not subject to prudential supervision but is committed through its Statutes to basing its activities on sound banking principles or other sound commercial principles, as applicable. The EIF4 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 5 Audit Board is responsible for the annual audit of EIF and it shall confirm that the EIF operations have been carried out in compliance with its Statutes and Rules of Procedure.Public policy-driven organisationThe EIF differs from commercial actors in that its task is to contribute to the objectives of the European Union. The level of remuneration or other income sought by the EIF shall be determined in such a way as to reflect risks incurred, cover operating expenses, establish necessary reserves and generate an appropriate return on its resources.TaxationThe EIF is not subject to national taxation and benefits from the Protocol on Privileges and Immunities of the European Union annexed to the TFEU (Protocol No 7).Financial protection and preferred creditor statusIn line with the EIB, the EIF’s specific status under EU law is deemed to guarantee a full recovery of the EU Sovereign Exposures on maturity. The EIF’s exposures to the EU Member States are deemed to benefit from the EIF’s preferred creditor status and are therefore treated as posing no risk of loss to the EIF. However, similarly to other creditors, the EIF is bound by the majority decision based on collective action clauses included in debt instruments issued by EU Sovereigns.Mandate businessThe EIF finances part of its operations out of its own resources. In addition, the EIF may accept the task of administering resources entrusted to it by third parties (Mandates). The majority of the EIF’s operations are currently funded under Mandates governed by specific Mandate agreements. Under such Mandates, the EIF deploys financial instruments in the form of cash investments, guarantees or other form of credit enhancement.Shareholder structureThe EIF’s shareholders comprise the EIB (59.2%), the European Union (29.7%), as well as financial institutions (11.1%). The EIF’s shareholders have committed themselves to provide additional capital (up to 80% of the par value of each share – callable capital) in addition to paid-in capital upon request by the EIF General Meeting and to the extent required for the EIF to meet its liabilities towards its creditors.Accounting standardsThe EIF financial statements are prepared in accordance with International Financial Reporting Standards as adopted by the EU.

6 | EIB Group Risk Management Disclosure Report 2019 2. Executive summaryIn performing its activities, the EIB Group follows a conservative risk management framework. The Group adapts regularly its risk management policies and practices to market conditions and best industry practice. To this extent, the Group publishes annually its Risk Management Disclosure report, designed to provide further information about the approach the Group takes to managing risk and assessing its capital adequacy.In pursuit of its business strategy, the Bank accepts to take credit, market and liquidity risk up to the level where it remains aligned with its risk appetite and public mission. The EIB’s financial strength, reflected by its high credit rating assessments, is key to the Bank’s business model as it enables favourable access to capital markets and low funding costs. Solid key risk measures are essential to sustain the financial strength of the Bank.For a summary of the key business developments in the Group’s activities over the last financial year please refer to the Preface of the Financial Statements.In the general context of uncertainty due to the COVID-19 pandemic, the EIB continues to maintain a robust liquidity position and flexibility to access the necessary liquidity resources, thanks to its prudent approach to liquidity management. Moreover, the quality of the EIB’s loan portfolio remains high and relies on a risk management strategy based on adequate levels of security and guarantees, as well as on the standard protective clauses included in existing contracts. The ultimate impact on the EIB of the COVID-19 pandemic is difficult to predict at this stage. In view of the potential severity of the unfolding crisis, the EIB continues to monitor the situation closely.The EIB Group does not fall within the scope of application of the EU legislation on credit institutions, in particular the Capital Requirements Directive and Regulation (Directive 2013/36/EU or ‘CRD IV’ and Regulation 575/2013 or ‘CRR’, commonly referred to as the ‘CRD IV/CRR package’), which is the EU legal framework, and is therefore not legally obliged to meet the requirements of the Directive and Regulation. However, reflecting its statutory duty to conform with best banking practice, the EIB Group aims to comply with relevant EU banking legislative acts and guidelines, to the extent determined by the competent governing bodies.

EIB Group Risk Management Disclosure Report 2019 | 7 2.1. Key risk metrics dashboard As at year-end (in EUR millions) 2019 2018 2017 2016 2015 Capital adequacy (CET1) ratio 32.5% 32.0% 26.2% 24.6% 22.8% Overall regulatory capital requirements (OCR)* 11.7% 11.7% 11.6% 11.5% 8.0% CET1 available after meeting the Group's OCR 20.8% 20.3% 14.6% 13.1% 14.8% Total risk-weighted assets 216,950 193,178 229,553 232,684 244,041 Regulatory own funds (CET1) 70,435 61,833 60,053 57,154 55,608 Total credit risk exposure** 718,076 711,585 690,803 714,737 697,992 CRR leverage ratio 9.8% 8.7% 8.7% 8.0% 8.0% Liquidity coverage ratio (EIB stand-alone until 2017) 491% 184% 201% 199% 187% Pool of high-quality liquid assets, weighted value average (EIB stand-alone until 2018) 49,333 48,419 47,258 n.a. n.a. *Minimum requirement of 8% plus CRD IV combined buffer**Exposure as used in the CRD IV leverage ratio calculation

8 | EIB Group Risk Management Disclosure Report 2019 2.2. Capital adequacy Capital adequacy ratio (CET1) As at 31 December 2019, the Group’s commonequity tier 1 (‘CET1’) capital ratio reached 32.5%, slightly increasing from 32.0% at the end of 2018.The ratio’s increase is broken down in the waterfall chart below. The two biggest underlying variations are due to:the additional riskiness of new business vs stock, largely driven by the increase of EFSI-related operations; andother CAD impacts, which include the beneficial effects of implementing the new securitisation framework within EIF and reduction of the capital requirementsfor FX risk. Regulatory (CET1) own funds andOverall regulatory capital requirements EIB Group holds CET1 capital ofEUR 70.4 billion, net of applicable CRR adjustments.The profit in 2019 of EUR 2.4 billion remained flat compared to the previous financial year and continues to contribute significantly to the Group’s capital position. The biggest driver behind the growth in the Group’s own funds is due to the decrease in the amount of regulatory adjustments, mostly as a result of reduced deduction of securitisation exposures, partially offset by an increase in the shortfall resulting from the calculation of expected loss.

EIB Group Risk Management Disclosure Report 2019 | 9 Total RWA The Group’s total risk-weighted assets (‘RWA’)of EUR 217.0 billion comprise credit risk (EUR 176.1 billion), securitisation exposures (EUR 22.3 billion), counterparty credit risk, incl. CVA (EUR 11.4 billion), market risk (EUR 2.3 billion) and operational risk (EUR 4.9 billion).The increase year on year in credit risk RWA was mainly due to the significant volume of newly-signed equity investments attracting higher risk weight compared to debt exposures.The most notable RWA increase was registered in the securitisation exposures, where the Group classifies, as originator, its synthetically securitised loan portfolios, as well as its direct investments in such structures. The two main underlying drivers are the new operations signed under EFSI and the fact that a significant portion of previously deducted exposures are now treated under the securitisation standardised approach.The increases in the RWA due to counterparty credit risk and operational risk were largely offset by the decrease in the RWA linked to market risk.

Credit, securitisation & counterparty risk exposure at default (EAD) The loan portfolio represents 63.0% of the total credit and counterparty risk exposure of the Group, down from 65.0%. That contrasts with the 2.5% increase year on year in the Securitisations segment, which reflects the Group’s continuous effort in rolling out the EFSI mandate to its targeted level.SFTs (securities financing transactions) and Derivatives is the last position that marks a significant yearly increase in relative terms of 2.4%. The rest of the portfolio composition remained stable with changes of less than 2% over the last year. Credit, securitisation & counterparty risk RWA Loans are also the main component of the total credit risk RWA of the Group, but their relative share continues to decrease from 71.6% down to 63.0%, as a significant part of the new lending volumes are classified under Securitisations, whose share is increasing from 2.0% to 14.7%. This significant increase in Securitisations results from both new business that has grown above first loss credit protections and substantively higher risk weight compared to the other segments.The equity exposures, representing the second biggest position, reached a relative share of 19.1%, increasing by 1.1% year on year.Sovereign1 exposures, while significant by volume, represent only a small fraction of RWA. 1 Sovereign exposure refers to exposures to central governments and central banks under the IRB classification. However, the exposures to EU Member States are not taken into account for the purposes of determining the Group’s capital requirements for credit risk from a regulatory perspective.10 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 11 Geographical split of EAD In line with its mission, the majority of the Group’s operations are located in the EU. More details on the geographical split can be found in Chapter 6 of this report. CRD IV leverage ratio The Group’s CRD IV leverage ratio stands at 9.8%, well above the regulatory minimum of 3%.The pace of increase in the exposures’ values has been more than compensated by the increase in regulatory own funds which improved the ratio by 1.1% compared to the previous year-end. The Group is committed to ensuring that its internal models are fully aligned with the requirements of the CRR.

12 | EIB Group Risk Management Disclosure Report 2019 2.3. LiquidityAt end-2019 the Group registered a Liquidity Coverage Ratio (‘LCR’) of 491% (end-2018: 184%) and the Group’s total high-quality liquid assets (‘HQLA’) amounted to EUR 38 billion (2018: EUR 43 billion).The EIB is an eligible counterparty in the Eurosystem monetary policy operations. As such, the EIB has access to ECB’s refinancing operations. Within the context of the EIB’s access to ECB’s liquidity facilities, the Central Bank of Luxembourg (‘BCL’), on behalf of ECB, performs liquidity assessments on the EIB periodically, aimed at monitoring its liquidity position and liquidity risk management activities.Liquidity management in the Group follows a decentralised model where both the EIB and the EIF have separate liquidity management and liquidity risk management in place tailored to each entity’s business model.

EIB Group Risk Management Disclosure Report 2019 | 13 IntroductionPurposeThe EIB Group Risk Management Disclosure report is designed to provide further information about the approaches the EIB Group takes to managing risk and assessing capital adequacy. The report follows the principles set out in the CRD IV/CRR package on public disclosure and related Pillar 3 disclosure requirements. Additional relevant information may be found in the EIB 2019 Financial Report, which includes the EIB statutory financial statements under EU Accounting Directives and the EIB Group consolidated financial statements under EU Accounting Directives and IFRS. The Risk Management Disclosure Report should be read in conjunction with the EIB Group consolidated financial statements under EU Accounting Directives, unless specified differently.Scope of applicationThe institutions included in the EIB Group for prudential consolidation are the European Investment Bank and the European Investment Fund, which is fully consolidated. Disclosures of the European Investment Fund’s risk-taking activities and management processes are presented proportionally to the risk materiality of the Fund within the EIB Group or are omitted where the risk is considered not material (on the basis of Article 432 of the CRR).Disclosure criteriaIn order to clarify and reinforce the EIB’s (Best Banking Practice) BBP framework, the Board of Governors of the EIB has approved the EIB’s BBP Guiding Principles, as published on the EIB’s official website. The BBP Guiding Principles is a high-level document, defining the overall principles and the general scope of banking rules and guidelines applicable to the EIB as BBP. It also sets forth assessment criteria aimed at identifying the relevant rules and considers specificities of the EIB’s business model by way of general adjustments.According to the “Disclosure and transparency” principle: “The Bank shall, where appropriate, publish information that is easily accessible and fairly reflects its financial condition, performance, risk exposures, risk management strategies and corporate governance policies and processes.”In applying the BBP Principles, the Bank shall implement and follow rules of EU Legislative Acts and Guidelines except for those rules, or parts of them, which are adapted or from which the Bank is exempted based on internal assessment. Through adaptations of rules, the Bank may also determine the implementation date from which it shall follow such rules. When the Bank adapts or is exempted from rules of EU Legislative Acts and Guidelines, it shall implement and follow adapted rules and, where appropriate, mitigating measures which shall be in line with the Bank’s public policy nature and mission. The EIB shall comply with the BBP Guiding Principles on an individual basis.

14 | EIB Group Risk Management Disclosure Report 2019 In addition, the EIB, as a majority shareholder of the EIF and within the power provided to the majority shareholder by the EIF statutory framework, shall:seek to ensure that certain quantitative prudential requirements are met on a consolidated basis. The EIB’s subsidiaries are not required to meet those quantitative prudential requirements on an individual basis.seek to ensure that its subsidiaries implement sound internal policies, procedures and practices required for compliance with certain qualitative prudential and non-prudential requirements on a consolidated basis consistently and in an adequately integrated manner with the EIB.In addition to following the principles set out in the CRD IV and CRR, this report considers guidelines and standards on improving transparency of disclosures beyond Pillar 3. These include the guidelines and opinions of the European Banking Authority (‘EBA’), on which most quantitative disclosures are based, a report on ‘Enhancing the Risk Disclosures of Banks’ and the related progress reports issued by the Enhanced Disclosure Task Force (‘EDTF’), as well as the Standards Documents from the Basel Committee of Banking Supervision (‘BCBS’) on Pillar 3 disclosure requirements (BCBS d309 and d400).See Appendix VI for a reference to the Group’s compliance with the CRR’s disclosure requirements.Declaration on adequacy of risk management information providedThe information contained in this report is verified internally and in our view there are no material deficiencies in terms of the reasonableness of quantitative and qualitative information.The quantitative information in this report, as well as the underlying data, have been reconciled to the Financial Report where possible. Note, however, that some measures presented in this report differ significantly from the financial statements in terms of methodology, e.g. exposure at default as opposed to book value of a loan or accounting vs regulatory treatment of specific provisions. Therefore, comparing the risk measures of this report to accounting measures in the financial statements is not always relevant and meaningful.Following reclassification of certain exposures from ‘Institutions’ to ‘Central governments and central banks’ the following tables containing data for 2018 have been restated to present the information on a comparable basis: 5-5, 5-8, 6-6, 6-7, 6-8, 6-9, 6-10, 6-15, 6-16 and 6-18.Approval processThis report and its external publication have been approved by the EIB Board of Directors on the basis of a proposal by the Management Committee and upon recommendation of the Board’s Risk Policy Committee (RPC). In parallel to the EIB Board of Directors, the report is also distributed for information and discussion to the EIB’s Audit Committee (AC). Any AC recommendations thereon are taken into account for the next reporting iteration.

EIB Group Risk Management Disclosure Report 2019 | 15 3.6. Overview of the reportChapter 4 provides a summary of the Group’s risk governance and management. It includes the main features of the Group’s risk management organisation, risk appetite framework, and risk management operational guidelines.Chapter 5 contains: the Group’s capital adequacy and risk-weighted assets (RWA) breakdown. The CRR emphasises a clear linkage between the Financial Statements and the composition of regulatory capital. For that purpose the ‘Own funds disclosure templates’ of Commission Implementing Regulation (EU) No 1423/2013 on own funds disclosure requirements was utilised.From Chapter 6 onwards, the Report provides information about the risks the EIB Group is exposed to, and the principles of how these risks are managed, measured and how the respective RWA amounts are calculated. The information contained in Chapters 7 and 8 follows the recommendation of BCBS d309 to present credit risk arising from derivatives and from securitisations separately. The majority of the quantitative information provided in these chapters follows the BCBS d309 disclosure templates and the corresponding EBA Guidelines on disclosure requirements under Part Eight of Regulation (EU) No 575/2013 (EBA/GL/2016/11).Chapter 9 provides both quantitative and qualitative information on market risk. The Chapter is divided into two main sections presenting separately the Bank’s traded market risk (the Fund does not have a trading book) and the Group’s non-traded market risk (also referred to as market risk in the banking book).Chapter 10 presents liquidity risk. The information provided is primarily based on the recommendations of the EDTF and the EBA/GL/2017/01 guidelines on Liquidity Coverage Ratio.Chapter 11 provides an overview of internal models, reporting and quantitative disclosures on operational risk at the Group.Chapter 12 refers to remuneration disclosures.

Risk governanceThis chapter provides an overview of the EIB Group’s risk governance structure, outlining the key roles and responsibilities regarding risk-taking and oversight in the Group.Risk management organisationBoth the EIB and the EIF have established their risk management functions responsible for risk management on an institutional level. Each EIB Group entity has defined specific risk management policies and procedures at entity level and implemented risk management controls, aimed at ensuring that Group Risks inherent in the activities of each EIB Group entity are managed in line with the principles, policies and limits defined.The Group is currently in the process of establishing Group Risk Function to be exercised by a Group Chief Risk Officer (‘GCRO’). Without prejudice to the statutory responsibilities of the President and the EIB Management Committee, respectively, the GCRO shall report on Group Risks to the EIB Management Committee under the oversight of the MC member in charge of risk. On key risk policy matters related to Group Risks, the GCRO shall participate in all meetings of the EIB Management Committee and relevant meetings of the other EIB governing bodies, and be invited to relevant meetings of the EIF Board of Directors and discussions with the EIF Management. The EIF shall report on Group Risk matters to the EIB through the GCRO.Reputational, conduct and compliance risks are overseen by the Office of the Chief Compliance Officer (‘OCCO’), headed by the Head of Compliance function.Reputational, conduct and compliance risks are overseen by the Compliance function, headed by theEIB's Group Chief Compliance Officer (‘GCCO’).Within the Bank, the Risk Management Directorate (‘RM’) controls, monitors and reports on the credit, market, liquidity and operational risks.The Director General of RM reports to the President, meets regularly with the Audit Committee, and is also responsible for overseeing internal risk reporting to the Management Committee, the Board of Directors, and the Risk Policy Committee.The MC consists of a President and eight Vice-Presidents appointed for a period of up to six years by the Board of Governors on a proposal from the Board of Directors. The MC is responsible for the current business of the Bank, under the authority of the President and the supervision of the Board of Directors.At the end of December 2019 the BoD consists of 29 directors (one director nominated by each Member State and one by the European Commission) and 19 alternate directors that are appointed by the Board of Governors for five years. The BoD also includes three non-voting experts as well as three alternate experts.The RPC of the BoD is EIB’s risk committee, composed of nine members of the BoD, appointed by the BoD on a proposal by the Chairman of the BoD. Its role is to discuss and advise the BoD on the Bank’s risk policies, including those policies relevant for aspects of the EIB Group, by providing non-binding16 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 17 opinions and/or recommendations to the BoD so as to facilitate the decision-making process of the Board. It meets at least on a quarterly basis.More specifically, the Committee advises the BoD on the EIB’s policies regarding the overall risk appetite, tolerance and strategy by reviewing the EIB Group Risk Management Framework with respect to credit, market and liquidity risks. It provides opinions and recommendations to the BoD as to whether the policies related to identification assessment and management of risks are appropriate to the Bank's risk profile. Furthermore, it discusses policies associated with all the relevant risks to the EIB Group. The Committee advises the BoD on risk policies by reviewing and providing opinions and/or recommendations to the BoD on the following high-level risk policy documents upon proposal from the Bank:Group Risk Management Charter;Risk Appetite Framework;Internal Capital Adequacy Assessment Process (‘ICAAP’);Internal Liquidity Adequacy Assessment Process (‘ILAAP’);Capital and Liquidity Contingency and Recovery Plan;Stress Testing Framework.Several other EIB committees support the implementation of the Bank´s risk policies, such as:Asset/Liability Committee (‘ALCO’) provides a high-level discussion forum for debating the Bank’s approach to financial risks. The ALCO has a number of sub-committees dealing with Liquidity, Interest Rate Risk and FX Risk. The primary missions of the ALCO include overseeing the Bank’s overall asset liability management (‘ALM’) and financial risk management framework; monitoring the Bank’s overall ALM objectives and their translation into an operational framework; and ensuring that all the main ALM and financial risks are subject to an adequate degree of timely disclosure to the relevant bodies.New Product Committee (‘NPC’) approves new products, prior to their use. A product is considered new when its financial structure or implementation framework implies that the Bank is entering into new business areas, is doing existing business in new ways or faces new types of operational risks.Equity Participation Policy Committee (‘EPPC’) discusses and advises the BoD on the Bank’s equity investment policies including those relevant for aspects of the EIB Group by providing non-binding opinions and/or recommendations to the BoD so as to facilitate the decision-making process of the Board. The Committee advises the BoD on the EIB’s equity participation by reviewing the Bank's policies with respect to direct and indirect equity participations held or acquired by the Bank. It provides opinions and/or recommendations to the BoD as to whether these policies are appropriate to the Bank. To that end, the Committee may examine the portfolio of investment operations of the EIB that are not guarantee, lending or treasury activities.Derivatives Strategy and Model Committee (‘DSMC’) analyses the methodological aspects of the development of derivatives valuation and counterparty risk models in order to ensure their adequacy and coherence.

18 | EIB Group Risk Management Disclosure Report 2019 Internal Rating Models Maintenance CommitteeThe role of the Internal Rating Models Maintenance Committee (‘IRMMC’) is to be a forum for discussion on internal rating systems and methodologies and, in particular, to have oversight over development and maintenance activities regarding the Internal Rating Models and more specifically all stages of the internal rating models’ lifecycle, such as initial design and prototype development, roll-out in the technical infrastructure and in the organisation. Periodic comprehensive reviews and performance monitoring as well as independent validation of those activities fall within the scope of IRMMC.Compliance and Control CommitteeCompliance and Control Committee (‘CCC’) has the purpose of providing a platform to monitor the Bank's compliance and control environment and to make recommendations for improvements, including alignment of the Compliance and Controls framework across the EIB Group.Ethics and Compliance CommitteeEthics and Compliance Committee (‘ECC’) deciding on potential Conflicts of Interest and all other ethical matters regarding MC and Board members.Further information on the statutory bodies and the Board’s committees is available in the Annual Corporate Governance Report published on the EIB’s official web site.Risk Management department structureThere are three departments within RM (see Figure 4-1): the Financial Risk Department (‘FIN’), the Operations Department (‘OPE’), and the Regulation & EIB Group Risk Management (‘REG’). FIN is in charge of ALM and Market Risk Management, Treasury and Liquidity Risk Management and monitoring counterparty risk. OPE deals with assessing the credit risk of newly proposed transactions as well as existing exposures, providing an independent opinion on those risks. REG is responsible for the Bank’s capital requirements and associated risk reporting, implementation of risk management best banking practices as relevant to the EIB, and interactions with rating agencies. The structure of RM is set out in Figure 4-1 below.

EIB Group Risk Management Disclosure Report 2019 | 19 Figure 4-1: Organisational structure of the Risk Management Directorate at the EIB The EIF ensures appropriate risk identification and management through its Risk Management Department (see Figure 4-2), which is responsible for measuring and managing the main risk types of the Fund and ensuring compliance with best market practices.Figure 4-2: Organisational structure of Risk Management at the EIF 4.2. Risk management frameworkThe Group Risk Management Charter codifies the sound principles-based approach to risk management to ensure that Group Risks are managed in an effective and consistent manner. This section introduces the Group’s exposure to risks as well as the overall strategies and processes to manage those risks.Risk management principlesThe oversight of risk at Group level needed for prudential consolidation is performed by the EIB. The EIB Risk Management Directorate coordinates the prudential consolidation of the EIF.

20 | EIB Group Risk Management Disclosure Report 2019 The following principles, as defined by the Group Risk Management Charter, are the fundamentals of the Risk Management culture and policies:Risk culture: The Group promotes a sound risk culture in the performance of its activities.Best banking practice: The Group operates in adherence to best banking practice applicable to it.Risk appetite framework: Risk awareness and sustainability of the business model of the Group is supported by the application of the Risk Appetite Framework.Risk management policies, procedures, risk limits and controls: The EIB as the parent entity sets and oversees risk management policies, procedures, risk limits and controls related to Group Risks and commensurate with entities’ respective statutes and activities, in compliance with the principles of the Charter.Proactive, adaptive and ongoing risk management: Each institution continuously identifies, assesses, measures, monitors, mitigates and reports risks inherent to its activities.Capital and liquidity adequacy: Strategic decision-making shall be supported by a comprehensive and forward-looking view of the Group’s capital and liquidity resources in relation to its risk profile and operating environment.Information exchange, risk reporting and data aggregation: Appropriate arrangements shall be in place to enable the exchange and aggregation of information and data across the Group for the purposes of sound and effective risk management.Main business activities and associated risk categoriesThe main risk categories arising from the Group’s business activities are:Credit risk: the risk of loss resulting from client or counterparty default and arising on credit exposure in all forms;Market risk: the risk of loss arising from exposure to market variables such as interest rates, foreign exchange rates and equity market prices;Liquidity risk: the risk that the Group is unable to fund assets or meet obligations at a reasonable price or, in extreme situations, at any price; andNon-financial risks: these comprise operational, information, communication and technology (‘ICT’) risks as described in Section 4.4.3, compliance, conduct and reputational risks as described in Section 4.5 and model risk as described in Section 4.6.EIB’s risk profile is different compared to commercial banks in the European Union, due to the Group’s specificities as a public-owned long-term lending institution. The EIB concentrates on lending to support EU policy objectives, which the Bank finances through funds raised on the capital markets. Consequently, most of the Bank’s risk arises from lending operations, the management of liquidity in the treasury portfolios as well as its overall asset/liability management.The Fund is exposed to credit, market and liquidity risks due to its mandate to support SME finance for start-up, growth and development, in line with EU policy objectives as described in the previous section. The Fund is also exposed to operational risk.

The regular management and control of risks are handled separately by each legal entity and, therefore, risk management information presented here and within the remainder of this report distinguishes between the Bank and the Fund where appropriate.The Fund’s Risk Management Department operates in close contact with the European Investment Bank’s Risk Management Directorate, particularly with regard to Group risk exposure relating to Guarantees, Securitisation & Microfinance (‘GSM’) and Private Equity (‘PE’) operations under the Bank’s Risk Capital Resources mandate (‘RCR’), the different windows under the Bank’s EIB Group Risk Enhancement Mandate (‘EREM’) and EIF risk policy matters.Three lines of defenceThe EIB Group’s internal control functions and risk management systems are consistent with the three lines of defence model. As a first line of defence, the front units are responsible, within their respective areas, for managing risks within the established set of limits and boundaries. Amongst other functions, the second line of defence includes the respective Risk Management and Compliance functions as well as IT resources and Financial Control responsible for the maintenance and development of the risk management and control framework, providing advice regarding its application, following up on its implementation and ensuring compliance with respective policies and regulations.Furthermore, the Financial Control Directorate has established the Internal Controls and Assertion Division, which aims at strengthening the Bank’s second line of defence and has the objective to provide a common platform to assess and report on EIB’s control risks. The second line of defence also includes functions in the EIB's Project Directorate and the Legal Directorate.The third line of defence is ensured by the Internal Audit function which provides an independent review of the risk management practices and internal control framework and reports to the Audit Committee or to the EIF's Audit Board, as relevant.At both the EIB and the EIF, the segregation of duties is supported by the fact that internal control functions are separate functions, each having direct access to the relevant executive body (President/Management Committee for the EIB, Chief Executive for the EIF) and to the relevant Board’s Committees (and, in the case of the EIB, to the Audit Committee).Pillar 1 Reporting and OversightThe ‘CRD IV/CRR package’ defines the regulatory minimum capital requirements by providing rules and regulations for measurement of credit risk, market risk and operational risk. The resulting capital requirement must be covered by eligible own funds. In addition, it lays down requirements for leverage and liquidity risk management.The Group analyses, controls and monitors risks thoroughly, ensuring an adequate level of capital and liquidity at all times. Within the Bank, the Risk Management Directorate, in its role as a “second line of defence”, is responsible for identifying, assessing, monitoring, controlling and reporting of Pillar 1 risks to which the Bank is exposed. A monthly internal risk report provides a detailed view on credit, asset liability management, financial and operational risks and is provided to the Management Committee, the Board of Directors and the Audit Committee.EIB Group Risk Management Disclosure Report 2019 | 21

22 | EIB Group Risk Management Disclosure Report 2019 Pillar 2 Reporting and OversightAs part of the best banking practice framework applicable to the EIB, the EIB has established an Internal Capital Adequacy Assessment Process (‘ICAAP’).The ICAAP includes the following components: a risk identification process and a point-in-time and forward-looking capital adequacy analysis and statement.In terms of scope, the ICAAP covers both the Bank and the EIF. Further enhancements regarding the full inclusion of the Fund are planned, to promote a complete group-wide approach in the near future. In terms of time horizon, the ICAAP is aligned with the Group’s Capital Plan.The Management Committee endorses the ICAAP document prepared by RM, with input from different services across the Group. The ICAAP document is submitted to the Management Committee for validation at least on an annual basis, as well as when rendered necessary due to any material changes to the Group’s business model or risk profile. Upon the recommendation of the Risk Policy Committee, the Board of Directors ultimately approves (the update of) the ICAAP document.In parallel to the Risk Policy Committee, the ICAAP document is also distributed for information and discussion to the EIB’s Audit Committee. Any AC recommendations thereon are taken into account for the next reporting iteration.Risk Identification, Risk Taxonomy and Materiality Assessment ProcessAn integral part of the Group’s ICAAP is the risk identification and assessment process, which aims to ensure that the Group identifies all of the risks to which it is exposed in the pursuit of its business, extending beyond Credit, Market and Operational risks by also covering risks not (fully) captured under Pillar 1. The Group assesses these identified risks in terms of materiality (taking into account any mitigants) and incorporates these into stress testing and capitalisation. The risk identification process is performed by the EIB’s and the EIF’s RM (with input from the relevant services).The main risk categories are shown below in Table 4-1 with the respective RM department or Compliance function that is responsible for controlling the risk. For further information on risk definitions (including information on other risk categories covered solely in the Group Risk Identification Document), please see Appendix I.

EIB Group Risk Management Disclosure Report 2019 | 23 Table 4-1: Main EIB Group risk categories as at 2019 Main Risk Category Risk Subcategory Business Activities EIB – Responsible RM department or EIF – Responsible RM department or Compliance function Compliance function Credit risk Credit risk in lending Lending Operations RM Credit concentration risk Lending, treasury and derivatives Operations RM/ Financial RM Transaction and Portfolio RM Country risk (including transfer & convertibility risk) Mainly lending Operations RM Credit risk in Derivatives and SFTs Treasury and derivatives Financial RM/ Operations RM Credit risk in loan substitutes (banking book) Lending Financial RM/ Operations RM Credit risk in Guarantees and Securitisations at EIF Mainly guarantees, securitisation and inclusive finance and treasury Transaction and Portfolio RM Market risk in the banking book banking book All activities Financial RM Interest rate risk in the Corporate RM Financial RM Corporate RM FX risk All activitiesEquity risk Mainly lending Financial RM Transaction and Portfolio RM Market risk in the trading book Position risk related to non- securitisation debt instruments (Interest rate risk in the trading book) Treasury Financial RM Liquidity risk Funding liquidity risk All activities Financial RM Corporate RM Market liquidity risk All activities Financial RM Corporate RM Other financial risks Climate change risk Lending Operations RM Financial RM and Pensions Board Non-financial risks Coordination RM Corporate RM Coordination RM Compliance function Compliance function Compliance function Compliance function Compliance function Coordination RM/IT Corporate RM Pension risk Treasury and ALMOperational risk All activitiesLegal risk All activitiesCompliance risk All activitiesConduct risk All activitiesICT and security risk All activitiesReputational risk All activities Compliance function Compliance function Model risk Mainly lending and derivatives Regulation RM

24 | EIB Group Risk Management Disclosure Report 2019 Risk Appetite FrameworkEIB's Risk Appetite FrameworkThe risk appetite is the level of risk that the EIB is willing and able to incur in pursuing its activities in the context of its public mission and objectives. Key to this is the EIB’s capacity to provide attractive long-term financing to serve EU objectives across all EU Member States (and beyond in Partner Countries). A primary pillar of the Bank’s business model is to retain the long-term AAA rating from the major rating agencies.The processes and activities performed by the Bank to manage its risk appetite are formalised in the EIB Risk Appetite Framework (‘RAF’) approved by the BoD.The RAF covers the major financial risks (including credit, liquidity, market and treasury risks) and non- financial risks categories (including operational, information, communication and technology, conduct and compliance and reputational risks). It helps to embed a healthy organisational risk culture within the EIB through implementation and monitoring of measurable risk appetite metrics, which are subject to boundaries and (where applicable) cascaded further down within the Bank.The EIB’s risk appetite is articulated in the Risk Appetite Statement (‘RAS’) which communicates to management and oversight bodies, employees and other key stakeholders (e.g. in public disclosures) the risk profile that the EIB is willing to assume in the pursuit of its strategy. The risk appetite aims to align the EIB’s risk-taking with its strategy and business model.The high-level RAS is translated into risk appetite metrics and boundaries that are reviewed, reported and monitored on a regular basis as part of the monthly risk reporting to the EIB governing bodies and the RAF annual review process. Currently, the monthly risk reporting covers the major financial risks and work is in progress to include also non-financial risk categories during 2020.EIB’s high-level Risk Appetite Statement (RAS)In pursuit of its strategy and business model the Bank accepts to take on financial (credit, market, liquidity) and non-financial risks up to the level where it remains aligned with the following high-level Risk Appetite Statement:The Bank is committed to remaining compliant with its statutory framework and public mission.The Bank is committed to doing business in an ethical and fair way with zero tolerance for fraud, applying anti-money laundering standards and combating the financing of terrorism,promoting high ethical and professional standards in the financial sector and preventing the Bank from being used, intentionally or unintentionally, for criminal activities.The Bank is committed to retaining its long-term AAA rating from all the major rating agencies,which is a primary pillar of the Bank's business model.The Bank is focused on the stability of earnings and preservation of the economic value of own funds in order to ensure the self-financing of the Bank's growth in the long term.

The Bank is committed to maintaining its business model and strategy whilst ensuring a robust operating environment with regard to operational, ICT, conduct and compliance, reputational risk and maintaining the reputation of the Bank amongst its stakeholders.As a public financial institution, the Bank does not focus on making profits from speculative exposures to risks. As a consequence, the Bank does not consider its treasury or funding activities as profit- maximising centres and does not engage in speculative operations.RAF governanceRAF governance entails the roles and responsibilities of the Bank’s internal stakeholders in relation to risk appetite, including the BoD, the MC, the RPC, other relevant committees and key stakeholders involved.The BoD is responsible for approval of the RAF and regularly monitors the actual risk profile of the EIB against the agreed boundaries and thresholds. The BoD is ultimately responsible for actions taken in the event of a risk appetite breach.The MC is responsible for approval of granular orientations for cascaded RAF metrics, the monthly monitoring of RAF boundaries, thresholds and orientations and for proposing mitigating action to the BoD in case of a risk appetite breach. The MC has the overall responsibility for proposing the review of any elements of the RAF to the BoD.The RPC provides non-binding recommendations to the BoD in relation to design and implementation of the EIB’s RAF or its potential review. In the event of a risk appetite breach, the RPC provides opinions and recommendations to the BoD on the proposed mitigating actions.Among other relevant committees involved in the RAF, the AC in particular reviews and oversees at least annually the effectiveness of the Bank’s RAF. Furthermore, the annual report submitted from the AC to the Board of Governors will include AC assessment of the completeness, adequacy, functionality and reliability of the RAF.Group RAFThe EIB’s RAF covers lending operations at its own risk and under risk-sharing agreements, its activities mandated to the EIF as well as its funding and treasury activities.The extension to a Group RAF (i.e. the incorporation of all the EIB Group entities’ own risks) is in the process of being developed in the context of the implementation provisions for the Group Risk Management Charter and the role of the Group Chief Risk Officer.4.3.2. EIF's Risk Appetite FrameworkThe EIF Risk Appetite Framework (EIF’s ‘RAF’) encompasses the main building blocks through which risk appetite is determined, integrated, measured, monitored, reported, managed and revised throughout the Fund.The EIF’s RAF covers major financial risks (credit, market, liquidity and strategic risks) as well as major non-financial risks (operational, ICT, compliance and reputational risks) to which the Fund is exposed.EIB Group Risk Management Disclosure Report 2019 | 25

26 | EIB Group Risk Management Disclosure Report 2019 The EIF continuously reviews and, to the extent so required by business development, updates its RAF. All processes within the EIF’s RAF are integrated into the governance of the Fund.EIF’s high-level risk appetite statementBased on the Stakeholders’ key expectations and its business strategy, the EIF Board of Directors articulates a high-level Risk Appetite Statement, which builds the cornerstones for the EIF’s RAF and sets the risk framework within which the EIF should operate in order to achieve its mission and objectives without jeopardising the viability of its business model. This high-level statement is then translated into measurable metrics that cover the relevant risk categories arising from the Fund’s business model and are subject to limits, which aim at keeping the overall Risk Profile within the Fund’s Risk Capacity.EIF Risk Appetite Statement:EIF provides enhanced access to risk financing to small and medium-sized enterprises, micro- enterprises and (small) mid-caps in Member States of the European Union or other geographies via financial intermediaries, to the extent so authorised by the EIF General Meeting or under specific mandates.EIF strives to act as a market-oriented investor within identified best market practices.The Fund shall strive towards structuring and pricing its operations in order to be, from an overall institutional point of view, adequately remunerated with a view to covering its financial risk and providing an appropriate return to the shareholders.EIF further strives towards contributing to the establishment, development and stabilisation of its target markets and promoting best standards in these markets.EIF shall remain compliant with its Statutes and public mission in due consideration of any applicable EIB Group policies.The Fund strives towards maintaining the highest rating from major rating agencies, which is a primary pillar of its business model.EIF strives towards mitigating, to the utmost possible, any risk which might affect itsreputation. In this context, EIF pays specific attention to any possible spill-over effects of reputational risk to its Stakeholders and, in particular, the EIB, in consideration of its adherence to the EIB Group, and the European Commission as key provider of policy-based third party mandates.EIF continuously enhances a robust internal control framework which is intended to reduce the impact of any materialisation of non-financial risk, such as operational risk, compliance and reputational risk.

EIB Group Risk Management Disclosure Report 2019 | 27 Risk management operational guidelines and processesThe Group’s risk management operational guidelines cover the three main types of risk:Credit riskFinancial riskOperational riskThe following sub-sections provide an overview of the main elements of the EIB’s risk management operational guidelines per risk type, as well as concise descriptions of relevant risk management processes.4.4.1. Credit riskOverviewThe credit risk management process consists of identifying, analysing, measuring and reporting the risks incurred by the Group in its operations and making decisions to effectively manage these risks.Credit risk is managed pursuant to detailed internal guidelines. The purpose of these guidelines is to ensure that credit risk is managed prudently within the parameters set by the Bank’s Risk Appetite Framework.As operations inside and outside the EU may have different risk profiles, there are separate guidelines for EU and non-EU activities.Guidelines revision and approval processRM is responsible for drafting and proposing revisions of the guidelines to the Management Committee in consultation with other services within the Bank. The Bank’s Management Committee approves the guidelines. The Board of Directors is informed at least annually about changes to the guidelines.Any derogation from the guidelines must be specifically approved by the Bank’s Management Committee on the basis of a duly justified request from the Operations Directorate (‘OPS’) or Transaction Management and Restructuring (‘TMR’) (as relevant), which will be accompanied by an opinion from RM.

28 | EIB Group Risk Management Disclosure Report 2019 Credit risk responsibilities and processesThe main credit risk responsibilities are divided between RM, OPS and TMR.The respective responsibilities are divided between pre- and post-signature tasks as follows: RM OPS TMR Reporting regularly on the evolution of the loan portfolio and Watch List containing all loans subject to more frequent and stringent surveillance based on their loan gradingsCo-approving loandocumentation; conducting checks that security has been provided as required and that disbursement instructions are consistent with contractual documentation Contract monitoring to full disbursement except for project finance (PF) and operations outside EURelations and event resolution with regular, repeat promoters, or global relationship managers, borrowers, guarantors graded E+ or higherAssessment of the impact of restructurings or workouts proposed by TMR on lending policy and client relations. Refinancing, restructuring or workout for all non-regular, non- repeat borrowers and for all loans graded below E- or FInternal ratings andfinancial monitoring of counterparts and contracts post-signature to full disbursement; PF counterparts and contracts from signature; non-EU lending from first disbursement to maturityPropose, with reference to all credit exposures, the appropriate level of the General Loan Reserve and for credit- impaired operations, the creation of specific provisions. 2. Post-Signature Responsibilities Pre 1. Pre-Signature Responsibilities RM OPS Loan originationLoan appraisalLoan structuringLoan proposalsInitial internal rating proposal for new counterpartsContract negotiations Post For new operations, second opinions, review of draft loan documentation and, when required, waivers to conditions governing disbursements; ensuring overall compliance with guidelinesValidation of internal ratings for new and existing counterpartiesEstablishing the initial loan gradings for new loans and reviewover timeProposing, where applicable, a risk-pricing level for new operations

EIB Group Risk Management Disclosure Report 2019 | 29 Acceptable counterpartsWhether or not a given entity is acceptable to the Bank as a counterpart in a lending operation is determined on the basis of a careful analysis and evaluation of the entity using qualitative metrics but also relying on experience and expert judgment.The following issues, in particular, are taken into account:The existence of a credit exposure limit for the entity.Satisfaction of a Minimum Internal Rating (‘MIR’) requirement set on the basis of the Bank’s Internal Rating Methodology (see below).Any independent collateral, securities or guarantees available.Internal rating methodologyThe Bank uses an internal rating methodology to determine internal ratings for substantially all of its counterparts. The methodology is based on a system of scoring sheets and uses a granular rating scale to assess counterpart acceptability. The resulting rating given to a counterparty is one of the main elements used for the purposes of the Loan Grading system (explained later in this section). The internal rating is an important element in the Bank’s risk management processes, including the monitoring of risks, risk pricing of lending operations and creation of provisions.The lending process: contractual guidelinesA legal analysis is performed to determine whether a counterpart can comply with the contractual standards.Legal frameworkGuidelines set out orientation points for the legal framework under which the Bank may lend and, in particular, aspects like the governing laws and jurisdictions for the settlement of disputes which the Bank deems acceptable in view of its specific status as a multilateral finance institution owned by the Member States of the European Union.Risk mitigation clausesRisk mitigation clauses are the contractual clauses included in the lending documents signed by the Bank and its counterparts. These documents are, principally, the loan agreement and any guarantee, security or collateral agreement.Risk mitigation clauses include disbursement conditions making the disbursement of the loan conditional on certain conditions being satisfied, undertakings (covenants) given by the counterpart to the Bank and events of default enabling the Bank to take certain steps on the occurrence of a credit event post-signature.These clauses are designed to protect the Bank against the deterioration of an operation’s credit risk and to enable it to take action to preserve its position upon the occurrence of any such event.

The clauses may be either (i) “standard” (i.e. common to all EIB loan agreements) or (ii) inserted on a case–by-case basis depending on the nature of the counterpart and other factors affecting the credit risk profile of the relevant operation.The lending process: counterpart exposure limitsThe EIB distinguishes between new counterparties and existing ones. In the first case, OPS makes suggestions for initial counterparty rating and counterparty limit. Then RM validates these suggestions and prepares a decision about the acceptance of a counterpart. Moreover, any adjustments to a counterparty’s current limit are analysed with respect to the Group’s risk appetite.Counterpart limitsThe Bank places counterpart-based limits on its maximum exposure to all financial institutions, corporates, sub-sovereign public authorities and public sector entities (as borrowers and/or guarantors).Counterpart limits are designed to keep lending exposures within a reasonable proportion of the Bank’s and the counterparts’ own funds, thereby maintaining credit risk on individual counterparts within acceptable bounds and avoiding the development of concentrations of credit risk on a limited number of counterparts.The Bank also has exposure limits for certain sectors of economic activity, namely energy, telecommunications, transport, urban and social, water and environmental protection or primary production and industry.Internal risk weightsFor the purposes of applying the exposure limits, the Bank has a risk weighting methodology whereby exposures set against the limit are internally weighted from 0% to 100% depending on the nature of the counterpart and the existence of external guarantees or collateral provided as security for the relevant exposure.Regulatory limitsIn addition to the Bank’s own limits referred to above, and in compliance with best banking practice applicable to the EIB, the Bank applies the regulatory limits on the maximum exposure to a single client or a group of connected clients.Collateral and guarantee managementSecurity classificationThe credit risk attached to a particular borrower may be enhanced by the provision of third party guarantees and/or valuable collateral.Guarantees may also be credit enhanced through provision of collateral by the Guarantor.In order to distinguish between the quality of such credit enhancements, the Bank has a granular classification system defining the essential characteristics of the different types of credit enhancement, which may be offered as security.30 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 31 This distinction is based not only on the credit standing of the issuer of the relevant instrument but also on the instruments’ legal enforceability and liquidity.Security eligibility and managementDetailed rules are set out in relation to, inter alia:Minimum rating requirements for guarantors and the Bank’s rights in case the guarantor loses such ratingEligibility of collateral including applicable coverage ratios and haircutsMonitoring of guarantors and of the value of collateralAcceptable caps on guaranteesThe guidelines contain specific rules relating to guarantees provided by monoline insurance companies.EIB’s Loan Grading systemThe Loan Grading (‘LG’) system is used for internal credit risk assessment of the EIB’s lending operations. The LG system is an important part of the loan appraisal and monitoring process. It is also used as a reference point for credit risk pricing.A loan’s LG reflects the present value of the estimated level of the lifetime expected loss for that loan. This is determined as the product of the probability of default, the loan exposure at risk and the loss given default. The LG system is used for the following purposes:aid to a finer and more quantitative assessment of lending risksindicator of credit risk variations for the purposes of prioritising monitoring effortsdescription of the Bank’s loan portfolio quality at a given datebenchmark for calculating the annual additions to the General Loan Reserveinput in risk-pricing decisions.The following factors are used to determine an LG:Borrower creditworthiness: expressed in accordance with internal rating methodology (‘IRM’) (see above), which is based on Moody’s methodology.Value of third party guarantees and/or collateral: takes into account the correlation between the credit risk attaching to the guarantor/issuer of the collateral and the borrower. iii. The applicable recovery rate: being the amount assumed to be recovered following a default by the relevant counterpart expressed as a percentage of the relevant loan exposure. Risk mitigating clauses: the presence of contractual clauses will add to the loan’s quality and enhance its LG.Loan maturity: all else being equal, the longer the loan term, the higher the risk of default.

Depending on the level of expected loss determined on the basis of the above factors, a loan is assigned to one of the following LG classes:“A” Prime quality loans, of which there are three sub-categories.“A0” comprising loans to or guaranteed by an EU Member State which have an expected loss of 0% (based on the Bank’s preferred creditor status and statutory protection which are deemed to ensure full recovery of the Bank’s assets upon maturity).“A+” comprising loans granted to (or guaranteed by) entities other than EU Member States in respect of which there is no expectation of deterioration in quality over their term.“A-“ includes those lending operations where there is some doubt about the maintenance of their current status but where any downside is expected to be limited. “B” High-quality loans: these represent an asset class with which the EIB feels comfortable, although a minor deterioration is not ruled out in the future. B+ and B- are used to denote the relative likelihood of the possibility of such deterioration occurring. “C” Good quality loans: an example could be unsecured loans to solid banks and corporates, with a reasonable maturity and adequate protective clauses. “D” Borderline between acceptable quality loans (designated as D+) and those that have a risk profile which is worse than that generally accepted by the Bank (designated as D-). Operations whose LG is D- or below are classified as Special Activities (see section below) and are subject to specific rules, including specific size restrictions, reserve allocations and risk pricing rules. “E” Comprising loans that have explicitly been approved as higher-risk Special Activity operations or loans whose quality has materially deteriorated such that a loss cannot be excluded. The sub-classes E+ and E- further differentiate the risk profile of the loans, with those operations graded E- being in a position where there is a possibility that debt service cannot be maintained on a timely basis and therefore some form of debt restructuring may be required, possibly leading to an impairment loss. “F” F (fail) denotes loans representing unacceptable risks. F-graded loans can only arise out of outstanding transactions that have experienced unforeseen, exceptional and dramatic adverse circumstances after signature. All operations where there is a loss of principal are graded F and a specific provision is raised. The Watch List and guidelines for dealing with distressed operationsEIB maintains a Watch List (‘WL’) for loan exposures which require special (high or moderate) credit risk monitoring following the deterioration of their risk profile post-signature.The WL includes all outstanding loans graded at D- or below, excepting those originally approved as higher-risk Special Activity loans (see below). Special Activity loans will, however, be included on the Watch List if the LG of such loan has deteriorated post-signature as a result of a material credit event.The WL is updated on a continual basis throughout the year and is reported to the Management as part of RM’s monthly internal risk report.32 | EIB Group Risk Management Disclosure Report 2019

If the credit profile of a watch-listed loan improves sufficiently, it is upgraded and removed from the WL.Distressed operations: restructuringsOperations with credit quality that deteriorates to an LG of E- or lower are considered distressed and are, therefore, placed on the WL. For distressed loans, there is a possibility debt service may not be paid in a timely manner and a limited possibility of loss of principal. The Bank may undertake a credit- based restructuring to minimise the risk of loss.When the credit quality of an operation deteriorates even further, and is assigned an LG of F, there is a material risk of loss of principal. Specific provisions will be created against the exposure.Specific guidelines are set out in respect of distressed borrowers where the Bank may need to take exceptional measures to preserve its position and minimise losses. These guidelines include procedural rules reflecting the urgency of decision-making in certain situations.Risk pricing methodologyThe Bank has a risk pricing methodology, which ensures that the risk attached to any given operation is adequately remunerated. The level of risk pricing is based on a number of factors including the Loan Grading assigned to the relevant lending operation.Special Activities (‘SA’)Special Activities are lending or guarantee operations that entail risk that is greater than the risk generally accepted by the Bank. Such operations are signified by a Loan Grading of “D-” or below.SA operations are possible with all established customer groups (corporates, banks, sub-sovereign public authorities, public sector entities and project finance transactions) and are subject to additional loan grades and counterpart-based limits, and a specific reserve allocation requirement (see below).Reserves and impairment provisionsThe Bank maintains two reserves for expected and unexpected credit losses:General Loan Reserve (‘GLR’), andSpecial Activities Reserve (‘SAR’).The GLR covers expected losses resulting from the EIB’s loan and guarantee portfolio. The SAR covers unexpected losses of operations which are classified as Special Activities.Specific provisions are raised for impaired assets. The amount of such provisioning reflects the difference between the loan book value and the present value of all the expected future cash flows generated by the impaired asset.Product-specific guidelines for complex/higher-risk productsIn order to ensure that the additional risk involved in complex or structured lending transactions is adequately analysed, quantified and mitigated, specific detailed guidelines have been developed in respect of certain types of operations complementing the general guidelines.EIB Group Risk Management Disclosure Report 2019 | 33

34 | EIB Group Risk Management Disclosure Report 2019 The following types of operations are covered by specific sections of the guidelines:Subordinated corporate debtProject finance transactionsLoan substitutesRisk-sharing productsLayered funds and securitisationsTrade financeLending outside the EUAs lending outside the EU often implies a higher risk profile than lending operations within the EU, the Bank established operational guidelines for such transactions to ensure that they are in line with the Bank’s risk appetite. Moreover, on certain operations outside the EU originated under the External Lending Mandate the EIB benefits from an EU guarantee.The EIB’s non-EU operations are split between public and private sector operations and due to the different risk profiles both are considered separately in the operational guidelines.Similarly to all other transactions, the EIB estimates expected losses taking into account a counterpart’s internal rating and a transaction’s contractual features and assigns a Loan Grading to non-EU lending transactions.Beyond capturing the credit strength of a potential counterpart, EIB risk assessment also considers local and country jurisdiction and currency circumstances, which affect the particular market environments, e.g. for emerging market investments. Based on such risk assessment, the EIB sets an internal rating for each of the relevant counterparts.EIF Credit RiskEIF’s Credit Risk arises mainly through its activity linked to debt products, which encompasses guarantees and securitisations. Credit risk management is based on a three-lines-of-defence model which permeates all areas of the EIF’s business functions and processes: (i) front office, (ii) independent risk and compliance functions and (iii) internal audit.The EIF has developed a set of tools for its Guarantees and Securitisations business in order to analyse and monitor portfolio guarantees and structured finance transactions in line with common market practices.In the context of the independent opinion process relating to its guarantees and securitisations, the Transaction and Portfolio Risk division (“TPR”) reviews each transaction proposal provided by the Equity Investments & Guarantees (“EIG”) department in accordance with the EIF’s internal rules and procedures.The performance of a transaction is reviewed regularly – at least on a quarterly basis – and assessed based on the EIF’s surveillance triggers which take into account elements such as: a) the level of cumulative defaults, b) the credit enhancement, and c) rating actions by external rating agencies. In the event of a breach of such triggers and depending on the magnitude and expected consequence(s)

EIB Group Risk Management Disclosure Report 2019 | 35 of such a breach, a transaction can either change its status (e.g. Under Review, Positive or Negative Outlook) or a model re-run is initiated to reassess the EIF’s internal rating.Financial riskOverviewFinancial risk is the risk of losses arising from the Group’s financial operations. The main financial risks are market risk, liquidity risk, credit risk arising from the financial activities, and settlement risk:Market risk is the risk of losses arising from evolution of market variables such as interest rates, foreign exchange rates and equity market prices.Liquidity risk is the risk that the Group is unable on a timely basis to fund assets or meet obligations or to liquidate positions at a reasonable price or, in extreme situations, at any price.Credit risk arising from the Bank’s financial activities, i.e. treasury, investment activities and the use of derivatives.Settlement risk is the risk of losses due to unsettled transactions after their due delivery dates.Financial risk is managed pursuant to internal guidelines – RM Financial Risk Guidelines (‘FRG’). The purpose of those is to ensure that financial risk is managed prudently within the parameters set by the Bank’s Risk Appetite Framework.The financial risk management process consists of identifying, analysing, measuring and reporting the risks incurred by the Bank in its financial operations.Guidelines’ revision and approval processRM is responsible for drafting and proposing revisions of the guidelines to the Management Committee in consultation with other services within the Bank. They are approved by the Bank’s Management Committee. The Board of Directors is informed at least annually about changes to the guidelines.Any derogation from the guidelines must be specifically approved by the Bank’s Management Committee on the basis of a duly justified request from the Financial Directorate, which will be accompanied by an opinion from RM.EIB’s ALM policy and strategyThe Bank’s ALM policy forms an integral part of the Bank’s overall financial risk management. The cornerstones of this policy are the expectations of the three main stakeholders of the Bank, in particular the Bank’s owners, borrowers and financial markets’ investors. The Bank’s owners expect the Bank to fulfil its mission, remain in operation over the long term and protect the economic value of its own funds. The Bank’s borrowers would like to secure long-term loans on attractive financial terms and conditions and financial markets’ investors expect the Bank to retain its AAA financial strength in the future.

The own funds of the Bank are benchmarked to a notional portfolio with a target cash flow structure and financial duration. The structure of the notional portfolio is kept within the permitted range approved by the Management Committee. Value at Risk and stress testing on the economic value of own funds is performed on a monthly basis. Some ad hoc analyses are performed as the case may be, in order to assess risk exposures due to new products and structures, or new market developments.Market risk – interest rate riskInterest rate risk is the risk of loss due to volatility and adverse movements of the term structure of interest rates. Exposure occurs due to mismatches in repricing and maturity characteristics of the assets, liabilities and hedge instruments. In measuring and managing interest rate risk, the Bank refers to the Principles for the Management and Supervision of Interest Rate Risk issued by the Basel Committee for Banking Supervision and the European Banking Authority.An interest rate risk that is particularly relevant for the Bank is funding spread risk. This refers to the volatility in the economic value of, or in the income derived from, the Bank’s positions due to movements in the funding spread of the Bank. The Bank’s exposure to funding spread risk mainly results from maturity mismatches between its assets and liabilities, implying a future refinancing or reinvesting need which may occur under adverse funding spread conditions. The Bank’s current ALM does not incorporate any formal requirement or limit with regard to funding spread risk management. The funding spread risk is mitigated by a recommended funding maturity profile for the next year, which aims at keeping a controlled maturity transformation between new lending and funding and thus keeping the future refinancing risks limited.Cross currency (XCCY) basis risk is the risk that the Bank incurs when its lending and funding activities in foreign currency do not match in terms of maturity and/or currency. For example, when loans denominated in one currency (e.g. EUR) are funded via the proceeds of debt issuance originated in another currency (e.g. USD). The Bank’s exposure to cross-currency basis risk vis-à-vis its tradeable currencies is monitored and subject to specific limits defined per currency and tenor.Market risk – foreign exchange riskForeign exchange risk is the volatility in the economic value of, or in the income derived from, the Bank’s positions due to adverse movements of foreign exchange rates. The Bank is exposed to a foreign exchange risk whenever there is a currency mismatch between its assets and liabilities.In compliance with its Statute, the Bank does not engage in currency operations not directly required to carry out its lending operations or fulfil commitments arising from loans or guarantees granted by it.Mismatches of currencies in the asset-liability structure of the Bank are kept within tight limits.The foreign exchange risk implicit in interest margin accruing in currencies different from EUR is regularly hedged. The hedging programme addresses the interest rate loan margins expressed in USD and in GBP for the next three years on a rolling basis.In accordance with the CRR (Articles 351 to 354), the Bank calculates own funds requirement for foreign exchange risk if its net FX position, including any gold position and Collective Investment Undertakings (CIUs), exceeds 2% of its regulatory own funds (the “de minimis requirement”). In this case, the own funds requirement for FX risk is determined as the Bank’s overall net FX position multiplied by 8%, with the exceptions detailed in Article 354.36 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 37 Market risk – equity riskEquity-type risks result from the Bank’s investments that de facto expose the Bank to the risk of the performance of the investee’s business.The EIB is exposed to equity risk due to activities approved by the BoD pursuant to Article 18 of the Statute and shares that have been received in the context of a financial restructuring of a publicly- quoted or privately-held company to which the Bank has lent.Liquidity riskLiquidity risk refers to the ability of the Bank to fund itself and meet obligations as they fall due, without incurring unacceptable losses.RM calculates and monitors a number of liquidity metrics with the aim of ensuring that the Bank holds an adequate liquidity buffer to cover its future net cash outflows. Group regulatory LCR is also monitored.Regular stress-testing analyses on different liquidity and funding scenarios are performed to determine the appropriate size of the Bank’s liquidity buffer. The various stresses take into account different lending and funding forecasts as well as loan repayments, contingent outflows and liquid assets assumptions.The Bank has developed a contingency funding plan, which specifies appropriate decision-making procedures and corresponding responsibilities. The plan is subject to annual update and regular testing and is approved by the Board of Directors.Counterparty risk: treasuryThe primary aim of the Treasury portfolios is to ensure that the Bank holds sufficient liquidity to meet its commitments at all times.In order to meet these objectives, the Front Office manages several portfolios with different instruments and maturities. The Front Office is responsible for the choice of the investments and acts as a first line of defence regarding the compliance of the portfolios to the defined investment guidelines. RM also monitors on a daily basis the compliance of the portfolios as the second line of defence and assigns limits to the eligible counterparts to define the maximum acceptable exposure.Eligibility criteria for counterparties are fixed according to the type of institution, its credit quality (as measured by its internal rating), and its financial standing.In the case of downgrading of a counterpart below the eligibility levels, the corresponding limits will be reduced or closed and new transactions will be blocked. Sale of securities issued by the downgraded counterpart may also take place.In order to ensure the diversification of investments in the Treasury portfolios, concentration limits apply to counterparties.Repo and reverse repo transactions may only be concluded with counterparties that have signed a Global Master Repurchase Agreement (GMRA) or similar master agreement with the EIB.

38 | EIB Group Risk Management Disclosure Report 2019 Counterparty risk: derivativesThe Bank only trades derivatives with counterparts meeting minimum internal rating criteria at the outset of each transaction. The Bank has a right of early termination if the rating drops below a certain level and the Bank proactively manages its exposures to counterparties.Exposures to commercial banks (exceeding thresholds) are collateralised by cash and/or bonds. All of the Bank’s derivative transactions are concluded in the contractual framework of ISDA Master Agreements and, if applicable, Credit Support Annexes, which specify the conditions of exposure collateralisation. The Bank’s derivatives and received collateral are valued on a daily basis, with a subsequent call for additional collateral or release, also daily in nearly all cases.The Bank measures the counterparty risk exposure related to derivatives using the Current Unsecured Exposure and Potential Future Exposure for reporting and limit monitoring.The Current Unsecured Exposure is the larger of zero and the market value of the portfolio of transactions within the netting set with a counterparty, less the value of collateral received. The Potential Future Exposure takes into account the potential increase in the netting set’s exposure – following a counterpart’s insolvency – over a time horizon that depends on the actual portfolio of transactions. The Potential Future Exposure is computed using stressed market parameters in order to arrive at conservative estimates.The derivatives portfolio is valued and compared against limits on a daily basis.Settlement riskSettlement Risk is applicable to both Trading Book and Banking Book transactions which may remain unsettled after their due delivery dates. According to the definition above, and due to the nature of the Bank’s operations, the most relevant transactions that are affected by settlement risk are the payments related to debt instruments (i.e. Treasury) and the exchanges of foreign currencies through derivative instruments (i.e. ALM/derivatives).In terms of mitigation of settlement risk, the Bank has put in place a framework to manage credit risk in payment and settlement activities related to its capital markets, treasury and derivatives operations, including minimum acceptability criteria of counterparties in terms of credit quality (internal rating), contractual provisions, and basing securities transactions on the principle of “delivery versus payment”.Furthermore, specifically with respect to FX swaps, the Bank has access to the Continuous Linked Settlement (CLS) system. Settling transaction through CLS generally reduces exposures to settlement risk as exchanges of different currencies are operated by CLS under conditions of simultaneity.Settlement risk is regularly reported on a weekly basis (as part of the “weekly report on treasury exposures”) by RM/FIN.Under Pillar 1, a capital charge is calculated for treasury transactions that remain unsettled on the reporting date (last working day of the month), and when the “number of working days after due settlement date” is above four. In order to calculate the capital charge for settlement risk, the Bank applies regulatory factors to the price difference of the agreed settlement price and the current market value.

EIB Group Risk Management Disclosure Report 2019 | 39 Both at the end of December 2019 and December 2018 there were no unsettled transactions beyond their due delivery date and consequently there was no required capital charge in relation to settlement risk.Fund transfer pricing systemThe Bank’s financial results and overall risk exposure are generated through various activities. In particular:LendingFundingTreasury portfoliosVenture capitalParticipationsOther equity holdingsDebt management (buy-backs)Management of own fundsIn conducting its day-to-day activities the Bank may hold a residual (i.e. net) position on its balance sheet resulting from the mismatches between its assets and liabilities. Such position is therefore consolidated in a portfolio called the Corporate ALM Centre (‘CC’) and hedged as required by the ALM strategy. This consolidation is implemented via a transfer pricing (‘TP’) system.The TP system has two main objectives – to measure the contribution of the various activities to the Bank’s revenues and to transfer part or all of interest rate and FX risk out of the individual centres of activity such that this risk can be centrally measured by RM and hedged by the Front Office.The TP system assigns a notional funding and liquidity cost to all activities consuming funds and a notional investment yield to all activities providing funds (mainly borrowings). For the CC, the former becomes the yield notionally generated by the Bank’s assets while the latter represents its notional (or internal) funding and liquidity cost. The sum of all the individual contributions over any given period, CC’s positions included, represents the Bank’s financial revenue over the same period.EIF TreasuryThe EIF directly manages its short-term liquidity to cover its operational needs, while the rest of the EIF’s treasury portfolio is managed by the EIB according to agreed guidelines. The funds are managed in such a way to ensure an adequate level of liquidity to meet foreseeable disbursements, to protect the value of the paid-in capital and, if possible, to earn a yield on assets invested with due regard to the level of risk authorised.The EIF also manages third party funds separately from its own funds on behalf of mandate owners, according to Management agreements.

4.4.3. Operational riskOverviewOperational Risk is the risk of loss resulting from inadequate or failed processes or systems, human factors or due to external events, which includes legal risk but excludes strategic and reputational risk. Legal risk is the financial risk resulting from the Group being held liable for a legal claim, damages from the failure to meet its legal obligations in respect of contractual requirements or infringement of intellectual property rights. ICT risk is defined as the risk of loss due to breach of confidentiality, failure of integrity of systems and data, inappropriateness or unavailability of systems and data or inability to change information technology (IT) within a reasonable time and at reasonable cost when the environment or business requirements change (i.e. agility). This includes security risks resulting from inadequate or failed internal processes or external events including cyber-attacks or inadequate physical security.EIB Group’s Operational Risk Management FrameworkAll EIBs Group’s activities may be affected by operational risk and therefore the Group aims to systematically identify, assess and monitor operational risks on a regular basis and ensure that sufficient controls and risk mitigants are in place to limit the operational risk exposure. The EIB’s and EIF’s Operational Risk Management Frameworks (‘ORMF’) are key components of the overall Group- wide Risk Management framework, which provides a systematic and integrated approach to the management of operational risk.The ORMF has four main components: Governance, Risk Identification and Assessment, Risk Measurement, Risk Monitoring and Reporting.At the Bank, the Management Committee approves the ORMF. Directors General are responsible for the execution of the ORMF for owning and managing the operational risks and control environments of their respective businesses and functions. They ensure that all relevant information related to operational risk events and losses in their areas of competence, if any, are reported to Operational Risk Management (‘ORM’). ORM escalates operational risk issues to senior management and the Audit Committee, as appropriate.The ORMF is complemented by the EIB Internal Control Framework (‘ICF’) which materialises the regular actions implemented by the Bank’s management to (i) identify risks generated by activities under their responsibility (inherent and residual risks), (ii) design adequate controls to cover these, and (iii) be in a position to report thereon. The ICF covers all processes implemented in the Bank and is not limited to control over financial reporting. On that basis, the Bank’s senior management issues yearly internal control assurance declarations to the EIB President and the Audit Committee. These representations are also significant procedures contributing to the Bank’s control assurance statements to external parties, such as to the European Commission (DGs) and to external auditors for the release of the Bank’s audited financial statements. The ICF’s definition, review and maintenance are administered in line with the EIB ICF Policy approved by the Board of Directors. ICF policy oversight actions are implemented by the ICF Control function (‘ICFC’), which is a second line- of-defence function.40 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 41 EIF’s Operational Risk Management FrameworkThe EIF Corporate Risk Management division (‘CORPRM’) is responsible for the implementation and management of the EIF’s operational risk management framework. The EIF has developed a specific process-based Risk and Control Assessment methodology, which takes into account both the potential financial and reputational impact of the risks inherent to its activities. On that basis, the overall operational risk profile of the EIF is described in the annual Internal Control Framework report and the material residual risk exposures are mitigated through specific risk-mitigating actions, where appropriate. The framework also encompasses the ongoing collection and analysis of the operational risk events reported to CORPRM - Operational Risk, including the definition of action plans to address their root cause, and the coordination of an ex-ante operational risk assessment for new business initiatives, including new mandates and new products. Since 2017, an annual ISAE-3402 Type 2 report issued by an independent audit firm covers the EIF mandate-related processes. ISAE-3402 is the internationally recognised standard to provide assurance on the design and operating effectiveness of the control environment of service organisations for a given period.Risk identification and assessmentTo support ORMF objectives, the Group employs an assessment methodology that takes into account all available information such as internal loss history, scenario analysis and the business and control environment, notably through a set of operational risk indicators. Specifically, ORM analyses the significant operational risk events that have or could lead to actual operational risk losses and areas of emerging risk.Inherent and residual risk assessment covered under the ICF review exercises are based on ICF Risk Assessment Methodology. The inherent risk assessment is mainly derived from impact and likelihood criteria. Residual risk assessment conclusions, amongst other objectives, support management’s prioritisation decisions for remedial actions.The EIF follows a process-based risk and control assessment. The result thereof is a Risk Control Matrix identifying the main risks for the EIF inherent to each process or activity, including: a rating of the inherent risk (gross risk), the existing key controls mitigating that risk, and a rating of the residual risk (net risk) for the EIF.The Operational Risk Management function of the EIF also collects and analyses operational risk events, including near misses to identify the root causes and define risk-mitigating actions with the relevant business units.The Operational Risk Management function of the EIF performs an ex-ante identification and assessment of the main operational risks related to new business initiatives to facilitate a well- informed decision-making process as well as a smooth implementation.Risk monitoring and reportingThe Bank’s ORM has established monthly operational risk monitoring and reporting in order to reflect the status of operational risk programmes within the Bank. The monthly Operational Risk report includes operational risk events, actions, indicators, and operational risk capital and is distributed to the President, Directors General and Audit Committee as well as to areas of the Bank involved in the

42 | EIB Group Risk Management Disclosure Report 2019 operational risk programs. The ORM reports any Operational Risk event with financial impact of EUR 100,000 or above to the President in a timely manner.The EIF has implemented several processes to manage and monitor operational risks, including the EIF Risk and Control Matrix, Key Risk Indicators, the collection and analysis of Operational Risk Events and the monitoring of the implementation of risk-mitigating actions. EIF Staff is required to report Operational Risk Events to ORM.The EIF’s ORM produces the Internal Control Framework report and periodical Operational Risk reports, and coordinates the ISAE-3402 report as well as specific contributions to broader reports, as relevant.ICT risk and information securityICT risk and data security are considered to be among the top operational risks in the industry. As a response to the increasing complexity and intensity of external threats, and in view of the reliance of the Bank’s operations on Information Technology, the EIB is constantly reinforcing both its technical defences (IT Security) and procedural and people capabilities (Information Security), and will continue to do so in line with Best Banking Practices. On the Information Security side, the Bank is focused on increasing user awareness of ICT threats and is addressing this need through various events, communication campaigns, risk assessments and training programmes. An information classification scheme is in place, and users are informed of associated best practices with regard to data leakage, prevention of malware and general sound information management. The EIB’s IT Security Unit as first- line-of defence function is responsible for deploying technical and operating measures to protect the security of computer systems, networks and other technology assets hosted in EIB premises. ORM acts as a second line of defence. These security efforts are intended to protect against attacks by unauthorised parties to obtain access to confidential information, destroy data, disrupt service, sabotage systems or cause other damage. The EIB continues to enhance its cyberdefence capabilities and strengthen its partnerships with the appropriate agencies, such as the CERT-EU, in order to address the full spectrum of ICT security risks in its operating environment, enhance defences and improve resiliency against these threats. Third parties with which the EIB does business or that facilitate the EIB’s business activities could also be sources of ICT risk to the EIB. Third-party ICT risk incidents such as system breakdowns or failures, misconduct by the employees of such parties, or attacks could affect their ability to deliver a product or service to the Bank or result in lost or compromised information. To protect the confidentiality, integrity and availability of the EIB’s infrastructure, resources and information, the EIB ensures that risks are identified and managed.Regulation EU 2018/1725 (repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC)) of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union’s institutions, bodies, offices and agencies, and on the free movement of such data, is now in force as of autumn 2018. The designated Data Protection Officer (‘DPO’) ensures that the responsible controllers and processors of personal data are informed about their responsibilities and duties, and provides advice to the organisation and to staff members on all matters related to the implementation of the Regulation. The DPO acts also as the contact point of the EIB with the European Data Protection Supervisor (‘EDPS’).

EIB Group Risk Management Disclosure Report 2019 | 43 Compliance, conduct and reputational risksOverviewUnder the guidance and responsibility of the Head of Compliance function, who reports directly to the President of the Bank, an independent Compliance function is dedicated to the oversight of the following non-financial risks at both the EIF and EIB:Compliance Risk: the risk of legal or regulatory sanctions, financial loss, or loss to reputation of a member of the EIB Group may suffer as a result of its failure to comply with all applicable laws, regulations, staff codes of conduct and standards of good practice;Conduct Risk: the current or prospective risk of losses to an institution arising from inappropriate conduct towards clients, counterparties and the financial system, including cases of fraud or wilful or negligent misconduct; andReputational Risk: the risk arising from negative perception on the part of customers, counterparties, shareholders, investors, debt-holders, market analysts other relevant parties or regulators that can adversely affect a bank's ability to maintain existing, or establish new business relationships and continued access to sources of funding.In order to identify, assess, monitor, control, mitigate and report these non-financial risks, a number of policies, procedures and/or initiatives are in place, in areas such as:Anti-Money Laundering / Combating Financing of Terrorism (AML-CFT)Non-Cooperating Jurisdiction and Tax Good GovernanceSanctionsReputational RiskBreaches of the Code of ConductGeneral Data Protection Regulation requirementsFraud and CorruptionMarket Abuse (Insider Trading, Market Manipulation, etc.)Conflict of InterestWhistleblowingDignity at Work

44 | EIB Group Risk Management Disclosure Report 2019 4.6. Model riskOverviewThe model risk in scope refers to the models and the risk estimates developed and maintained by the EIB’s RM Directorate and is defined as the potential for adverse consequences from decisions based on incorrect or misused models.All models developed and maintained within RM are part of the Inventory of Models, maintained by the Model Validation function within RM. Model validation refers to the set of processes and activities intended to minimise model risk by verifying that the models are performing as expected, in line with their objectives and business uses.Management and monitoringAs in other areas of risk, the Bank follows the three lines of defence approach in model risk management. Accordingly, the first line of defence responsibility is assigned to the model owner. The model owner is defined as the RM unit(s) responsible for development, operation and maintenance of the model/estimate under consideration. Ownership of a model may be assumed by one or several units within RM. The owner(s) of each model is (are) identified in the Inventory of Models.The second line of defence role is fulfilled by the RM Model Validation function, which acts as a control and advisory function via independent assessment of the models, the estimates and the related processes developed by other units within RM. To achieve its goals, RM Model Validation follows the appropriate validation methodologies and the validation process. It is also responsible for producing detailed methodological guidelines for the validation of individual models.Finally, Internal Audit intervenes as the third line of defence in model risk management, and bears the responsibility for assessing whether the first and second lines of defence can fulfil their roles adequately.Credit risk models, encompassing Basel II/III Pillar 1, Pillar 2 models and other models such as IFRS9, liquidity, ALM and derivatives models, as well as their processes, data and IT implementation, are independently validated by the RM Model Validation function, in line with the Bank’s Model Validation Policy.Validation activities for credit risk and derivatives models are overseen by the Internal Rating Model Maintenance Committee and by the Derivatives Strategy and Modelling Committee, respectively, and by the RM Directorate for all other models.

EIB Group Risk Management Disclosure Report 2019 | 45 4.7. Pension riskOverviewPension and health insurance risks are defined as the risks of losses due to the volatility of the Bank’s pension and health insurance liabilities.Pension and health insurance risks primarily derive from a potential increase of the Bank’s obligations under adverse conditions impacting either the future benefits to be served to the members of the pension and health insurance schemes or the (net present) valuation of such benefits.The Bank manages pension plans and a health insurance scheme for its Staff and the members of its Management Committee, the characteristics of which are presented in further details in Notes A 2.11 and L of the Group’s Consolidated Financial Statements.Management and monitoringPensions are managed as per the terms of the Bank’s Pension Scheme Regulations. The Health Insurance Scheme is managed as per the terms of the Bank’s Staff Rules.The Bank has a Pensions Board, which provides oversight of the pension scheme and is responsible for implementing the provisions governing the scheme. It also ensures consistent and systematic adherence to actuarial principles.The Bank’s exposure to actuarial risks is appraised in line with accounting standards, which value the accrued benefits, by reference to their projected amount at the date of payment. Contribution levels are reviewed periodically to reflect the evolution of actuarial parameters (interest rate, inflation, longevity, salary increase, healthcare cost, etc.) and minimise the risk of future deficits.The interest rate risk arising from pension and health insurance obligations is managed within the Bank’s overall interest rate exposure as these obligations are an integral part of the liabilities of the Bank. As per its ALM strategy, the Bank maintains a duration of own funds of five years for its overall exposure to interest rate risk, whereas the duration of these obligations is around 22 years.Salary increase, inflation, longevity and healthcare cost risks are analysed within the annual actuarial report to the Pensions Board; while these risks are not hedged, parameters are calibrated on long- term trends, resulting in a prudent valuation of the obligations.ReportingThe Pensions Board receives an annual report from the external actuary on the status of the pension scheme which includes a sensitivity analysis of the main factors impacting the pensions, namely discount rate changes, increases in salary, inflation, life expectancy and healthcare costs. The results of the risk sensitivity analysis performed by the external actuary are provided in note L of the Consolidated Financial Statements.The Pensions Board also issues an annual report setting out the main developments in the Bank’s pension schemes, along with a summary of the work carried out by the Board and an update of key financial and actuarial data.

46 | EIB Group Risk Management Disclosure Report 2019 The Bank’s Health Insurance Scheme is administered with a view to balancing benefits and contributions. The Health Insurance Scheme Committee examines the financial situation of the Health Insurance Scheme and each year draws up a report that is submitted to the Management Committee. An actuarial valuation of the Health Insurance scheme obligations is performed once a year.4.8. Climate change riskOverviewThe Group defines climate change risk as the risk of (i) transition to a lower-carbon economy and (ii) risks related to the physical impacts of climate change.Climate aspects are taken into consideration throughout the assessment and monitoring of all projects. The Group calculates and reports the carbon footprint, in absolute and relative terms, for all directly financed projects that have material emissions. In addition, an economic price of carbon is incorporated into the accounting for environmental externalities.Further details on the Group’s impact on the environment, as well as overall sustainability actions, are available in its Sustainability Reporting Disclosures document prepared in accordance with the Global Reporting Initiative (‘GRI’) Standards and in its annual Carbon Footprint report. Both documents are available on the EIB’s website.

Capital adequacy and risk-weighted assetsCapital managementMaintaining a strong capital position is one of the major objectives of the EIB Group’s risk management.The Group’s own funds for capital adequacy purposes comprise paid-in capital plus reserves, net of expected losses and provisions. In addition, the Group benefits from subscribed unpaid capital, which can be called upon by the Bank to the extent needed for the EIB to meet its obligations.Group capital planningThe Group plans its capital on a forward-looking basis in accordance with its Operational Plan (‘OP’) and Capital Sustainability Policy (‘CSP’), which include performance orientations and summarise the Group's major priorities and activities and its risk appetite described in Chapter 4. This strives to ensure that the EIB’s risk-taking activities are adequately covered by available capital.In accordance with the CSP, the RM Directorate prepares the Group Capital Plan (‘GCP’). The GCP assesses the capital sustainability from the perspective of the EIB, as the head of the Group, and of the EIF. It demonstrates that the proposed OP is consistent with the risk appetite of the Bank as per the relevant RAF limits and is therefore sustainable from a capital perspective as defined in the Group’s Capital Sustainability Policy.The GCP aims at ensuring that the EIB Group’s capital is allocated in an efficient way to enable the EIB Group to achieve its mission to support EU objectives and policy goals and is designed to facilitate decision-making by the Board with regard to the OP. While the OP has a 3-year timeline, the GCP uses a planning horizon of five years, to ensure the Group’s capital sustainability in the long term and in alignment with the ICAAP.The GCP is based on a set of assumptions and incorporates known or “reasonably foreseeable” capital impacts (e.g. regulatory or methodology changes, modelling changes, market developments, etc.) and buffers to respond to market downturns and new EU policy initiatives. It provides projections for the key capital metrics of the EIB and EIF and takes into account potential use of the operational flexibility margin within the OP (+10% of signatures) as well as stress scenarios.The 2020 EIB Group Operational Plan baseline under EU GAAP is consistent with the risk appetite of the Bank as per the relevant RAF limits, and is therefore sustainable from a capital perspective as defined in the Group Capital Sustainability Policy based on current assumptions.Capital contingency and recovery planningAs part of best banking practice applicable to it, the Bank has established a Capital Contingency Plan outlining how the Bank, in the event that the Bank’s capital adequacy falls short, intends to restore its capital adequacy to requisite levels in a timely fashion.The Capital Contingency Plan outlines a concrete list of potential adverse scenarios and related management actions which could be (promptly) executed if required.The Capital Contingency Plan is complemented by the Bank’s Recovery Plan. The Recovery Plan would be triggered when the Bank is subject to extreme stress situations. The Plan outlines actions designedEIB Group Risk Management Disclosure Report 2019 | 47

to maintain the Bank as a going concern, which outlines the course of actions the Bank will take in the event that it approaches the point of non-viability.Capital implications related to the UK’s withdrawal from EU membershipOn 29 March 2017, the United Kingdom notified the European Council of its decision to withdraw from the European Union (“EU”) pursuant to Article 50 of the Treaty on European Union (“TEU”). As of 1 February 2020, in accordance with Article 50 TEU and the Agreement on the withdrawal of the United Kingdom of Great Britain and Northern Ireland from the European Union and the European Atomic Energy Community (the “Withdrawal Agreement”), the United Kingdom ceased to be an EU Member State. The withdrawal of the United Kingdom from the EU automatically resulted in the termination of its membership of the European Investment Bank (“EIB”) and its share of the EIB’s subscribed capital.Effective as of 1 February 2020, the share of the United Kingdom in respect of the EIB’s subscribed capital was fully replaced by a pro rata capital increase of the remaining EU Member States. This capital replacement covered both the paid-in part as well as the uncalled part of the subscribed capital of the United Kingdom in the EIB. The replacement of the paid-in part was financed by converting EIB reserves into paid-in subscribed capital. As a result of the capital increase, each remaining EU Member State increased pro rata its uncalled (but callable) stake in the EIB’s subscribed capital.In addition, the capital subscribed by Poland and Romania in the EIB increased by EUR 5,386,000,000 and EUR 125,452,381, respectively. This capital increase took effect on 1 March 2020, one month after the withdrawal of the United Kingdom from the EU. Poland and Romania will pay the paid-in portion of their increase in the EIB’s subscribed capital and contribute to the EIB reserves in 10 equal semi- annual instalments.Furthermore, a number of amendments to the EIB Statute have become effective following the withdrawal of the United Kingdom from the EU. A first set of changes to the EIB Statute entered into force on 1 February 2020. These statutory amendments included the removal of references to the United Kingdom in the EIB Statute, reflecting the termination of UK membership of the EIB. Several changes to governance provisions also became effective at that time, including an increase in the number of alternate members of the EIB’s Board of Directors and the introduction of qualified majority voting for the approval of the EIB’s Operational Plan, its Rules of Procedure and the appointment of members of its Management Committee. A second set of amendments to the EIB Statute in respect of the capital increase of Poland and Romania and related governance changes entered into force on 1 March 2020.The Withdrawal Agreement contains, among other things, several provisions governing the financial settlement in respect of the EIB as a result of the termination of UK membership of the EIB. In accordance with the provisions laid down in Article 150 of the Withdrawal Agreement, the United Kingdom shall remain liable, under its former share of the subscribed capital in the EIB, for the EIB’s pre-withdrawal exposure. The United Kingdom shall also remain liable for other EIB risks as long as such risks are not related to post-withdrawal lending. In addition, in accordance with the provisions laid down in Article 150 of the Withdrawal Agreement, the EIB shall pay to the United Kingdom on behalf of the EU an amount equal to the UK share of the paid-in capital of the EIB in twelve annual instalments. Except for such repayment of the UK paid-in capital, the EIB shall not be obliged to make any other payment, return or remuneration to the United Kingdom in connection with the termination48 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 49 of its membership of the EIB or on account of the retention by the United Kingdom of certain liabilities as described in the relevant provisions of the Withdrawal Agreement.5.2. Own fundsThe following provides comprehensive details of own funds and it provides a reconciliation of the individual items to the balance sheet of the Consolidated Financial Statements under EU Accounting Directives.The capital composition of the Group has changed over the period mainly due to changes in retained profits, capital payments from EIB shareholders and the amount of regulatory deductions applied. Table 5-1: Capital instruments’ main applicable features Issuer European Investment Bank Governing law(s) of the instrument Statute of the European Investment Bank, Treaty on European Union and the Treaty on the Functioning of the European Union Regulatory treatment Transitional CRR rules Common Equity Tier 1 Post-transitional CRR rules Common Equity Tier 1 Eligible at solo/(sub-)consolidated/solo & (sub-)consolidated Solo & consolidated Instrument type Share capital Amount recognised in regulatory capital (currency in millions, as of most recent reporting date) EUR 21,699m Nominal amount of instrument 243,284,154,500 Accounting classification Subscribed capital Perpetual or dated Perpetual Issuer call subject to prior supervisory approval No Coupons/dividends Fixed or floating dividend/coupon N/A. In accordance with Article 309 of the Treaty on the Functioning of the European Union, the EIB operates on a non- profit-making basis and therefore does not pay out dividends.

50 | EIB Group Risk Management Disclosure Report 2019 Table 5-2: Own funds disclosure EUR million 31.12.2019 31.12.2018 Common Equity Tier 1 (CET1) capital Capital instruments and the related share premium accounts 21,699 21,699 of which: paid-in share capital 21,699 21,699 Retained earnings 37,121 35,324 Profit for the financial year 2,419 2,393 Other reserves 12,948 12,363 Common Equity Tier 1 (CET1) capital before adjustments 74,187 71,779 Regulatory adjustments Intangible assets -26 -24 Negative amounts resulting from the calculation of expected loss -1,807 -1,291 Additional Valuation Adjustment (AVA) -36 -64 Deduction of securitisation exposures* -1,883 -8,567 Total regulatory adjustments to Common Equity Tier 1 (CET1) -3,752 -9,946 Common Equity Tier 1 (CET1) capital 70,435 61,833 Total capital** 70,435 61,833 Total risk-weighted assets 216,950 193,178 Capital ratios Common Equity Tier 1 (as a % of total risk exposure amount) 32.5% 32.0% Total capital (as a % of total risk exposure amount) 32.5% 32.0% Institution-specific buffer requirement (CET1 requirement in accordance with CRR Article 92(1)(a), plus capital conservation and countercyclical buffer requirements, plus systemic risk, plus systemically important institution buffer expressed as a % of risk exposure amount) 8.2% 8.2% of which: capital conservation buffer requirement 2.5% 2.5% of which: countercyclical buffer requirement 0.2% 0.2% of which: buffer for systemic relevance (self-imposed) 1.0% 1.0% Common Equity Tier 1 available to meet buffers (as a % of the risk exposure amount) 24.3% 23.8% * EIB Group deducts securitisation exposure in accordance with CRR ** EIB Group’s capital consists entirely of CET 1 capital

EIB Group Risk Management Disclosure Report 2019 | 51 Table 5-3: Reconciliation table for own funds EUR million 31.12.2019 31.12.2018 Subscribed capital a) subscribed 243,284 243,284 b) uncalled -221,585 -221,585 Subtotal 21,699 21,699 Subscribed capital and reserves, called but not paid 0 0 Total 21,699 21,699 Reserves a) reserve fund 24,329 24,328 b) additional reserves 12,792 10,996 d) special activities reserve 10,778 9,627 e) general loan reserve 2,170 2,736 Reserves 50,069 47,687 Profit for the financial year 2,419 2,393 5.3. Regulatory capitalThe Group applies the Advanced internal ratings based (AIRB) approach to calculating capital requirements for credit risk on the majority of its portfolio. The Group also makes very limited use of the Standardised Approach, in particular on its strategic equity-type investments.The composition of risk-weighted assets by risk type is provided in this section. Table 5-4: EIB Group’s CRR methodologies per risk type Risk type CRR methodology Credit risk Advanced IRB approach Standardised approach Counterparty credit risk Mark-to-market approach for OTC derivatives Comprehensive approach for credit risk mitigations regarding SFTs Securitisation positions in the banking book Supervisory Formula until 31 December 2018 / Securitisation IRB Approach (‘SEC-IRBA’) since 1 January 2019 Securitisation Standardised Approach (‘SEC-SA’) since 1 January 2019 Ratings-Based method until 31 December 2018 / Securitisation External Ratings-Based Approach (‘SEC-ERBA’) since 1 January 2019 Deduction from capital for unrated and defaulted exposures Market risk Standardised approach Operational risk Advanced Measurement approach until 2018 / Standardised Approach as per Basel III standards since 2019 (EIB) Basic Indicator approach (EIF)

52 | EIB Group Risk Management Disclosure Report 2019 Table 5-5: Overview of risk-weighted assets (RWA) and regulatory capital (RGC) by exposure class EUR million 31.12.2019 31.12.2018 (restated) RWA RGC RWA RGC Advanced IRB approach Central governments and central banks 7,416 593 5,744 459 Institutions 59,956 4,797 65,583 5,247 Corporates (including Specialized Lending) 61,597 4,928 59,278 4,742 Equities (simple risk-weight) 45,018 3,601 36,432 2,915 Cash and Other Assets 1,154 92 999 80 Total Advanced IRB approach 175,141 14,011 168,036 13,443 Standardised approach Strategic Equity Investments 870 70 870 70 Corporates 134 11 569 45 Total Standardised approach 1,004 81 1,439 115 Total Credit risk 176,145 14,092 169,475 13,558 Counterparty credit risk Derivatives (Mark-to-market approach) 5,010 401 4,401 352 Securities Financing Transactions (Financial collateral comprehensive method) 146 12 23 2 CVA capital charge 6,213 497 5,553 444 Total Counterparty credit risk 11,369 910 9,977 798 Securitisation exposures in the banking book 22,301 1,784 4,418 353 Market risk Standardised approach Interest rate risk (general and specific) 461 37 654 52 Foreign exchange risk 1,799 144 5,179 414 Total Standardised approach 2,260 181 5,833 467 Total Market risk 2,260 181 5,833 467 Operational risk Advanced Measurement Approach until 2018 (EIB) / Standardised Approach as per Basel III standards since 2019 (EIB Group) 4,875 390 3,000 240 Basic Indicator Approach until 2018 (EIF) 0 0 475 38 Total Operational risk 4,875 390 3,475 278 Total RWA/minimum RGC (8% x RWA) 216,950 17,357 193,178 15,454 Combined CRD IV Buffer capital requirement (%) 3.7% 3.7% Combined CRD IV Buffer capital requirement 8,050 7,066 Overall Regulatory capital requirements (%) 11.7% 11.7% Overall Regulatory capital requirements 25,407 22,520

EIB Group Risk Management Disclosure Report 2019 | 53 5.4. Leverage ratioOverviewThe Bank uses its gearing ratio, which is defined in the Bank’s Statute, to limit the excess of leverage. This ratio is defined as “the aggregate amount outstanding at any time of loans and guarantees granted by the Bank, which shall not exceed 250 % of its subscribed capital, reserves, non-allocated provisions and profit and loss account surplus. The latter aggregate amount shall be reduced by an amount equal to the amount subscribed (whether or not paid in) for any equity participation of the Bank” (Article 16.5 of the Bank’s Statute). Based on the Operational Plan, the gearing ratio is simulated for future time periods and for different scenarios in order to ensure that the limit within the Statute will not be breached.An internal leverage ratio measure is also calculated. It is defined as gross debt (long-term and short- term) divided by the adjusted shareholder's equity (own funds minus EIB participation in EIF's capital) and is monitored on an ongoing basis. Both ratios are calculated for the Bank only and are reported monthly in the internal RM Risk Report that is provided to the management of the Bank.CRR leverage ratioThe CRR leverage ratio was introduced into the Basel III framework as a non-risk-based “backstop” measure, to supplement risk-based capital requirements. It aims to constrain the build-up of excess leverage in the banking sector, as well as to provide a safeguard against the risks associated with risk models (i.e. model risk and measurement errors). The ratio is a volume-based measure calculated as Tier 1 capital divided by total on and off-balance sheet exposures.The leverage ratio is currently calculated based on Art. 429 of CRR Regulation 2019/876 or “CRR II”, amending CRR, which introduced a binding leverage ratio within EU of 3% of Tier 1 capital (Common Equity Tier 1 plus Additional Tier 1 Capital (‘AT1’)) against total exposures. The binding leverage ratio and the additional leverage ratio buffer for G-SIIs are applicable two years after CRR II enters into force, i.e. 28 June 2021. Table 5-6: Summary reconciliation of accounting assets and leverage ratio exposures EUR million 31.12.2019 31.12.2018 Total assets as per published financial statements 555,208 557,286 Adjustments for derivative financial instruments 52,326 43,912 Adjustment for off-balance sheet items (i.e. conversion to credit equivalent amounts of off- balance sheet exposures) 49,130 46,989 Other adjustments 61,412 63,398 Leverage ratio total exposure measure 718,076 711,585

54 | EIB Group Risk Management Disclosure Report 2019 Table 5-7: CRR leverage ratio common disclosure EUR million 31.12.2019 31.12.2018 On-balance sheet items (excluding derivatives and SFTs and deductions) 583,240 597,650 Total on-balance sheet exposures (excluding derivatives and SFTs) 583,240 597,650 Replacement cost associated with derivatives transactions 49,833 42,357 Add-on amounts for potential future exposure (PFE) associated with derivatives transactions 16,494 16,107 Total derivatives exposures 66,327 58,464 Securities financing transactions (SFTs) exposures 19,379 8,482 Total securities financing transaction exposures 19,379 8,482 Off-balance sheet exposures at gross notional amount 87,693 83,728 Adjustments for conversion to credit equivalent amounts -38,563 -36,739 Total off-balance sheet exposures 49,130 46,989 Total leverage ratio exposure 718,076 711,585 Tier 1 capital 70,435 61,833 Leverage ratio 9.81% 8.69% Table 5-8: Breakdown of CRR leverage ratio exposure by type of banking book exposure EUR million 31.12.2019 31.12.2018(restated) Total regulatory exposures 718,076 711,585 Of which: Trading book exposures 3,676 5819 Banking book exposures 714,400 705,766 Of which: Covered bonds 12,027 12,218 SFTs 19,379 8,482 Derivatives 66,327 58,464 Exposures to central governments 190,506 200,756 Exposures to regional governments, international organisations and public sector entities not treated as sovereigns 64,794 61,785 Exposures to institutions 111,743 123,861 Exposures to corporates 114,727 117,326 Exposures in default 2,253 1,611 Other exposures (e.g. equity, securitisations, and other non-credit obligation assets) 132,644 121,263

EIB Group Risk Management Disclosure Report 2019 | 55 5.5. Combined CRD IV BufferCapital Conservation BufferIn accordance with CRD IV the capital conservation buffer of 2.5% of RWA (comprised of Common Equity Tier 1) is established above the regulatory minimum capital requirement of 8% of RWA.The capital conservation buffer is phased-in, starting from 1 January 2016 at 0.625% of RWA and fully effective on 1 January 2019 at 2.5% of RWA.A number of Member States have opted to frontload the capital conservation buffer requirement already in full. The ECB has made a recommendation to the Eurozone banks urging them to build up the capital conservation buffer even if not yet implemented in the full amount in their jurisdiction. Therefore, the Bank has prudently frontloaded the capital conservation buffer requirement in the full amount of 2.5%.Countercyclical bufferThe countercyclical buffer requirement is added on top of the capital conservation buffer. The countercyclical buffer rate is set by each jurisdiction on a quarterly basis. Banks have to apply a weighted-average countercyclical buffer rate based on the geographical composition of their credit portfolio. As of December 2019, the following States have opted to activate the countercyclical capital buffer. Table 5-9: Countercyclical capital buffer 31.12.2019 Own funds requirements Own funds requirementsweights Countercyclical capital buffer rate EUR million Bulgaria 8 0.00 0.50% Czech Republic 69 0.00 1.50% Denmark 207 0.01 1.00% France 1,994 0.12 0.25% Iceland 31 0.00 1.75% Ireland 194 0.01 1.00% Lithuania 9 0.00 1.00% Norway 38 0.00 2.50% Slovakia 40 0.00 1.50% Sweden 256 0.02 2.50% United Kingdom 1,572 0.10 1.00% Total risk exposure amount 216,950 Institution-specific countercyclical capital buffer rate 0.21%

56 | EIB Group Risk Management Disclosure Report 2019 Buffer for systemic relevanceAlthough the EIB is not a global systemically important bank (G-SIB), as a matter of prudence the EIB has decided to provide for an additional buffer for systemic relevance of 1.0% CET. It should be stressed that the EIB’s self-imposed buffer for systemic relevance is based on an independent decision of the Bank. The buffer for systemic importance of supervised banks is generally determined by competent authorities, rather than being self-assessed.5.6. Eligible liabilitiesAccording to Articles 7(4) and 25 of the EIB Statute, the EIB’s Board of Governors is the only body competent, by unanimous decision, to suspend the EIB’s activities and, should the event arise, to liquidate the EIB. Based on the above and as stipulated in its BBP Guiding Principles, the EIB is not subject to regulatory requirements concerning resolution. Consequently, the Bank does not have to comply with Total Loss-absorbing Capacity (‘TLAC’) or institution-specific minimum requirement for own funds and eligible liabilities (‘MREL’), as defined within the EU.

EIB Group Risk Management Disclosure Report 2019 | 57 Credit RiskIntroductionCredit risk is the risk of losses arising from the failure of counterparties to meet all or part of their financial obligations to the Group. Lending is the principal activity of the EIB, which offers loans, guarantees and other lending products that are subject to credit risk. The EIF is also exposed to credit risk as it invests in venture capital activities and provides guarantees in the context of securitisation transactions.This section does not cover credit risk arising from over-the-counter (OTC) derivative transactions and securities financing transactions, which is defined as Counterparty Credit Risk in this report and is covered in Chapter 7. Credit exposures on securitisation positions are included in this chapter only when indicated, but are covered in more detail in Chapter 8.Portfolio compositionOverview of exposure distributionThe Group grants loans and accepts credit exposure on financial transactions on terms and conditions that embed a high standard of credit quality and a low risk of loss. The EIB operates with a range of counterparts that are shown below.Information on exposures given in this chapter are exposures used for calculating regulatory capital and therefore differ to exposures for accounting purposes that are given in the Financial Statements. Differences include: (i) not only current, but also future exposure (resulting e.g. from future commitments) is included, (ii) valuation adjustments made for accounting purposes do not necessarily apply here, (iii) credit risk mitigants are applied and, in addition, the segmentation by exposure classes used here follows the CRR and cannot be found in the Financial Statements.Table 6-1: CRR exposure classes mapped to EIB counterparty typesThe following table provides an overview of EIB’s counterparts and how these are treated for regulatory capital calculation purposes according to the CRR. CRR exposure class Counterparty types Central Governments and Central Banks Central Banks Governmental bodies Member States of the European Union Institutions Other sovereign entities BanksLeasing companiesInsurance companies and financial guarantors Other financial institutions Public administrations Public sector entities Regional or local authorities Corporates Commercial companies Corporate - Specialised Lending Special purpose vehicles

Figure 6-1: Credit risk exposure by IRB exposure classThe following charts provide an overview of the Group’s credit exposure (EAD, post-substitution of financial guarantees, including deductions) by IRB exposure class. Portfolio quality and credit risk adjustmentsIn line with the CRR, the EIB’s definition of default is such that a default is considered to have occurred with regard to a particular obligor when either one of or both of the two following conditions are met:The obligor is more than 90 days past due on any material financial obligation to the Bank; orThe Bank considers that the obligor is unlikely to pay in full its material credit obligations to the Bank. The following events are considered as cases of unlikelihood to pay in full2:Creation of a specific provision;Distressed restructuring (modifications of the original contractual schedule) that is likely to result in a diminished financial obligation for the Bank;When the EIB accelerates all or part of its loan following a contractual event of default;The exposure (or part of it) is written off or written down;The obligor has sought or has been placed in bankruptcy or similar protection;The Bank realises security to avoid a potential loss, specifically:The Bank proceeds with a realisation of securities or loan collaterals or call under guarantees;Default on derivatives or realisation of derivative collaterals; orThe obligor is unable to provide security or collateral on terms the Bank has formally requested according to its contractual rights and after the steps provided for in the contract. 2 This list is not exhaustive; other events could also be considered as an unlikelihood to pay.58 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 59 The EIB keeps a manual on operational procedures, which describes the procedures and responsibilities for identifying default events, monitoring and follow-up of the events, and input and management in the internal systems. An obligation is considered as being “past due” when a contractual payment has not been met.For accounting purposes, a claim (meaning a loan, a commitment such as a letter of credit, a guarantee, a commitment to extend credit, or another credit product) is considered to be impaired if there is objective evidence that the Group will be unable to collect all amounts due on that claim according to the original contractual terms or an equivalent value. More specifically:The need to consider a loan as impaired is assessed regularly for all loans whose LG has deteriorated to E-, while all loans with a LG of F are considered as impaired.In addition, if the Bank does not expect to recover the original carrying amount on a loan with renegotiated payment terms (after having been on the Watch List previously), the loan will be considered as impaired and the LG will be adjusted to F accordingly – if it was not F previously.Details about the approach adopted for determining specific credit risk adjustments for regulatory reasons based on the specific impairment charges for accounting purposes are provided in Section6.1. Movements in specific credit risk adjustments over the period can be found in the Financial State- ments, Note D.2. All of the Bank’s exposures are assessed for impairment at least annually. Therefore, no general credit risk adjustments are made.Table 6-2: Analysis of exposures (on- and off-balance sheet) and portfolio quality by productThe following tables provide an overview of the quality of the Bank’s credit exposures, on- and off- balance sheet exposures before application of credit conversion factors (‘CCF’), EAD pre-CCF. The tables present a breakdown of defaulted and non-defaulted exposures against specific provisions. Synthetic securitisations are not included under Securitisations; instead, the underlying (securitised) exposures are split between Loans and Off-balance Exposures. Counterparty credit risk exposures, such as OTC derivatives and securities-financing transactions, are not included. 31.12.2019 All exposures (EAD pre-CCF) Specific provisions Net value EUR million Defaulted exposure Non-defaultedexposure Defaulted exposure Non-defaultedexposure Loans 2,221 525,049 -367 -22 526,881 Debt securities 0 34,192 0 0 34,192 Equity 0 11,715 0 -1 11,714 Securitisations 0 5,616 0 0 5,616 Other 0 2,680 0 0 2,680 Off-balance 65 87,628 -44 -4 87,645 Total 2,286 666,880 -411 -27 668,728

60 | EIB Group Risk Management Disclosure Report 2019 31.12.2018 All exposures (EAD pre-CCF) Specific provisions Net value EUR million Defaulted exposure Non-defaultedexposure Defaulted exposure Non-defaultedexposure Loans 1,861 537,716 -474 -3 539,100 Debt securities 0 35,952 0 0 35,952 Equity 0 8,862 0 -3 8,859 Securitisations 0 5,390 0 0 5,390 Other 0 2,026 0 0 2,026 Off-balance 62 83,665 -39 -11 83,677 Total 1,923 673,611 -513 -17 675,004 Table 6-3: Changes in defaulted loans and debt securities from year-end 2018 to 2019 This table examines the recent evolution of defaulted credit risk exposures and, in particular, the movements between non-defaulted and defaulted status and the reductions of defaulted exposures due to write-offs. It does not include defaults on securitised exposures. EUR million Defaulted loans and debt securities at the beginning of the reporting period (1.1.2019) 1,923 Loans and debt securities that have defaulted or impaired since the last reporting period 707 Returned to non-defaulted status -219 Amounts written off 0 Other changes -125 Defaulted loans and debt securities at the end of the reporting period (31.12.2019) 2,286 The total amount of defaulted loans and debt securities remains a small portion of the Group’s overall portfolio. For details on the past due and forborne exposures, see Note U.2.1 “Loans” of the Financial Statements. Table 6-4: Specific credit risk adjustments by IRB exposure class The following table provides an overview of the EIB’s specific provisions for impaired loan and equity-type exposures. Specific provisionsEUR million 31.12.2019 31.12.2018 Change Corporates 368 460 -92 Institutions 65 56 9 Total specific provisions on loans 433 516 -83 Equity 5 14 -9 Total specific provisions 438 530 -92

EIB Group Risk Management Disclosure Report 2019 | 61 Table 6-5: Credit quality of exposures by industry and geography The following tables provide an overview of the credit quality of EIB’s exposures (EAD pre-CCF) by geographical and economic sector breakdown. This table does not include defaults on securitised exposures. 31.12.2019 Defaulted exposure Non-defaulted exposure Specific provisions Change in provisions 2019 EUR million Air transport 99 9,710 28 0 Automobiles 0 2,006 0 0 Basic material and mining 7 1,391 0 (1) Chemicals, plastics and pharmaceuticals 138 4,027 79 (14) Consumer goods 0 283 1 (5) Drinking water, water treatment 0 16,234 0 0 Electricity, coal and others 188 45,478 46 24 Food chain 0 1,285 0 0 Investment goods/consumer durables 0 6,054 3 0 Marine transport 0 4,827 0 (11) Materials processing, construction 90 3,714 6 2 Oil, gas and petroleum 379 12,009 0 0 Paper chain 0 810 0 0 Roads and motorways 286 11,614 54 (183) Securitisations 0 112,573 0 0 Social infrastructure: education, health 272 21,459 41 (8) Telecommunications 0 10,949 0 0 Traditional and high-speed railways 0 32,144 0 0 Urban dev., renovation and transport 259 142,858 105 98 Venture capital 0 13,104 0 0 Waste recovery, recycling 6 2,540 6 0 Other 562 211,811 69 6 Total by sector 2,286 666,880 438 (92)

62 | EIB Group Risk Management Disclosure Report 2019 31.12.2019 Defaulted exposure Non-defaulted exposure Specific provisions Change in provisions 2019 EUR million Austria 0 15,015 0 0 Belgium 0 13,801 0 0 Bulgaria 0 1,881 0 0 Croatia 0 4,394 0 0 Cyprus 0 2,721 0 0 Czech Republic 0 7,381 0 0 Denmark 0 3,953 0 0 Estonia 0 1,408 0 0 Finland 0 11,252 0 (5) France 89 65,782 6 (26) Germany 303 46,920 116 (6) Greece 147 17,980 14 (22) Hungary 0 9,397 0 0 Ireland 90 7,694 5 0 Italy 300 57,521 64 9 Latvia 0 1,130 0 0 Lithuania 0 1,873 0 0 Luxembourg 0 64,489 0 0 Malta 0 449 0 0 Netherlands 0 19,146 0 0 Poland 0 39,964 0 0 Portugal 30 16,265 31 (27) Romania 0 5,477 0 0 Slovakia 0 4,328 0 0 Slovenia 0 3,311 0 0 Spain 13 87,541 7 0 Sweden 0 11,583 1 1 United Kingdom 655 45,580 45 (7) Non-EU 659 41,484 149 (9) Supranational 0 57,160 0 0 Total by geographical area 2,286 666,880 438 (92)

EIB Group Risk Management Disclosure Report 2019 | 63 31.12.2018 Defaulted exposure Non-defaulted exposure Specific provisions Change in provisions 2018 EUR million Air transport 98 10,961 28 0 Automobiles 0 3,573 0 0 Bank-intermediated loans 63 14,288 0 0 Basic material and mining 23 1,014 1 1 Chemicals, plastics and pharmaceuticals 163 3,042 93 (8) Consumer goods 0 585 6 6 Drinking water, water treatment 0 24,068 0 0 Electricity, coal and others 179 55,794 22 (6) Food chain 0 3,858 0 0 Investment goods/consumer durables 0 5,772 3 (2) Marine transport 96 6,737 11 11 Materials processing, construction 0 6,774 4 4 Oil, gas and petroleum 0 15,005 0 0 Paper chain 0 2,335 0 0 Roads and motorways 603 43,793 237 (37) Social infrastructure: education, health 437 52,843 49 36 Telecommunications 0 12,739 0 0 Traditional and high-speed railways 0 46,173 0 0 Treasury 0 66,539 0 0 Urban dev., renovation and transport 117 64,099 7 5 Venture capital 0 11,787 0 0 Waste recovery, recycling 7 9,048 6 (1) Other 137 212,784 63 63 Total by sector 1,923 673,611 530 72

64 | EIB Group Risk Management Disclosure Report 2019 31.12.2018 Defaulted exposure Non-defaulted exposure Specific provisions Change in provisions 2018 EUR million Austria 0 15,709 0 0 Belgium 0 13,214 0 0 Bulgaria 0 1,697 0 0 Croatia 0 4,121 0 0 Cyprus 0 2,763 0 0 Czech Republic 0 6,487 0 0 Denmark 0 5,379 0 0 Estonia 0 1,262 0 0 Finland 0 9,633 5 0 France 91 65,993 32 3 Germany 323 45,604 122 (1) Greece 151 17,345 36 (1) Hungary 0 9,543 0 0 Ireland 94 7,105 5 0 Italy 321 57,831 55 53 Latvia 0 874 0 0 Lithuania 0 1,928 0 0 Luxembourg 0 70,289 0 0 Malta 0 405 0 0 Netherlands 0 19,369 0 0 Poland 0 39,366 0 0 Portugal 78 18,603 58 (21) Romania 0 5,043 0 0 Slovakia 0 4,435 0 0 Slovenia 0 3,094 0 0 Spain 30 90,818 7 (4) Sweden 0 11,057 0 0 United Kingdom 507 45,950 52 42 Non-EU 328 41,049 158 1 Supranational 0 57,645 0 0 Total by geographical area 1,923 673,611 530 72

EIB Group Risk Management Disclosure Report 2019 | 65 Portfolio composition The exposure values provided in this section are Exposure at Default (‘EAD’), post-substitution andpre-mitigation by collateral, unless otherwise stated. Also securitisation activities have been included to provide their respective breakdown by geography and sector, although their RWA is included only in Chapter 8 below. Table 6-6: Total and average credit risk exposures This table shows the Group’s average exposures over the period ending December 2019 and December 2018 by exposure class, excluding derivatives, SFT, and other credit non-obligation assets. EUR million Average EAD Year-end EAD 2019 2018 (restated) 2019 2018 (restated) Central governments and Central Banks 211,694 223,001 200,824 214,943 Institutions 196,513 202,785 197,978 202,169 Corporates (incl. Specialised Lending) 121,560 126,504 121,482 123,775 Equity 17,887 16,116 19,412 16,451 Items representing securitisation positions 108,337 104,212 112,573 102,856 Total 655,990 672,618 652,269 660,194

66 | EIB Group Risk Management Disclosure Report 2019 Table 6-7: Geographical distribution of credit risk exposures 31.12.2019 Centralgovern- ments andCentral Banks Institutions Corporates (including Specialised Lending) Equity Itemsrepresenting securitisa-tion positions Cash and other assets Total Exposure as% of GDP2018 EAD, EUR million Austria 2,460 9,325 2,397 60 523 0 14,765 4.0% Belgium 4,505 6,571 1,886 269 0 0 13,231 3.0% Bulgaria 1,216 533 0 9 3 0 1,761 3.4% Croatia 3,600 523 39 15 0 0 4,177 8.5% Cyprus 2,569 0 42 2 0 0 2,613 13.4% Czech Republic 2,443 3,711 871 28 0 0 7,053 3.7% Denmark 264 1,591 1,481 564 0 0 3,900 1.3% Estonia 683 210 397 65 0 0 1,355 5.7% Finland 120 7,472 2,851 347 0 0 10,790 4.8% France 7,308 42,226 10,651 3,821 0 0 64,006 2.8% Germany 19,527 10,363 14,654 1,262 348 0 46,154 1.4% Greece 16,495 711 438 32 0 0 17,676 9.8% Hungary 8,119 672 283 10 0 0 9,084 7.3% Ireland 2,944 2,107 1,813 413 212 0 7,489 2.5% Italy 7,868 29,165 16,129 700 2,257 0 56,119 3.3% Latvia 736 64 225 19 0 0 1,044 3.9% Lithuania 1,705 55 97 13 0 0 1,870 4.4% Luxembourg 5,995 607 393 5,270 49,561 2,562 64,388 116.4% Malta 345 71 0 0 0 0 416 3.7% Netherlands 979 8,492 8,431 914 0 5 18,821 2.6% Poland 23,358 8,829 4,336 36 1,751 0 38,310 8.2% Portugal 6,148 6,324 3,516 46 0 0 16,034 8.2% Romania 3,074 1,406 392 4 0 0 4,876 2.6% Slovakia 2,885 763 425 10 0 0 4,083 4.8% Slovenia 2,699 302 172 7 0 0 3,180 7.4% Spain 50,513 21,219 11,249 844 3,152 0 86,977 7.5% Sweden 5,586 1,531 3,764 306 0 0 11,187 2.4% United Kingdom 2,213 14,921 24,938 3,616 130 0 45,818 2.0% Total EU 186,357 179,764 111,870 18,682 57,937 2,567 557,177 Non-EU 10,812 18,214 9,612 730 1,132 0 40,500 Supranationals 3,655 0 0 0 53,504 0 57,159 Total 200,824 197,978 121,482 19,412 112,573 2,567 654,836

EIB Group Risk Management Disclosure Report 2019 | 67 31.12.2018(restated) Centralgovern- ments andCentral Banks Institutions Corporates (including Specialised Lending) Equity Itemsrepresenting securitisa-tion positions Cash and other assets Total Exposure as% of GDP2017 EAD, EUR million Austria 2,115 10,391 2,026 31 292 0 14,855 4.0% Belgium 4,471 5,956 2,278 233 0 0 12,938 2.9% Bulgaria 1,135 550 14 0 0 0 1,699 3.3% Croatia 3,549 480 99 15 0 0 4,143 8.5% Cyprus 2,537 45 45 2 0 0 2,629 13.4% Czech Republic 2,276 3,985 725 25 0 0 7,011 3.7% Denmark 245 2,591 1,132 461 0 0 4,429 1.5% Estonia 711 195 288 28 0 0 1,222 5.2% Finland 108 6,616 2,520 279 0 0 9,523 4.3% France 5,323 41,503 11,000 3,021 0 0 60,847 2.7% Germany 17,604 9,684 14,788 928 503 0 43,507 1.3% Greece 15,975 487 529 23 0 0 17,014 9.4% Hungary 8,368 769 307 10 0 0 9,454 7.6% Ireland 2,349 2,235 1,616 320 451 0 6,971 2.4% Italy 6,999 31,724 15,370 696 2,170 0 56,959 3.3% Latvia 565 0 244 17 0 0 826 3.1% Lithuania 1,617 37 187 8 0 0 1,849 4.4% Luxembourg 20,816 850 302 4,467 42,411 1,927 70,773 128.0% Malta 313 68 0 0 0 0 381 3.4% Netherlands 686 9,495 9,009 781 230 5 20,206 2.7% Poland 23,148 9,162 5,254 20 658 0 38,242 8.2% Portugal 8,042 6,348 4,199 31 0 0 18,620 9.6% Romania 3,209 1,349 162 0 0 0 4,720 2.5% Slovakia 3,296 731 411 0 0 0 4,438 5.2% Slovenia 2,745 347 158 0 0 0 3,250 7.6% Spain 53,512 21,455 11,988 747 2,572 0 90,274 7.7% Sweden 5,621 1,169 3,578 237 0 0 10,605 2.2% United Kingdom 2,104 14,899 25,557 3,495 315 0 46,370 2.0% Total EU 199,439 183,121 113,786 15,875 49,602 1,932 563,755 Non-EU 9,993 19,048 9,989 576 1,168 0 40,774 Supranationals 5,511 0 0 0 52,086 0 57,597 Not applicable 0 0 0 0 0 0 0 Total 214,943 202,169 123,775 16,451 102,856 1,932 662,126

68 | EIB Group Risk Management Disclosure Report 2019 Table 6-8: Distribution of credit risk exposures by economic sector at year-end 31.12.2019 Centralgovernments and CentralBanks Institutions Corporates(including Specialised Lending) Equity Itemsrepresenting securitisationpositions Cash and other assets Total EAD, EUR million Air transport 4,287 98 5,068 103 0 0 9,556 Automobiles 25 51 1,915 15 0 0 2,006 Basic material and mining 0 29 1,332 13 0 0 1,374 Chemicals, plastics and pharmaceuticals 196 78 3,575 257 0 0 4,106 Consumer goods 55 0 210 18 0 0 283 Drinking water, water treatment 4,850 3,365 7,791 0 0 0 16,006 Electricity, coal and others 3,663 3,277 37,887 62 0 0 44,889 Food chain 45 33 1,108 41 0 0 1,227 Investment goods/consumer durables 451 15 5,170 314 0 0 5,950 Marine transport 1,698 1,316 1,669 27 0 0 4,710 Materials processing, construction 188 231 3,346 24 0 0 3,789 Oil, gas and petroleum 389 460 11,457 0 0 0 12,306 Paper chain 0 206 604 0 0 0 810 Roads and motorways 2,314 2,368 7,194 0 0 0 11,876 Securitisations 0 0 0 0 112,573 0 112,573 Social infrastructure: education, health 7,456 12,260 1,445 35 0 0 21,196 Telecommunications 98 221 10,545 22 0 0 10,886 Traditional and high- speed railways 21,700 6,409 3,311 0 0 0 31,420 Urban dev., renovation and transport 94,209 39,029 3,864 0 0 0 137,102 Venture capital 0 0 0 13,104 0 0 13,104 Waste recovery, recycling 457 1,380 637 0 0 0 2,474 Other 58,743 127,152 13,354 5,377 0 2,567 207,193 Total 200,824 197,978 121,482 19,412 112,573 2,567 654,836

EIB Group Risk Management Disclosure Report 2019 | 69 31.12.2018 (restated) Centralgovernments and CentralBanks Institutions Corporates(including Specialised Lending) Equity Itemsrepresenting securitisationpositions Cash and other assets Total EAD, EUR million Air transport 4,820 208 5,275 0 0 0 10,303 Automobiles 49 118 3,196 15 0 0 3,378 Basic material and mining 0 17 944 0 0 0 961 Chemicals, plastics and pharmaceuticals 243 205 3,142 103 0 0 3,693 Consumer goods 51 0 464 18 0 0 533 Drinking water, water treatment 5,309 4,626 8,404 0 0 0 18,339 Electricity, coal and others 3,716 4,237 37,108 0 0 0 45,061 Food chain 49 10 1,123 41 0 0 1,223 Investment goods/consumer durables 393 24 5,261 177 0 0 5,855 Marine transport 1,719 1,236 1,729 17 0 0 4,701 Materials processing, construction 218 238 3,220 16 0 0 3,692 Oil, gas and petroleum 418 800 12,017 0 0 0 13,235 Paper chain 0 327 564 0 0 0 891 Roads and motorways 1,490 1,847 9,530 0 0 0 12,867 Securitisations 0 0 0 0 102,856 0 102,856 Social infrastructure: education, health 7,390 11,965 1,548 16 0 0 20,919 Telecommunications 124 723 9,914 31 0 0 10,792 Traditional and high- speed railways 21,822 6,879 3,655 0 0 0 32,356 Urban dev., renovation and transport 95,035 38,109 3,426 0 0 0 136,570 Venture capital 0 0 0 11,787 0 0 11,787 Waste recovery, recycling 437 142 461 0 0 0 1,040 Other 71,660 130,458 12,794 4,230 0 1,932 221,074 Total 214,943 202,169 123,775 16,451 102,856 1,932 662,126

Table 6-9: Distribution of credit risk exposures by residual maturity 31.12.2019 < 1 year 1-5 years > 5 years Total EAD, EUR million Central governments and Central Banks 10,539 60,655 129,630 200,824 Institutions 27,288 75,369 95,321 197,978 Corporates 7,082 45,606 68,794 121,482 Equity 0 870 18,542 19,412 Securitisation 0 9,652 102,921 112,573 Cash and other assets 2,032 535 0 2,567 Total 46,941 192,687 415,208 654,836 31.12.2018 (restated) < 1 year 1-5 years > 5 years Total EAD, EUR million Central governments and Central Banks 24,095 58,294 132,554 214,943 Institutions 24,516 79,010 98,643 202,169 Corporates 5,518 47,234 71,023 123,775 Equity 0 870 15,581 16,451 Securitisation 0 8,663 94,193 102,856 Cash and other assets 1,114 818 0 1,932 Total 55,243 194,889 411,994 662,126 6.2. Credit risk mitigationThe Bank details its approach to credit risk mitigation in its credit risk operational guidelines, which include the type of collateral and guarantees the Bank accepts. Credit risk mitigation used to limit the exposure of derivatives and securities financing transactions is presented in Chapter 7.The Bank follows a detailed security classification to differentiate the quality of the security provided by a guarantor or collateral provider. The Bank accepts various types of credit enhancements and has defined requirements on the security’s quality. The credit enhancements include guarantees, assignment of financial rights (e.g. claim on underlying loan exposures or revenues), pledge of assets like government securities or mortgages on fixed assets and financial collateral such as cash, bank accounts held with an independent bank, bonds and, on an exceptional basis, shares. The Bank does not use credit derivatives as a means of mitigating credit risk.If a loan is guaranteed by a bank, the guarantor bank is subject to a minimum internal rating requirement, or minimum qualifying status (‘MQS’). The minimum requirement also depends on the credit quality of the borrower. The EIB’s policies stipulate remedial actions when the minimum qualifying status is lost.For financial collateral, the policy defines eligible types that take into account the nature, currency, credit quality, maturity, liquidity and amount of such collateral. Internal haircuts at least as conservative as the regulatory haircuts are defined for each type of financial collateral.70 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 71 Financial collateral received is subject to regular monitoring, which includes the valuation and calculation of coverage ratios between loan and collateral and the assessment of credit risk concentrations. For further information on collateral received, refer to Note S.2.5.1 (financial collateral for derivatives), Note S.2.3.4 (collateral on loans) and Note S.2.3.3 (guarantees received by the Group) of the Consolidated Financial Statements under IFRS. Financial monitoring guidelines exist to detail the security and collateral monitoring, the guarantee renewal, and the responsibilities within the Bank.The following tables provide an overview of the extent of credit risk mitigation used by the Group, as well as information on the quality of the guarantor and the coverage ratio of secured exposures. Table 6-10: Overview of protections against credit risk The following tables disclose the extent of reduction of credit risk exposure due to the use of collateral, financial guarantees, and credit risk mitigation techniques. EIB currently does not use any credit derivatives as credit risk mitigants. Defaults on securitised exposures are not included. EAD, EUR million 31.12.2019 31.12.2018 (restated) Exposure Unsecured Exposure secured by financial collateral Exposure secured by financial guarantees Exposure unsecured Exposure secured by financial collateral Exposure secured by financial guarantees Central governments and Central Banks 94,330 0 106,494 109,175 0 105,768 Institutions 164,898 11,625 21,455 166,808 13,002 22,359 Corporates (including Specialised Lending) 98,378 1,392 21,712 99,420 2,031 22,324 Equity 19,412 0 0 16,451 0 0 Items representing securitisation positions 58,752 0 53,821 50,469 0 52,387 Cash and other assets 2,567 0 0 1,932 0 0 Total 438,337 13,017 203,482 444,255 15,033 202,838 Of which, defaulted 1,709 198 379 1,705 206 0 Table 6-11: Credit exposure secured by financial collateral and coverage ratio breakdown The table below provides a breakdown of protected and unprotected exposures. EUR million 31.12.2019 31.12.2018 Secured by collateral 13,017 15,033 Breakdown by protection/exposure ratio less than 25% 156 171 25% to 50% 319 237 50% to 75% 388 1,027 75% to 90% 592 416 90% to 100% 11,562 13,182 Residual exposure, not secured by financial collateral 641,819 647,093 Total 654,836 662,126

72 | EIB Group Risk Management Disclosure Report 2019 Table 6-12: Protected exposure by guarantor rating class This table provides a view on the credit quality of the guarantors used by the Group to reduce its credit risk exposures. The breakdown is based on external ratings. EUR million 31.12.2019 31.12.2018 AAA 11,319 10,718 AA 14,655 14,191 A 55,634 56,969 BBB 31,840 28,582 BB 12,425 10,992 B 3,274 8,185 CCC 7 14 Unrated 74,328 73,187 Total 203,482 202,838 6.3. Standardised approachThe Group treats a small portion of its assets under the Standardised approach. This portfolio includes the Bank’s strategic equity investment in the EBRD. Table 6-13: Standardised approach EUR million 31.12.2019 Exposures before CCF and credit risk mitigation (‘CRM’) Exposures post-CCF and CRM On-balance sheet amount Off-balance sheet amount On-balance sheet amount Off-balance sheet amount RWA RWA density RGC Strategic investments 158 713 158 713 870 100% 70 Corporates 33 201 33 100 134 100% 11 Total 191 914 191 813 1,004 81 EUR million 31.12.2018 Exposures before CCF and CRM Exposures post-CCF and CRM On-balance sheet amount Off-balance sheet amount On-balance sheet amount Off-balance sheet amount RWA RWA density RGC Strategic investments 158 713 158 713 870 100% 70 Corporates 84 970 84 485 569 100% 45 Total 242 1,683 242 1,198 1,439 115

EIB Group Risk Management Disclosure Report 2019 | 73 6.4. Internal Ratings-based approachThe Internal Ratings-based (‘IRB’) approach enables banks to use their own risk parameters to quantify required capital for credit risk. After the Basel II Accord was published, the EIB Group made the decision to use internal credit risk models and processes to be able to apply the IRB approach and therefore developed models for the Probability of Default (‘PD’), Loss Given Default (‘LGD’) and Exposure at Default (‘EAD’). PD, LGD and EAD models exist for all material exposure classes of the Bank, and the Bank uses an “Advanced IRB” (AIRB) approach for the majority of its book. Strategic equity participations, such as investment in the EBRD, are treated under the Standardised approach. The slotting approach was applied to unsecured specialised lending exposures until the end of 2016, since when it has been replaced by AIRB. The simple risk-weight approach is used for equity exposures.Internal credit risk parameter estimates are not only used for regulatory, but also for economic capital calculations. Internal ratings are a key driver of loan grading and therefore of loan pricing and provisioning. The Group has set up a stress-testing framework, in which the internal credit risk parameters and how they will change for different macroeconomic scenarios play a major role.Internal ratingsThe EIB has developed an Internal Rating methodology (‘IRM’) to determine the internal ratings of all its counterparts. The methodology is based on scorecards for all counterparty types. The table below sets out the relationship between internal ratings, equivalent external ratings and the ratings’ definitions. Internal ratings are updated and reviewed by OPS/TMR at least on a yearly basis and are validated by the Credit Risk Department.Table 6-14: EIB's internal ratings Internal rating EquivalentMoody's rating Rating definition 1 Aaa Counterpart of prime credit quality, with minimal credit risk 2+ Aa1 High credit quality counterpart and subject to very low credit risk. Considerable stability of earnings, strong position in a non-cyclical sector and moderate leverage. Long-term prospects quite solid. 2 Aa2 2- Aa3 3+ A1 Good credit quality counterpart and subject to low credit risk. Capacity to repay all obligations inthe normal course of business is undoubted, but operating in a cyclical sector (or not having a strong position in a non-cyclical one), and therefore potentially showing a degree of vulnerability to downturns. Long-term prospects remain, however, solid. 3 A2 3- A3 4+ Baa1 Acceptable credit quality counterpart subject to moderate credit risk but with an exposure to economic or industry cycles that could well lead, in the medium term, to a material deterioration in the borrower’s financial performance. 4 Baa2 Minimum acceptable credit quality counterpart subject to increased credit risk. 4- Baa3 Counterpart is financially vulnerable to external or internal factors such as high leverage, highly cyclical and competitive industries, or where event risk is a major consideration. Short-term solvency is not in question, but long-term prospects are uncertain. 5+ Ba1 5 Ba2 Financially weak counterpart, whose capacity to repay obligations on a timely basis may be inquestion. 5- Ba3 6+ B1 6 B2 Counterpart subject to high credit risk; capacity to repay questionable. 6- B3 7 Caa2 Counterpart judged to be of very poor credit standing and subject to very high credit risk. 8 D Counterpart in default.

Internal ratings processIn order to ensure the independence of the rating assignment, there is a clear division of responsibilities between OPS (Loan Officers), TMR (post-signature monitoring) and OPE (Credit Officers) regarding the due diligence and internal rating exercise. While OPS/TMR have direct contact with the counterparty, are responsible for the detailed financial analysis, gather all information required for the scoring sheet and propose an initial counterpart rating, it is OPE’s responsibility to validate the rating and perform adjustments/override to determine the final rating. The final rating decision is communicated and discussed between OPS/TMR and OPE and in the event of material disagreements it is the decision of the OPE. Each counterparty is rated individually.Several control mechanisms of the internal ratings system have been established to ensure the internal ratings are robust:Under the mandate of the Credit Risk Control Function (‘CRCF’), RM/REG/IM (Internal Modelling Division) and SG/ECON (General Secretariat, Economics Department) are responsible for the design and continuous refinement of the internal rating model methodologies, the review, maintenance and monitoring of the models’ performance and the oversight of the rating systems as whole.A separate validation team within RM ensures the internal models’ compliance with the applicable regulations.The Internal Rating Models Maintenance Committee has oversight over regular validation of the IRMs.The internal audit function is responsible for checking annually the integrity of the internal rating system and its adherence to all applicable minimum requirements.All internal rating models at the EIB follow an expert system approach, meaning the ratings are primarily based on scorecards, which rely on quantitative factors and an analyst’s opinion for qualitative factors, but also allow adjustments to the rating based on judgmental factors to an explicitly limited degree. EU and non-EU counterparts generally use the same rating approach, although the scores are partially weighted differently, such that for non-EU counterparties e.g. business risk factors are more heavily weighted than financial criteria.The internal rating model for corporate counterparts (excluding Project Finance counterparts) assesses business risk and financial risk factors (including industry risks, company specifics, corporate governance, capital structure and debt service capacity) on a quantitative and qualitative basis by taking into account sector- and country-specific factors to determine an initial rating. Expert adjustments are made by considering the legal entities’ parental or government support. Before the final rating is determined, overriding tools assist in providing information that was not considered in the scoring sheet, or market pricing information.Most financial institution counterparties are rated by external rating agencies; nevertheless, an internal rating will be derived for all such counterparties. The internal ratings process is very much similar to that of corporates, although the rating criteria used differ and measure, on the one hand, qualitative criteria such as economic environment, regulatory and legal framework or competitive position and, on the other hand, financial criteria are assessed to evaluate the institution’s financial soundness. The final rating allows for judgmental overrides as seen above.74 | EIB Group Risk Management Disclosure Report 2019

Non-EU sovereigns are rated by the Economics Department.The internal rating model for sub-sovereign public authority (‘SSPA’) counterparties assesses the two main areas operating environment and financial position/risk to derive an initial rating from the scorecard. Subsequently, model-driven adjustments including a country test (to ensure the rating in line with the rating of the sovereign) and overriding adjustments (expert-based) and market information are made.A specific internal rating model exists for public sector entities (‘PSE’) that are neither sovereign nor sub-sovereign public authorities, nor corporates. They are, though, considered within the institutions IRB exposure class for capital calculation purposes. For the initial scorecard rating, the business risk profile as well as the financial risk profile are assessed. For potential adjustments, the degree and likelihood of extraordinary support from the sponsoring sovereign or sub-sovereign are assessed via specific criteria.Internal rating modelsDue to the shortage of statistically relevant historical default data, the Bank relies on external estimates of PDs for its internal ratings. For EU counterparts, internal rating grades are mapped to Moody’s rating grades taking into account the criteria of the internal and external rating. The calibration method for PDs then relies on Moody’s published data and loss experience, adjusted for differences in the definition of default. For non-EU counterparties, default data history is provided through the GEMs (Global Emerging Markets Risk) database, which allows for statistical modelling. The calibration of PDs relies on GEMs and Moody’s data.The LGD model also relies mainly on external data and expert judgement given the lack of default data, and a downturn LGD is used for regulatory capital purposes. The LGD model differentiates between EU and non-EU sovereigns, corporates (including Project Finance), financial and public institutions. Credit risk mitigation clauses have a considerable impact on LGD and are taken into account for determining the LGD of a transaction. For non-EU counterparts, the LGD is statistically estimated and annually reviewed on the basis of GEMs data.On the basis of the protection provided by its Preferred Creditor Status (PCS) and Statute (Article 26.2, exemption from all forms of requisition or expropriation), the Bank deems full recovery of its EU Member States assets upon maturity 3 . Hence, the Bank assumes no credit risk on direct and guaranteed exposures to MS.To obtain own estimates of Credit Conversion Factors (‘CCFs’) for the EAD calculation, the Bank uses a CCF model that takes into consideration the type and maturity of the credit exposure, including especially the extent to which details on future disbursements are known or unknown. The model differentiates between the counterparty type and whether the counterparty is located in or outside the EU. 3 The EIB exposure to EU Member States, except for exposure in the form of debt instruments with collective action clauses.EIB Group Risk Management Disclosure Report 2019 | 75

76 | EIB Group Risk Management Disclosure Report 2019 Credit exposures and RWA Table 6-15: Estimation of weighted-average risk parameters by IRB portfolio and PD range at year-end This table provides averages of risk parameters used as input into the calculation of IRB capital requirements. 31.12.2019 PD scale On- balance sheet exposure Undrawn commitmen ts (pre-CCF) WA- CCF EAD (postCCF) WA- PD Numberofcounter- parties Avg- EAD WA- LGD WA-M RWA RWAdensity RGC EL (%) (EUR m) (EUR m) (%) (EUR m) (%) (EURm) (%) (years) (EUR m) (%) (EURm) (EURm) Central governments and Central Banks 0 to 0.15 127,331 22,455 82.3 145,811 0.1 121 1,205 4.2 13.2 3,808 2.6 304 3 0.15 to 0.25 18,959 5,601 78.4 23,351 0.2 4 5,838 0.0 11.3 0 0.0 0 0 0.25 to 0.35 6,270 3,927 78.4 9,349 0.3 5 1,870 0.2 12.6 37 0.4 3 0 0.35 to 0.5 865 1,079 75.0 1,674 0.5 2 837 20.1 18.3 762 45.5 61 2 0.5 to 0.75 0 0 n.a. 0 n.a. 0 n.a. n.a. n.a. 0 n.a. 0 0 0.75 to 1.35 66 68 75.0 117 0.9 1 117 18.3 12.7 49 42.4 4 0 1.35 to 2.5 17,789 2,309 80.8 19,654 1.6 5 3,931 3.3 12.1 1,861 9.5 149 14 2.5 to 5.5 13 338 75.0 266 3.3 4 67 20.1 17.0 204 76.5 16 2 5.5 to 10.0 1 340 75.0 256 7.2 1 256 20.0 22.0 241 94.1 19 4 10.0 to 20.0 4 151 75.0 118 13.6 2 59 20.0 24.2 135 114.5 11 3 20.0 to 100.0 2 301 75.0 228 26.0 3 76 22.0 21.8 319 139.9 26 13 100.0 (Default) 0 0 n.a. 0 n.a. 0 n.a. n.a. n.a. 0 n.a. 0 0 Unrated 0 0 n.a. 0 n.a. 1 0 n.a. n.a. 0 n.a. 0 0 Sub-total 171,300 36,569 80.7 200,824 0.3 149 1,348 3.7 12.9 7,416 3.7 593 41 Institutions 0 to 0.15 134,458 20,021 80.9 150,649 0.1 632 238 32.4 11.4 36,685 24.4 2,935 30 0.15 to 0.25 21,390 4,639 85.0 25,335 0.2 112 226 21.6 11.5 8,565 33.8 685 9 0.25 to 0.35 6,676 703 87.9 7,294 0.3 68 107 33.3 7.9 3,766 51.6 301 7 0.35 to 0.5 108 248 84.0 316 0.5 2 158 32.2 16.1 273 86.4 22 0 0.5 to 0.75 1,397 538 80.9 1,832 0.5 44 42 28.9 11.0 1,307 71.3 105 3 0.75 to 1.35 5,406 389 89.3 5,753 0.9 32 180 23.6 6.3 3,776 65.6 302 12 1.35 to 2.5 1,789 90 88.0 1,868 2.0 36 52 23.0 6.5 1,304 69.8 104 9 2.5 to 5.5 670 0 n.a. 670 n.a. 17 39 20.8 4.5 475 70.9 38 5 5.5 to 10.0 1,792 634 79.0 2,293 6.0 19 121 38.6 5.7 3,681 160.5 295 53 10.0 to 20.0 210 49 98.5 258 10.2 11 23 7.3 3.3 92 35.5 7 2 20.0 to 100.0 0 0 n.a. 0 n.a. 0 n.a. n.a. n.a. 0 n.a. 0 0 100.0 (Default) 320 0 n.a. 320 n.a. 2 160 11.0 12.2 32 9.9 3 55 Unrated 879 680 75.2 1,390 100.0 31 45 44.7 5.4 0 0.0 0 622 Sub-total 175,095 27,991 81.8 197,978 1.1 1,006 197 30.7 11.0 59,956 30.3 4,797 807 Corporates (including Specialised Lending) 0 to 0.15 60,585 7,871 84.8 67,263 0.1 224 300 38.1 9.4 23,063 34.3 1,844 23 0.15 to 0.25 21,569 1,964 84.7 23,232 0.2 138 168 37.1 9.9 11,019 47.4 882 15 0.25 to 0.35 12,729 1,153 84.2 13,699 0.3 152 90 36.5 10.8 8,340 60.9 667 15 0.35 to 0.5 11 200 87.6 186 0.5 3 62 32.2 6.9 178 95.7 14 0 0.5 to 0.75 4,848 240 89.2 5,062 0.5 90 56 33.3 12.7 3,645 72.0 292 9 0.75 to 1.35 2,522 514 89.1 2,980 0.9 55 54 36.0 9.1 2,699 90.6 216 10 1.35 to 2.5 2,583 320 83.3 2,849 1.8 79 36 36.1 13.9 3,323 116.6 266 19 2.5 to 5.5 845 165 86.5 988 3.6 19 52 34.4 11.3 1,352 136.9 108 12 5.5 to 10.0 759 220 77.8 930 6.7 52 18 26.6 9.4 1,148 123.5 92 17 10.0 to 20.0 335 116 83.6 432 11.7 42 10 37.0 11.9 865 200.1 69 18 20.0 to 100.0 550 446 83.7 923 26.0 26 36 31.1 6.7 1,982 214.7 159 75 100.0 (Default) 1,523 65 85.8 1,578 100.0 26 61 34.0 12.2 3,983 252.4 319 302 Unrated 355 935 93.2 1,227 100.0 32 38 56.0 12.1 0 0.0 0 687 Sub-total 109,214 14,209 85.4 121,349 2.84 938 129 37.4 9.9 61,597 50.8 4,928 1,202

EIB Group Risk Management Disclosure Report 2019 | 77 31.12.2018 (restated) PD scale On- balance sheet exposure Undrawn commitmen ts (pre-CCF) WA- CCF EAD (postCCF) WA- PD Numberof counter-parties Avg- EAD WA- LGD WA-M RWA RWAdensity RGC EL (%) (EUR m) (EUR m) (%) (EUR m) (%) (EUR (%) (years) (EUR m) (%) (EUR (EUR Central governments and Central Banks 0 to 0.15 141,277 22,622 82.81 160,010 0.1 116 1,379 3.8 12.3 3,930 2.5 314 3 0.15 to 0.25 6,448 2,093 80.56 8,134 0.2 2 4,067 0.0 15.4 0 0.0 0 0 0.25 to 0.35 18,628 4,633 78.36 22,258 0.3 6 3,710 0.1 9.9 41 0.2 3 0 0.35 to 0.5 701 650 75 1,189 0.5 1 1,189 22.1 18.5 604 50.8 48 1 0.5 to 0.75 2,763 906 86.74 3,549 0.5 1 3,549 0.0 13.6 0 0.0 0 0 0.75 to 1.35 103 0 n.a. 103 n.a. 1 103 10.5 3.6 20 19.7 2 0 1.35 to 2.5 18,325 1,515 80.78 19,548 2.1 4 4,887 2.0 12.3 1,027 5.3 82 6 2.5 to 5.5 2 200 75 152 2.6 1 152 22.1 12.3 122 80.3 10 1 5.5 to 10.0 0 0 n.a. 0 n.a. 0 n.a. n.a. n.a. 0 n.a. 0 0 10.0 to 20.0 0 0 n.a. 0 n.a. 1 0 n.a. n.a. 0 n.a. 0 0 20.0 to 100.0 0 0 n.a. 0 n.a. 0 n.a. n.a. n.a. 0 n.a. 0 0 100.0 (Default) 0 0 n.a. 0 n.a. 0 n.a. n.a. n.a. 0 n.a. 0 0 Unrated 0 0 n.a. 0 n.a. 1 0 n.a. n.a. 0 n.a. 0 0 Sub-total 188,247 32,619 81.84 214,943 0.3 134 1,604 3.2 12.2 5,744 2.7 459 11 Institutions 0 to 0.15 135,921 20,086 81.8 152,351 0.1 598 255 32.6 11.4 37,244 24.4 2,980 31 0.15 to 0.25 16,122 4,516 80.13 19,741 0.2 98 201 20.7 12.9 6,297 31.9 504 7 0.25 to 0.35 13,762 1,653 81.01 15,100 0.3 77 196 29.7 7.8 8,814 58.4 705 13 0.35 to 0.5 103 246 79.24 298 0.5 3 99 32.2 17.2 263 88.2 21 0 0.5 to 0.75 1,570 429 89.5 1,954 0.5 39 50 28.4 10.5 1,324 67.8 106 3 0.75 to 1.35 2,983 989 86.79 3,841 0.9 42 91 18.4 8.1 1,862 48.5 149 6 1.35 to 2.5 5,093 161 91.87 5,241 1.7 39 134 32.2 5.9 5,599 106.8 448 26 2.5 to 5.5 909 0 n.a. 909 n.a. 16 57 16.8 5.0 551 60.6 44 5 5.5 to 10.0 1,253 15 82.34 1,266 5.9 9 141 30.4 5.0 1,582 124.9 127 23 10.0 to 20.0 692 199 94.68 880 10.2 21 42 43.2 5.8 2,047 231.9 163 56 20.0 to 100.0 0 0 n.a. 0 n.a. 1 0 n.a. n.a. 0 n.a. 0 0 100.0 (Default) 0.0 0.0 n.a. 0.0 n.a. 0.0 n.a. n.a. n.a. 0 n.a. 0 0 Unrated 215 496 75.04 588 100.0 26 23 62.3 8.0 0 0.0 0 366 Sub-total 178,623 28,790 81.78 202,169 0.5 969 209 30.9 10.9 65,583 32.4 5,247 536 Corporates (including Specialised Lending) 0 to 0.15 63,703 6,863 85.2 69,551 0.1 235 296 38.5 9.4 24,010 34.5 1,921 24 0.15 to 0.25 21,872 1,504 87.8 23,193 0.2 141 164 37.3 10.3 11,116 47.9 889 15 0.25 to 0.35 12,903 1,011 88.9 13,801 0.3 158 87 34.0 10.6 7,735 56.0 619 14 0.35 to 0.5 112 200 87.6 287 0.5 5 57 32.2 8.9 253 88.3 20 0 0.5 to 0.75 4,578 419 89.9 4,955 0.5 88 56 32.6 14.6 3,492 70.5 279 8 0.75 to 1.35 2,290 917 86.8 3,086 0.9 60 51 36.9 10.7 2,952 95.6 236 10 1.35 to 2.5 1,760 327 90.3 2,054 1.7 71 29 33.7 14.9 2,147 104.5 172 12 2.5 to 5.5 1,751 178 89.0 1,909 3.3 47 41 26.3 13.0 1,880 98.5 150 17 5.5 to 10.0 519 251 78.7 716 6.4 49 15 27.4 10.2 878 122.6 70 13 10.0 to 20.0 678 454 77.2 1,028 12.5 52 20 28.2 9.8 1,732 168.4 139 38 20.0 to 100.0 63 2 87.6 65 26.0 2 33 2.1 3.7 9 14.3 1 0 100.0 (Default) 1,580 62 81.7 1,630 100.0 28 58 34.4 11.9 3,074 188.6 246 420 Unrated 137 828 95.5 931 100.0 24 39 49.3 14.8 0 0.0 0 460 Sub-total 111,946 13,016 86.5 123,206 2.5 960 128 37.1 10.2 59,278 48.1 4,742 1,031

78 | EIB Group Risk Management Disclosure Report 2019 Table 6-16: Back-testing the internal rating process and PD per portfolio These tables include estimates of defaults against actual defaults per exposure class. The number of defaulted obligors in the year is based on the internal default definition. PD Range External Rating equivalent Weighted average PD Arithmetic Average PD byobligors Number of obligors Obligors defaulted inthe year of which new obligors 31.12.2019* 31.12.2018(restated) Central Governments and Central Banks 0.00% - 0.01% Aaa 0.01% 0.01% 42 44 0 0 0.02% - 0.03% Aa 0.02% 0.02% 38 33 0 0 0.04% - 0.08% A 0.07% 0.05% 24 23 0 0 0.09% - 0.30% Baa 0.17% 0.15% 26 24 0 0 0.31% - 1.43% Ba 1.34% 0.94% 5 5 0 0 1.44% - 5.94% B 2.30% 3.05% 7 3 0 0 5.95% - 99% C 15.56% 18.74% 6 1 0 0 100% D n.a. n.a. 0 0 0 0 Institutions 0.00% - 0.01% Aaa 0.00% 0.00% 0 0 0 0 0.02% - 0.03% Aa n.a n.a 0 0 0 0 0.04% - 0.08% A 0.04% 0.05% 551 513 1 0 0.09% - 0.30% Baa 0.16% 0.19% 261 259 0 0 0.31% - 1.43% Ba 0.84% 0.82% 96 107 0 0 1.44% - 5.94% B 4.31% 3.83% 52 41 0 0 5.95% - 99% C 9.42% 9.75% 13 22 0 0 100% D 100% 100% 2 1 0 0 Corporates 0.00% - 0.01% Aaa n.a n.a 0 0 0 0 0.02% - 0.03% Aa n.a n.a 0 0 0 0 0.04% - 0.08% A 0.07% 0.06% 117 133 0 0 0.09% - 0.30% Baa 0.17% 0.20% 397 403 0 0 0.31% - 1.43% Ba 0.75% 0.82% 187 184 1 0 1.44% - 5.94% B 3.01% 3.38% 79 115 1 0 5.95% - 99% C 17.21% 14.51% 100 75 0 0 100% D 100% 100% 26 29 0 0 * Mapped to the External Rating equivalent

EIB Group Risk Management Disclosure Report 2019 | 79 Table 6-17: Changes in IRB Credit risk RWA during 2019 EUR million RWA as at 1.1.2019 168,036 Asset size 4,605 Asset quality 2,380 Model updates 0 Methodology and policy 0 Other (including foreign exchange movements) 120 RWA as at 31.12.2019 175,141 Table 6-18: Credit risk mitigation effect on RWA This table shows the effect of CRM on the IRB capital requirements for the loan and equity portfolios. 31.12.2019 RWA before CRM After application of financial collateral After application of financial guarantees EUR million Cash and other assets 1,154 1,154 1,154 Central governments and Central Banks 53,501 53,501 7,416 Institutions 87,959 68,870 59,956 Corporates (including Specialised Lending) 64,657 63,508 61,597 Equity 45,018 45,018 45,018 Total 252,289 232,051 175,141 31.12.2018 (restated) RWA before CRM After application of financial collateral After application of financial guarantees EUR million Cash and other assets 999 999 999 Central governments and Central Banks 55,625 55,625 5,744 Institutions 97,067 77,478 65,583 Corporates (including Specialised Lending) 63,100 61,360 59,278 Equity 36,432 36,432 36,432 Total 253,223 231,894 168,036

80 | EIB Group Risk Management Disclosure Report 2019 Table 6-19: Exposure weighted-average risk parameters by relevant geographical region 31.12.2019 On-balancesheet exposure Off-balancesheet exposure pre-CCF WA-CCF EAD post-CCF WA-PD WA-LGD WA-maturity (EUR m) (EUR m) (%) (EUR m) (%) (%) (years) Austria 12,845 1,588 84.2 14,182 0.1 22.3 13 Belgium 10,925 2,607 78.2 12,963 0.9 25.0 16 Bulgaria 1,381 487 75.4 1,749 0.2 6.8 18 Croatia 3,099 1,280 83.0 4,162 0.3 9.5 12 Cyprus 2,142 577 81.4 2,612 0.3 0.6 15 Czech Republic 5,996 1,357 75.9 7,025 0.1 18.5 8 Denmark 3,104 285 81.1 3,335 0.1 33.7 4 Estonia 1,084 259 79.5 1,290 0.1 13.7 12 Finland 8,570 2,336 80.2 10,443 0.2 23.1 16 France 52,577 9,473 80.3 60,186 0.9 26.5 13 Germany 38,277 7,312 85.4 44,522 1.0 26.7 9 Greece 15,576 2,519 82.1 17,644 2.6 1.5 13 Hungary 7,754 1,633 80.9 9,074 0.2 2.1 10 Ireland 5,822 1,338 77.9 6,863 2.2 14.7 13 Italy 44,792 10,072 83.1 53,162 0.8 33.1 12 Latvia 692 418 79.6 1,025 0.1 11.7 12 Lithuania 1,838 22 85.3 1,857 0.1 2.8 17 Luxembourg 6,689 408 75.0 6,995 2.0 6.3 2 Malta 302 147 77.8 416 0.1 3.6 15 Netherlands 15,482 2,745 88.2 17,903 0.8 37.2 10 Poland 29,250 8,926 81.5 36,523 0.1 10.1 17 Portugal 14,849 1,399 81.4 15,987 1.5 21.7 7 Romania 2,672 2,801 78.5 4,872 5.5 12.7 10 Slovakia 3,090 1,228 80.1 4,073 0.1 12.3 12 Slovenia 2,727 577 77.5 3,174 0.1 7.2 15 Spain 80,460 3,098 81.4 82,982 0.2 14.3 10 Sweden 8,682 2,595 84.7 10,880 0.1 26.0 9 United Kingdom 40,621 1,867 77.7 42,072 2.7 27.1 14 Non-EU 32,501 7,572 79.6 38,526 4.7 32.4 6 Supranationals 1,812 1,843 100.0 3,655 0.0 4.9 6 Total 455,611 78,769 81.9 520,152 1.2 21.8 11

EIB Group Risk Management Disclosure Report 2019 | 81 31.12.2018 On-balancesheet exposure Off-balancesheet exposure pre-CCF WA-CCF EAD post CCF WA-PD WA-LGD WA-Maturity (EUR m) (EUR m) (%) (EUR m) (%) (%) (years) Austria 13,502 1,885 84.8 15,100 0.1 25.9 13 Belgium 10,528 2,241 80.1 12,323 0.5 20.8 15 Bulgaria 1,258 439 75.0 1,587 0.2 3.4 20 Croatia 3,124 981 87.3 3,981 0.6 6.4 13 Cyprus 2,112 649 80.5 2,635 0.6 1.2 16 Czech Republic 6,179 282 79.7 6,404 0.1 16.9 8 Denmark 4,735 182 75.7 4,873 0.1 43.9 5 Estonia 945 289 83.5 1,187 0.1 11.5 9 Finland 6,946 2,408 80.8 8,892 0.1 21.8 17 France 52,724 10,339 82.0 61,198 0.3 28.5 14 Germany 37,180 7,109 83.5 43,118 0.8 26.7 10 Greece 15,577 1,596 82.9 16,901 3.4 2.8 13 Hungary 7,886 1,647 84.1 9,272 0.3 1.5 11 Ireland 5,234 1,195 77.7 6,162 3.1 13.2 14 Italy 46,838 8,448 82.6 53,817 1.1 31.2 12 Latvia 657 200 76.5 810 0.1 10.6 11 Lithuania 1,540 379 79.3 1,841 0.1 5.2 18 Luxembourg 21,565 220 83.3 21,748 0.7 1.6 0 Malta 304 101 76.0 381 0.1 3.8 16 Netherlands 16,026 2,326 83.2 17,961 0.2 42.5 10 Poland 30,376 8,310 81.5 37,152 0.1 11.4 17 Portugal 17,594 1,057 84.1 18,483 1.7 20.9 7 Romania 2,631 2,412 75.8 4,459 0.3 5.6 11 Slovakia 2,933 1,502 81.0 4,150 0.1 7.9 11 Slovenia 2,682 412 75.5 2,993 0.1 2.4 17 Spain 83,108 4,422 83.6 86,803 0.2 14.4 11 Sweden 8,606 2,214 82.1 10,423 0.1 24.1 9 United Kingdom 39,675 2,973 82.0 42,113 2.2 27.7 14 Non EU 33,801 5,199 81.6 38,043 3.6 31.5 6 Supranationals 2,551 3,008 98.4 5,511 0.0 4.1 8 Total 478,817 74,425 82.6 540,321 0.9 21.3 11

82 | EIB Group Risk Management Disclosure Report 2019 Table 6-20: Equities under the simple risk-weight method This table provides an overview of the main types of equities and the risk weights applied. 31.12.2019 EUR million Regulatory categories On-balancesheet exposure Off-balancesheet exposure RW EAD RWA RGC EL Other equity exposures 2,086 3,352 370% 5,438 20,120 1610 131 Private equity exposures 8,446 4,658 190% 13,104 24,898 1,991 105 Total 10,532 8,010 18,542 45,018 3,601 236 31.12.2018 EUR million Regulatory categories On-balancesheet exposure Off-balancesheet exposure RW EAD RWA RGC EL Other equity exposures 1,297 2,496 370% 3,794 14,036 1123 91 Private equity exposures 6,663 5,124 190% 11,787 22,396 1,792 94 Total 7,960 7,620 15,581 36,432 2,915 185 Table 6-21: Cash and other non-credit obligation exposuresThis table provides an overview of other assets, such as cash, property, plant and equipment. It shows all such exposures, the risk weight and RWA. EUR million 31.12.2019 31.12.2018 Risk weight Exposure RWA RGC Exposure RWA RGC Cash 0% 1,387 0 0 933 0 0 Other 100% 1,180 1,154 92 999 999 80 Total 2,567 1,154 92 1,932 999 80

Counterparty credit riskCounterparty credit risk managementIntroductionCounterparty credit risk is defined as the risk that the counterparty of an OTC derivatives transaction or securities-financing transaction (‘SFT’) defaults before the final settlement of the transaction’s cash flows and the counterparty will not be able to fulfil present and future payment obligations. The exposure at risk changes over time as market parameters change and it is of bilateral nature. SFTs, such as reverse repurchase and repurchase agreements are calculated under the Financial Collateral Comprehensive Method.EIB uses derivatives, mainly currency and interest rate swaps, but also structured swaps, forward rate agreements and currency forwards, as part of its ALM activities to manage exposures to interest rate and foreign currency risk and as part of its treasury operations. The Fund does not hold derivatives.EIB enters into SFTs, mostly in the form of reverse repos with banking counterparties. Such transactions are used as part of its treasury management activities to place liquidity not immediately needed for disbursement of loans. The Fund does not engage in SFTs.Mitigation, monitoring and reportingEIB’s counterparty credit risk is governed by its financial risk guidelines. The Derivatives division within RM is responsible for monitoring and measuring counterparty credit risk on derivatives and the Treasury & Liquidity division for monitoring and measuring counterparty credit risk on SFTs. Changes to models and methodology in relation to counterparty credit risk for derivatives are discussed by the Derivatives Strategy and Model Committee, which meets quarterly and has the mission to analyse and discuss possible improvements in policies, procedures, models, methods and tools that constitute the operational framework for derivatives transactions at the EIB.The EIB uses internal credit limits for derivatives and SFTs, which are approved by the Management Committee, and monitored on a daily basis. Corrective actions will be taken in the event of limit breaches and dedicated daily reporting about limit usage is in place. Credit limits for derivatives are set on the Potential Future Exposure computed in a simulation engine on multiple time points and under various rating scenarios. To compute the credit limit usage of SFTs, exposures are weighted by fixed percentages depending on the SFT type. Exposures and limits for derivatives and SFTs are consolidated with general credit risk exposures in the global limit system to manage these within the overall credit processes.A number of credit risk mitigants are used to limit EIB’s counterparty credit risk. To be able to trade derivatives with the EIB, commercial banks need to enter into an ISDA Master Agreement with a Credit Support Annex (‘CSA’) that has rating dependent thresholds, and the counterparty also needs to satisfy a minimum rating requirement. Institutions such as Multilateral Development Banks are not required to enter into CSAs. In order to trade repos with EIB, commercial banks need to enter into a GMRA. The GMRAs currently in place do not have rating-dependent parameters. Eligibility criteria for derivatives and repo counterparties as well as risk limits are approved by the ManagementEIB Group Risk Management Disclosure Report 2019 | 83

84 | EIB Group Risk Management Disclosure Report 2019 Committee. All derivative exposures are priced on a daily basis and if applicable collateralised by cash or bonds under a CSA which allows for daily margin calls in nearly all cases. The EIB does not post collateral under any CSA. Collateral received is monitored and valued regularly and an internal haircut that is at least as conservative as the regulatory haircut is applied for internal and external exposure measurement purposes. Margining for SFTs such as tri-party repos is outsourced to tri-party agents that calculate exposure and administer margin calls on an intra-day basis. Margining for SFTs such as bilateral repos is performed by EIB on a daily basis. The exposure is fully collateralised at transaction level, with a subsequent call in accordance with the underlying agreement.Wrong-way risk arises when there is significant increasing exposure to a counterparty combined with a simultaneous increase in the probability of the counterparty’s default. Wrong-way risk is commonly categorised into two types: Specific Wrong-Way Risk (SWWR) and General Wrong-Way Risk (GWWR). SWWR occurs when future exposure to a specific counterparty is highly (positively) correlated with the counterparty’s credit quality due to the nature of the transactions with that counterparty. GWWR occurs when there is high (positive) correlation between the probability of default of a counterparty and general market risk factors affecting the exposure to that counterparty.The EIB has procedures in place to actively identify, monitor and control SWWR at trade inception and continuing throughout its term. Additionally, for derivative transactions, the EIB manages GWWR within the derivatives limit framework by applying conservative assumptions on market-risk factor volatilities producing a strong positive correlation between the counterparty default and the Bank’s potential future exposure to that counterparty.MeasurementThe Bank currently uses the Mark-to-market method for calculating regulatory derivative exposures for capital adequacy purposes. This approach is based on the current market value of a derivative plus an add-on that is supposed to cover future changes in value and netting as well as collateral which can be incorporated. Collateral applied in this calculation receives the regulatory risk haircut.The own- funds requirements for Credit Valuation Adjustment (‘CVA’) risk is calculated in accordance with the Standardised method and includes both OTC derivatives and SFTs.

EIB Group Risk Management Disclosure Report 2019 | 85 7.2. Quantitative disclosureThis section provides an overview of the exposures, RWA and capital requirements the Bank assumes with regard to counterparty credit risk. The bank has neither exposure on derivatives to a central counterparty clearing house (CCP), nor does it have any credit derivatives transactions. In terms of SFTs it transacts cleared reverse repos and repos with one qualifying CCP, the rest being dealt with non-qualifying CCPs or with banking counterparties. Table 7-1: Analysis of counterparty credit risk exposure (CCR) by approach This table provides an overview of counterparty credit risk regulatory requirements and the methods used to calculate it. 31.12.2019 ReplacementCost Potential Future CreditExposure EAD post-CRM RWA RGC EL EUR million Mark-to-market method (OTC derivatives) 49,833 16,494 10,043 5,010 401 2 Financial collateral comprehensive method (SFTs) n.a. n.a. 2,971 146 12 0 Total 49,833 16,494 13,014 5,156 413 2 31.12.2018 ReplacementCost Potential Future CreditExposure EAD post-CRM RWA RGC EL EUR million Mark-to-market method (OTC derivatives) 42,357 16,107 8,664 4,401 352 2 Financial collateral comprehensive method (SFTs) n.a. n.a. 363 23 2 56 Total 42,357 16,107 9,027 4,424 354 58

86 | EIB Group Risk Management Disclosure Report 2019 Table 7-2: IRB - CCR exposures by portfolio and PD scale All CCR exposures are treated under IRB for credit risk capital calculations. The below table provides a detailed analysis of exposures by portfolio and PD scale, equivalent to Table 6.15, where non-derivatives exposures were captured.“WA-“refers to exposure-weighted averages of respective risk parameters. 31.12.2019 Portfolio PD scale EAD post-CRM WA-PD Number of obligors WA- LGD WA-maturity RWA RWAdensity RGC EL (%) (EUR m) (%) (%) (years) (EUR m) (%) (EUR m) (EUR m) 0 to 0.15 9,795 0.04 49 52.0 20.6 4,671 47.7 374 2 OTC derivatives 0.15 to 0.25 248 0.17 3 69.9 34.7 339 136.6 27 0 0.25 to 0.35 0 0.30 1 30.0 17.5 0 56.5 0 0 Unrated 0 n.a. n.a. n.a. n.a. 0 n.a. 0 0 SFTs 0 to 0.15 2,971 0.04 25 45.6 0.2 146 4.9 12 0 Unrated 0 n.a. n.a. n.a. n.a. 0 n.a. 0 0 Total 13,014 0.04 67 50.8 16.2 5,156 39.6 413 2 31.12.2018 Portfolio PD scale EAD post-CCF WA-PD Number of obligors WA- LGD WA-maturity RWA RWAdensity RGC EL (%) (EUR m) (%) (%) (years) (EUR m) (%) (EUR m) (EUR m) 0 to 0.15 8,342 0.04 50 50.3 18.9 4,015 48.1 321 2 OTC derivatives 0.15 to 0.25 322 0.17 3 61.2 29.5 386 119.7 31 0 0.25 to 0.35 0 0.30 1 30.0 18.5 0 56.5 0 0 Unrated 0 n.a. n.a. n.a. n.a. 0 n.a. 0 0 SFTs 0 to 0.15 289 0.03 13 56.3 0.2 23 8.1 2 0 Unrated 75 100 1 75.0 0.1 0 0.0 0 56 Total 9,028 0.87 63 51.1 18.5 4,424 49.0 354 58 Table 7-3: Credit valuation adjustment (CVA) overview This table provides an overview of the CVA Capital Charge at the EIB, which is calculated according to the Standardised Approach. EUR million EAD post-CRM CVA RWA CVA RGC 31.12.2019 12,504 6,213 497 31.12.2018 9,028 5,553 444

EIB Group Risk Management Disclosure Report 2019 | 87 Table 7-4: Impact of netting and collateral held on exposure values This table provides an overview of the impact of netting and collateral held on counterparty credit risk exposures. 31.12.2019 Gross positivefair value or net carrying amount Netted current credit exposure Collateral held (after haircut) Net credit exposure Netting benefits EUR million Mark-to-market method (OTC derivatives) 49,833 31,803 18,030 19,897 937 Financial collateral comprehensive method (SFTs) 18,009 1,182 16,827 18,975 0 Total 67,842 32,985 34,857 38,872 937 31.12.2018 Gross positivefair value or net carrying amount Netted current credit exposure Net credit exposure Netting benefits Collateral held EUR million Mark-to-market method (OTC derivatives) 42,357 29,167 13,190 14,690 761 Financial collateral comprehensive method (SFTs) 8,481 0 8,481 9,837 0 Total 50,838 29,167 21,671 24,527 761 The Group receives a material amount of collateral for derivatives covered by a CSA and for reverse repurchase transactions covered by a GMRA. A comprehensive overview of the composition of collateral received for derivatives under an ISDA Master Agreement can be found in Note S.2.5.1, while a summary of collateral received in SFTs is given in Note S.2.4.2 of the Consolidated Financial Statements under IFRS. Not all such collateral is eligible for regulatory calculations.

SecuritisationSecuritisation managementIntroductionSince 1 January 2019, the Group has applied the new EU securitisation framework, which comprises:Regulation (EU) 2017/2402 (the ‘Securitisation Regulation’) establishing a set of criteria for identifying simple, transparent and standardised (‘STS’) securitisation; andRegulation (EU) 2017/2401 (the ‘CRR amending Regulation’) containing targeted amendments to the CRR with regard to capital treatment of securitisations held by credit institutions.As per the Securitisation Regulation’s definitions, securitisation refers to a transaction or scheme, where the credit risk associated with an exposure or pool of exposures is tranched and has the following characteristics:payments in the transaction or scheme are dependent upon the performance of the exposure or pool of exposures, andthe subordination of tranches determines the distribution of losses during the ongoing life of the transaction or scheme.A “traditional securitisation” is one where there is an economic transfer of the exposures being securitised from the originator institution to a securitisation special purpose entity (‘SSPE’), while in a “synthetic securitisation” the transfer of risk is achieved by the use of credit derivatives or guarantees, and the exposures being securitised remain exposures of the originator.A “re-securitisation” means securitisation where at least one of the underlying exposures is a securitisation position.It should be noted that the Group has not yet implemented the STS criteria for regulatory capital purposes. Therefore, all securitisations are treated as non-STS.The Group has exposure to both synthetic and traditional securitisations as investor and is originator of synthetic securitisation and re-securitisation structures. At a high level, the Group is involved in the following transactions, and more details are provided below:The Bank invests in Loan Substitutes, which are typically ABS or Covered Bonds4;The Bank has exposure to several facilities that focus on debt-based financing via loans and guarantees, where a part of the first loss is taken by a third party and the Bank is the originator of these synthetic securitisations; 4 Covered Bonds are not treated as securitisation for regulatory capital treatments though, and are only referred to here as they constitute part of the loan substitute portfolio.88 | EIB Group Risk Management Disclosure Report 2019

Under its Guarantees, Securitisation and Inclusive Finance (‘GS&IF‘) business, the EIF provides guarantees to financial intermediaries, credit enhancement to SME securitisation transactions and can purchase tranches of SME securitisation transactions.Securitisation activities and the Group’s objectivesThe EIB Group uses so-called Loan Substitutes as alternative financing structures to reach new clients, enhance value added and improve the Group’s risk profile. The following types of Loan Substitute transactions are used at the Group:Acquisition of Asset-Backed Securities (‘ABS’), which are structured debt securities issued by a bankruptcy-remote SSPE and backed by a pool of financial assets.Investments in Structured Public Sector Bonds, which are obligations of public sector issuers, in which securitisation techniques are used to enhance the credit profile, e.g. through segregation or ring-fencing of certain of the issuer’s assets. The credit risk has to be equal to a public sector loan and these products were therefore included in the quantitative disclosures.By utilising capital market instruments, such as covered bonds and ABS as a substitute for loans, the Bank significantly increases its ability to diversify the nature of its lending activity. In the field of SME securitisations, the EIB and the EIF cooperate closely to ensure a consistent risk-assessment approach within the Group.In November 2014, the EIB Group and the European Commission jointly announced the Investment Plan for Europe (‘IPE’), to tackle the investment gap that is hampering economic growth and competitiveness in the European Union. Against the backdrop of economic reforms, fiscal responsibility of the Member States and the removal of barriers to complete the Single Market, the European Fund for Strategic Investments (‘EFSI’) is the key financial component of the IPE, aiming to address existing market failures and sub-optimal investment conditions. After its extension, which was agreed upon during 2018, and based on a total of EUR 33.5 billion in risk capital contributions from the EC (EUR 26 billion) and the EIB (EUR 7.5 billion), EFSI is expected to raise more than EUR 95 billion of additional financing through the EIB Group, to crowd in other investors for a targeted additional EUR 500 billion of investment activity catalysed throughout Europe by 2022.Importantly, EFSI is not a separate legal entity but covers a portfolio of financing operations on the EIB Group’s balance sheet, which is supported by the EU budget. Notwithstanding the special eligibility rules as defined in the EFSI legislation and the innovative financing instruments facilitated by EFSI, all EFSI operations are EIB operations and fully comply with the Bank’s general standards. The EFSI is deployed by both the EIB and the EIF through the Infrastructure and Innovation Windows (“IIW”) and the SME Window, respectively.The Bank also has exposure to several similar programmes, which are all structured in a similar way, such that the EIB is the originator and the risk transfer is done synthetically through guarantees. These include the Guarantee Fund Greece, the Connecting Europe Facility (‘CEF’) and InnovFin. Details on the exact objectives can be found in the EIB Group Financial Statements.Through its Guarantees and Securitisation (‘G&S’) business, the EIF is a major provider of guarantees on SME financing and its aim is to catalyse bank lending to support SMEs and small mid-caps. The EIFEIB Group Risk Management Disclosure Report 2019 | 89

cooperates with financial intermediaries to provide guarantees on specific tranches of securitisation of SME loan/lease portfolios. The guarantee activities are split into own and mandate activities:EIF uses its own capital to credit-enhance tranches of securitisations, which transfer risk from the financial institution providing the loan or lease and enables funding; andEIF manages resources on behalf of the European Commission or Member States in mandate activities that facilitate granting of loans and leases to SMEs, where EIF acts as guarantor or counter-guarantor. One such mandate from EC is the Risk-Sharing Instrument (‘RSI/InnovFin’), which targets SMEs and mid-caps in research, development and innovation and is managed by EIF. RSI/InnovFin is a guarantee facility, in which the EU takes the first-loss tranche and EIB/EIF the second-loss tranche.The different programmes are described further in the annual report of EIF. By providing guarantees (i.e. synthetic risk transfer), EIF can be seen as the investor in a synthetic securitisation. The nature of the activities expose the Group not only to credit risk and counterparty credit risk, but also to concentration risk, liquidity risk arising from liquidity needs to cover potential guarantee calls, foreign exchange risk if guarantees are not in EUR and potentially prepayment risk.EIB Group does have an exposure to re-securitisations, through the EFSI IIW Debt Hybrid portfolio. This specific portfolio has been set up for EFSI debt operations that cannot be rated internally or entail a securitisation structure and since 1 January 2019 are treated under the new EU securitisation framework.Management, monitoring and reportingIn relation to Loan Substitute transactions, the EIB Group attempts to minimise financial losses. This requires:An appropriate financial structure, allocation and mitigation of risks, including an appropriatelimit system also addressing EIB Group exposures;Consistency with the Bank's general approach, the application of the four-eyes principle;Appropriate and enforceable documentation;Monitoring of the transaction after purchase;Timely and active response and management of transactions in distress.Credit risk of loan substitutes is managed through an individual analysis of all inherent risks of a transaction, detailed analysis of new transactions and monitoring of the loan substitute portfolio, mainly relying on external ratings. Due to its importance, there is no cap on the overall volume of loan substitutes, unless they do not fulfil minimum acceptable criteria. TMR monitors loan substitutes on a continuous basis and actions are taken with respect to any deterioration of credit quality.Due to the complex structure of securitisations, the credit performance during times of stress can only be approximated. Therefore, the EIB’s credit review is prompted to identify the ability of the originator to cover high-quality assets, to understand the nature and potential of the risks, which arise in respect of the underlying asset pool.Loans under the EFSI IIW or similar structures are subject to the same approval, management, monitoring and reporting procedures as conventional lending transactions, i.e. the information provided in Chapter 6 applies. The residual risk of these loans is significantly reduced by the EU90 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 91 guarantee. In addition, for operations under the IIW, projects are submitted to the EFSI Investment Committee for inclusion in the EFSI portfolio partially guaranteed by the EU budget.The Group manages the credit risk arising from guarantee and securitisation transactions of the Fund that are financed by own resources under risk management policies (covered by the Statutes) and the EIF’s internal risk operational guidelines.Each new transaction is reviewed in detail to analyse the risks, the methodologies that should be applied and an internal rating assessment is performed. The performance of each transaction is reviewed regularly, at least on a quarterly basis but more frequently for transactions not performing to EIF’s expectations, and discussed at a semi-annual IRC (Investment Risk Committee) meeting. Semi- annual risk reports and quarterly surveillance reports are also submitted to the IRC on a quarterly basis. Further information in respect to EIF’s guarantee activities and its management, monitoring and reporting can be found in both the Group Financial Statements as well as in the Fund’s Annual Report.Measurement since 1 January 2019Following the entry into force of the new EU securitisation framework, the Group applies the following hierarchy of approaches:For securitisation activities in which EIB is the originator, i.e. EFSI and other mentioned facilities, and which are internally rated, the SEC-IRBA is used to calculate capital requirements. All such securitised assets remain on-balance sheet at the EIB.The SEC-SA is mandatorily used for re-securitisations (IIW Debt Hybrid portfolio), as well as positions for which the SEC-IRBA approach could not be applied. The SEC-SA relies on a formula using as an input the capital requirements that would be calculated under the Standardised Approach to credit risk in relation to the underlying exposures, as if they had not been securitised.When the first two approaches above cannot be followed, the Group applies the SEC-ERBA.Investments in securitisations without an external rating are deducted from capital.Measurement until 31 December 2018Securitisation activities in which EIB is the originator, i.e. EFSI and other mentioned facilities, are not externally rated and the Supervisory Formula Method (‘SFM’) is used to calculate capital requirements. All such securitised assets remain on-balance sheet at the EIB.The majority of loan substitutes are externally rated and therefore the Ratings Based Method (‘RBM’) is used to calculate regulatory capital. Ratings from all three major external rating agencies (Moody’s, S&P and Fitch) are obtained, when available, and the risk weights are determined according to the second best external rating. Investments in securitisations without an external rating are deducted from capital.

92 | EIB Group Risk Management Disclosure Report 2019 8.2. Quantitative disclosureTable 8-1: Securitisation activities - Balance of securitised product exposure and their type at the end of each reporting periodThis table presents the Group's total exposure to securitisation activities in the banking book during the reporting period, including the unfunded credit protections provided by the European Union. 31.12.2019 Bank acts as originator or sponsor Bank acts as investor EUR million Traditional Synthetic Sub-total Traditional Synthetic Sub-total Loans 0 100,577 100,577 5,616 3,568 9,184 Commercial mortgage 0 0 0 0 0 0 Lease and receivables 0 0 0 0 0 0 Re-securitisation 0 2,812 2,812 0 0 0 Wholesale (total) 0 103,389 103,389 5,616 3,568 9,184 31.12.2018 Bank acts as originator or sponsor Bank acts as investor EUR million Traditional Synthetic Sub-total Traditional Synthetic Sub-total Loans 0 83,287 83,287 5,390 14,179 19,569 Commercial mortgage 0 0 0 0 0 0 Lease and receivables 0 0 0 0 0 0 Re-securitisation 0 0 0 0 0 0 Wholesale (total) 0 83,287 83,287 5,390 14,179 19,569 Table 8-2: Securitisation positions and associated regulatory capital - Bank acting as originatorThis table presents securitisation banking book positions when the Group acts as originator with the associated capital requirements by the regulatory approach applied. Note that all exposures treated with 1250% risk weight are deducted from capital and therefore no RWA or capital requirement is given here.31.12.2019 EUR million Long-term external rating EAD RWA Regulatory capital AA- or better A+ to BBB- BB+ to CCC- Unrated SEC-IRBA SEC-SA SEC-ERBA 1250% / Deduction SEC-IRBA SEC-SA SEC-ERBA 1250% SEC-IRBA SEC-SA SEC-ERBA 1250% / Deduction Traditional 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Synthetic 423 305 1,039 101,623 88,785 13,975 0 629 6,527 7,654 0 0 522 612 0 0 Total 423 305 1,039 101,623 88,785 13,975 0 629 6,527 7,654 0 0 522 612 0 0 31.12.2018 EUR million Long-term external rating EAD RWA Regulatory capital AA- or better A+ to BBB- BB+ to CCC- Unrated IRB RBA IRB SFA SA / SSFA 1250% / Deduction IRB RBA IRB SFA SA / SSFA 1250% IRB RBA IRB SFA SA / SSFA 1250% / Deduction Traditional 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Synthetic 76 0 0 83,211 76 82,950 0 261 12 2,439 0 0 1 195 0 261 Total 76 0 0 83,211 76 82,950 0 261 12 2,439 0 0 1 195 0 261

EIB Group Risk Management Disclosure Report 2019 | 93 All securitised assets are retained on-balance sheet and no facilities are subject to early amortisation treatment.Table 8-3: Securitisation positions and associated regulatory capital - Bank acting as investorThe table presents securitisation banking book positions when the Group acts as investor with the associated capital requirements according to regulatory approach applied. 31.12.2019 EUR million Long-term external rating EAD RWA Regulatory capital AA- or better A+ to BBB- BB+ to CCC- Unrated SEC-IRBA SEC-SA SEC-ERBA 1250% / Deduction SEC-IRBA SEC-SA SEC-ERBA 1250% SEC-IRBA SEC-SA SEC-ERBA 1250% / Deduction Traditional 3,488 785 674 668 0 3,284 1,809 522 0 1,829 1,468 0 0 146 117 0 Synthetic 580 782 45 2,161 0 2,243 80 1,246 0 4,737 87 0 0 379 7 0 Total 4,068 1,567 719 2,829 0 5,527 1,889 1,768 0 6,566 1,555 0 0 525 124 0 31.12.2018 EUR million Long-term external rating EAD RWA Regulatory capital AA- or better A+ to BBB- BB+ to CCC- Unrated IRB RBA IRB SFA SA / SSFA 1250% / Deduction IRB RBA IRB SFA SA / SSFA 1250% IRB RBA IRB SFA SA / SSFA 1250% / Deduction Traditional 3,345 1,239 91 715 4,675 0 0 715 1,086 0 0 0 87 0 0 715 Synthetic 2,398 1,264 0 10,517 3,662 2,926 0 7,591 882 0 0 0 71 0 0 7,591 Total 5,743 2,503 91 11,232 8,337 2,926 0 8,306 1,968 0 0 0 158 0 0 8,306 All securitisation exposures are classified as held-to-maturity. Therefore, any gains or losses from sale are immaterial as they only occur when significant deterioration of the asset allows for a sale.Table 8-4: Summary of capital requirements (RGC) for securitisation activitiesThis table summarises the overall capital requirements and capital to be deducted from CET1 for securitisation activities of the Group. 31.12.2019 31.12.2018 EUR million EAD RWA RGC Capital deduction EAD RWA RGC Capital deduction Bank acts as originator 103,389 14,181 1,134 115 83,287 2,451 196 261 Bank acts as investor 9,184 8,120 650 1,768 19,569 1,967 157 8,306 Total 112,573 22,301 1,784 1,883 102,856 4,418 353 8,567

94 | EIB Group Risk Management Disclosure Report 2019 Table 8-5: Exposures securitised by the institution - Exposures in default and specific credit risk adjustmentsThe following table provides a view on the securitised exposures that are in default and the amount of specific credit risk adjustments made during 2019. 31.12.2019 Defaulted exposures Total amount of specific credit risk adjustments made during the period EUR million Traditional Synthetic Total Traditional Synthetic Total Loans 0 1,209 1,209 0 0 0 Wholesale (total) 0 1,209 1,209 0 0 0 31.12.2018 Defaulted exposures Total amount of specific credit risk adjustments made during the period EUR million Traditional Synthetic Total Traditional Synthetic Total Loans 0 1,065 1,065 0 0 0 Wholesale (total) 0 1,065 1,065 0 0 0

EIB Group Risk Management Disclosure Report 2019 | 95 Market riskOwn funds requirements for market risk by approach Table 9-1: Market risk under standardised approach EUR million 31.12.2019 31.12.2018 RWA RGC RWA RGC Outright products Interest rate risk (general and specific) 461 37 654 52 Foreign exchange risk 1,799 144 5,179 414 Total Standardised approach 2,260 181 5,833 467 Further information on the respective own funds requirements is provided in Section 9.3 regarding the interest rate risk generated by the trading book and in Section 9.2 on foreign exchange risk.9.2. Foreign exchange riskIntroductionThe Foreign Exchange (FX) risk is the volatility in the economic value of, or in the income derived from, the Group’s positions due to adverse movements of foreign exchange rates.The members of the Group have different business models and separate governing frameworks (the principles of which are laid down in their respective Statutes and Rules & Procedures) and thus follow different day-to-day management approaches with respect to FX risk. Based on a materiality assessment, FX rate risk disclosures focus solely on the Bank.In compliance with its Statute, the Bank does not engage in operations denominated in foreign currency not directly required to carry out its lending operations or fulfil commitments arising from loans or guarantees granted by it.The Bank is exposed to FX risk whenever there is a currency mismatch between its assets and liabilities. FX risk also comprises the effect of unexpected and unfavourable changes in the EUR value of future cash flows caused by currency movements, such as the impact of FX rate changes on the Bank’s future margins revenue.The main objective of the Bank’s FX management is to minimise to the extent possible the effect of variation of FX rates on earnings in non-reporting currencies (i.e. non-EUR currencies).

96 | EIB Group Risk Management Disclosure Report 2019 Management, monitoring and reportingThe key bodies which are involved in the management of FX risk in the Bank are the Management Committee and the Asset/Liability Committee (ALCO).The EIB’s primary FX position is defined, for each non-reporting currency, as the balance between the accounting value of assets and liabilities under EU-GAAP and measured in EUR equivalent. The FX position for each non-reporting currency is monitored on a daily and monthly basis. On a daily basis, the Bank’s primary FX positions are impacted by transactions that create a mismatch between assets and liabilities. The P&L impact on the FX position is taken into account and appropriately hedged on a monthly basis.The Bank hedges its FX risk by keeping its primary FX position for each non-reporting currency within authorised limits. In the case of a limit breach, the position is reduced by FX spot or forward deals within the same day.In parallel, in order to protect its P&L from the fluctuations of its future revenues due to changes in FX rates, the Bank hedges twice per year the future interest rate margins in GBP and USD, expressed in accrual terms over a 3-year period.Risk Management, as a second line of defence, is in charge of the monitoring of the daily primary FX position. Finance Directorate Operational Support and Monitoring, as a first line of defence, is in charge of calculating and reporting on a daily basis the primary FX position to the Finance Directorate Treasury that manages the position.MeasurementThe capital requirement is computed based on the net FX position, defined according to the CRD IV/CRR (Articles 351 to 354), and therefore including FX risk arising from any gold position and Collective Investment Undertakings (CIUs). For the latter, i.e. investments into venture capital and infrastructure funds, the EIB applies the look-through approach.The net FX position calculated for this purpose differs from the Bank’s accounting-based primary FX position where Investment Funds/CIUs are funded by liabilities denominated in the same currencies.The FX risk management framework is complemented by additional metrics. In particular, the Bank performs stress tests to understand the impact of FX rates on the economic value of own funds as presented in the following table. Table 9-2: FX risk stress test results for the EIB The table provides a FX stress test impact due to a 30% value reduction of the Bank’s positions denominated in foreign currencies. EUR million 31.12.2019* 31.12.2018 Impact on economic value of own funds due to FX risk (627) (258) *In 2019, a shock of 30% value reduction was applied, compared to 2018 when it was 20%.

EIB Group Risk Management Disclosure Report 2019 | 97 Traded market riskIntroductionTraded market risk is limited to the Securities Liquidity Portfolio (SLP), which was classified as the trading book for regulatory purposes in 2017.The portfolio consists of medium and long-term securities and is managed with the following objectives:To strengthen the Bank’s liquidity bufferTo contain mark-to-market volatilityTo cover and generate some return over the applicable internal transfer priceTraded market risk may arise from activities such as buying and selling securities as well as hedging positions via interest rate swaps and bond futures. The SLP is exposed to interest rate risk and credit spread risk.Management, monitoring and reportingThe Securities Liquidity Portfolio is managed by the Finance Directorate (FI). The Bank´s financial risk guidelines applicable to the Securities Liquidity Portfolio relate to financial risk identification, measurement and monitoring, including limit setting, compliance and reporting. They are approved by the Management Committee and any amendments must be sent to the Management Committee for approval after consultation with the Finance Directorate.Interest rate risk is mitigated through active management of the portfolio through buying and selling positions as well as through hedging via interest rate swaps and bond futures. The portfolio managers receive a dedicated report in terms of interest rate risk exposure by time bucket on a daily basis. Credit spread risk is mitigated through active management of positions.The Middle Office function of the Finance Directorate provides regular reporting on the risk exposure of the portfolio. A dedicated function of the Risk Management Directorate independently measures the risk exposure of the portfolio and ensures its compliance with all the formal limits set out in the financial risk guidelines. Risk Management also monitors the targets defined in the annual investment strategy, in terms of asset allocation, interest rate and credit spread duration.As of 31.12.2019, the modified duration of the Securities Liquidity Portfolio was 0.15 years and the credit spread duration was 1.11 years.The Risk Management Directorate calculates on a regular basis interest rate VaR which stood at EUR 0.30m as of 31.12.2019 (95% confidence, 1-day holding period) and credit VaR which stood at EUR 19.78m respectively (99.6% confidence, 1-year horizon).

MeasurementThe Bank applies the standardised approach for calculating the own funds requirement on its trading book positions in non-securitisation debt instruments (interest rate risk in the trading book), composed of the Securities Liquidity Portfolio.As per Art. 326 of CRR, the Bank's own funds requirement for interest rate risk in the trading book shall be the sum of the own funds requirements for specific and general risk. The specific and general risk components are calculated in accordance with, respectively, Art. 336 and Art. 340 of CRR.Non-traded market riskIntroductionNon-traded market risk covers the risks that may arise from banking book activities, such as interest rate risk, cross currency basis risk, funding spread risk and equity risk. Information on liquidity and funding risks can be found in the following chapter. Based on the Group’s business model, the bulk of its non-traded market risk arises from the Group’s ALM, treasury (apart from the EIB’s SLP which has been classified as Trading Book) and the Group’s Equity Investment activities. The Fund´s interest rate risk is driven by cash or cash equivalent positions as well as investments in debt securities. The majority of the Fund’s treasury management has been fully outsourced to the Bank under a treasury management agreement.No regulatory capital allocation is required for non-traded market risk.ManagementManagement of market risks of the Bank is undertaken by RM/FIN and by the Fund’s Risk Management for the Fund’s activities. The Bank´s financial risk guidelines relate to financial risk identification, measurement and monitoring, including limit setting, compliance and reporting. They are approved by the Management Committee and any amendments must be sent to the Management Committee for approval after consultation with the Finance Directorate and discussion within ALCO, when appropriate. They do not explicitly address the risks arising from the management by the Bank of financial resources entrusted to it neither by the EIF nor, in general, third parties.The Group’s key market risks, arising from non-trading activities, are interest rate risk (including cross- currency basis and funding spread risk) and equity risk, which are examined in the following sections.MeasurementThe Financial Statements provide a good overview on market risks in Note S.4 of the consolidated financial statements under IFRS. Interest rate risk of own funds is quantified by stress tests, which are summarised here. Further information, including methodology, is provided in the Financial Statements. With respect to the Group, for the stress tests of own funds computation, the following assumptions are made:Positions arising from the EIF’s treasury investments managed by the EIB as well as the EIF part of EREM funded debt products, are included in the Group’s economic value of own funds.EIB and EIF pension obligations, as projected by an actuarial provider, are taken into account.98 | EIB Group Risk Management Disclosure Report 2019

Table 9-3: Market risk stress testing results for the EIBThe table provides an overview of the main market risks at the EIB through the impact on the economic value of own funds of stress tests. The underlying scenarios are as follows:Interest rate risk: EBA defined stress test scenarios5, as well as 200 basis point upward parallel shift of interest rate curve (available in Table 9-4).Funding Spread risk: 75 basis point increase in the Bank’s funding cost (measured in terms of fundinggaps) on all future funding requirements relating to the refinancing of outstanding assets. Impact on economic value of own fundsEUR million 31.12.2019 31.12.2018 Interest rate risk (200bps upward shift)* -7,961 -7,761 Spread risk** -989 -2,611 *As per EBA/GL/2018/02, positive impacts per currency are accounted for 50% only. **New methodology in 2019 applied which evaluates the impact of debt refinancing needs only, assuming shareholders are paid lastafter the rest of the balance sheet runs off. 9.4.1. Interest rate risk in the banking bookIntroductionInterest rate risk is defined as the volatility in the economic value of, or in the income derived from, the Group’s positions due to adverse movements in market yields or the term structure of interest rates. Exposure to interest rate risk occurs due to differences in the repricing and maturity characteristics of the different assets, liabilities and hedge instruments.Management, monitoring and reportingThe Group follows relevant key principles of BCBS6 and EBA7 in its management and monitoring of interest rate risk. The Bank measures and reports IRRBB on a monthly basis in different ways. A Global Interest Rate Risk report and a Cross-Currency Basis Risk report are published internally for limits monitoring in the context of the operational ALM activities. There is a permanent working group on interest rate risk monitoring, which was established within the ALCO. The working group’s activities include the review and analysis of interest rate risk exposure and reporting to ALCO on operational actions and consequences.Considering the nature of the activities of the EIF compared to those of the Bank, the main source of IR risk for the EIF comes from its treasury investments. In this respect, the duration of the Fund’s treasury portfolios is monitored on a weekly basis. Based on a materiality assessment8, interest rate risk disclosures may focus solely on the Bank in the following sections. 5 EBA/GL/2018/02.6 See Standards for Interest Rate Risk in the Banking Book (IRRBB) (April 2016)7 EBA Guidelines on the management of interest rate risk arising from non-trading book activities - EBA/GL/2018/02.8 For an impact of a 200 basis point upward parallel shift of the interest rate curves on economic value of own funds of the whole Group, refer to Note S.4.2.1 in the Consolidated Financial Statements under IFRS. This was EUR 7.88 billion at end- 2019 (2018: EUR 7.80 billion). For the EIF, the impact was EUR 0.1 billion at end-2019 (2018: EUR 0.1 billion).EIB Group Risk Management Disclosure Report 2019 | 99

MeasurementThe EIB applies a duration of own funds as a primary interest rate risk metric, with a target duration of five years, within a tolerated operational deviation of plus or minus 0.5 years. The relevance of this strategy is reassessed at the occasion of the ALM strategy review process.The EIB performs stress tests to understand the impact on the economic value of own funds using interest rate shocks9 and performs analysis on the Bank’s sensitivity of earnings. For additional details, refer to the Financial Statements under IFRS, Note S.4.2 “Interest rate risk”.Table 9-4: Interest Rate Risk in the Banking Book: EBA standardised stress test scenariosThe below table gives a stress test analysis of the Group, which measures the impact of the regulatory standardised shocks on the economic value of own funds, measured in EUR million. ScenarioEUR million 31.12.2019* 31.12.2018 Parallel up -7,881 -7,817 Parallel down 1,251 9,346 Steepener -1,279 -1,357 Flattener -219 130 Short rate up -2,523 -2,336 Short rate down 830 2,431 200bp upward shift -7,865 -7,807 *In 2019 EBA stress scenarios were applied, which compared to the 2018 scenarios have a floor on the down shocks and positive impacts per currency were accounted for 50% only. Table 9-5: Interest Rate Risk in the Banking Book: standardised stress test on +200bp shift scenarioThe below table gives a stress test analysis of the Bank only, which measures the impact of the +200bp standardised shock on the economic value of own funds, drilled down by currency10. 31.12.2019* 31.12.2018 EUR million +200bp IR Scenario +200bp IR Scenario AUD -17 0 CAD -1 0 CHF 4 4 CZK -8 -5 DKK -2 -4 EUR -7,902 -7,651 GBP -1 -22 HUF -4 -2 JPY 11 4 MXN -1 0 NOK -3 0 PLN -6 -4 SEK -12 -8 TRY 2 0 USD -20 -73 ZAR -2 0 Total own funds -7,961 -7,761 *As in the case of the other shocks, positive impacts per currency are accounted for 50% only.9 EBA/GL/2018/02.10 Currencies for which all stress tests had an immaterial impact of less than EUR 500,000 were excluded from this table.100 | EIB Group Risk Management Disclosure Report 2019

EIB Group Risk Management Disclosure Report 2019 | 101 Equity exposure in the banking bookIntroductionNon-traded equity risk refers to the potential loss that may be incurred as a result of reduction in the fair value of an equity investment in the EIB Group banking book.The Group is exposed to equity risk from the following sources:EIB’s participations in the European Bank of Reconstruction and Development (‘EBRD’) and in the EIF (which is consolidated for the purpose of this report);Equity-type investments including investments in infrastructure funds and in the Structured Finance Facility (‘SFF’);Venture capital and growth capital operations made by EIF on behalf of EIB under the RCR and the EREM mandates and under own resources (usually as co-investments with Mandates); andShares that have been received in the context of a financial restructuring of a publicly-quoted or privately-held company to which the Bank has lent.Detailed information on the size of the equity portfolio broken down by the above exposure type is provided in the Financial Statements for the EIB Group under EU Directives in Note E, including further information on off-balance sheet exposures.Management, monitoring and reportingThe EIB’s Equity Risk Guidelines (“ERG”) address risk issues and related risk-mitigating measures associated with direct and indirect equity investments irrespective of their geographical focus and origin of funds.Periodic scoring of equity-type investments is performed by the first line of defence functions and validated by RM Operations Department. Equity-type investments are fair valued periodically and set against their carrying value to calculate performance.The Bank’s exposure to equity risk is included in aggregate in the monthly Risk Report.The EIF established specific risk management practices and measurement methodologies, which are detailed in the EIF Financial Statements. This Report provides some general information about the management practice in the following paragraphs.The core is a structured and regular fund manager review process, in which the financial performance of each fund manager and fund in the portfolio is assessed, operational issues at the level of fund managers are identified, and remedy actions are agreed. This process is run by Risk Management and involves the various front offices of the Fund.Considering equity risk arising from venture capital and middle market investments under the RCR and EREM mandates, the EIF monitors the exposures and reports to the Management Committee of the EIB on a quarterly basis. This report includes key performance indicators, the RCR headroom, allowed investments, details on portfolio diversification as well as expected investment performance.

102 | EIB Group Risk Management Disclosure Report 2019 For more quantitative details concerning equity exposures in the banking book, refer to Section 3.2. of the EIF Financial Statements. Private equity investments are especially important to the Fund, therefore further information about the private equity portfolio composition can be found in its Financial Statements.MeasurementInvestments in venture capital operations, infrastructure and investment funds are valued in line with accounting policies, for which we refer to Note A.2.8 of the Financial Statements.The Group assesses the impact on own funds due to reasonable possible changes in equity indices on a regular basis. The impact of such an assessment as well as more information on the measurement are provided in the Financial Statements under IFRS, Note S.4.4.As for the EIF, the measurement of the quality and performance of the EIF equity portfolio is grounded in the fund manager review process described above, and is performed on the basis of the grades assigned to the fund managers (“Operational Grade”) on the one hand and to the fund (“Performance Grade”) on the other. In addition, Risk Management exploits the breadth and depth of data accumulated on the past experience of the portfolio, in order to derive simulations and scenarios as to future expected returns and performance.The EIF quantifies equity risk arising from private equity investments via a Capital Asset Pricing Model (‘CAPM’). Deriving reasonable statistics, which could then be used for a private equity CAPM, is challenging due to the lack of historical data concerning the aforementioned investments. That is why the EIF’s risk management incorporates a conservative beta, i.e. a measure of risk relative to the market, derived from different private equity indices, to estimate the sensitivity of the value of its equity portfolio towards a change in value in the overall market where the respective positions are traded. For further information refer to Section 3.2.4.1 of the EIF’s Financial Statements.

Liquidity riskInternal framework for liquidity risk managementIntroductionLiquidity risk is the risk that the entities of the Group have insufficient capacity to fund increases in assets and meet obligations as they fall due, without occurring unacceptable losses. It can be further split into funding liquidity risk and market liquidity risk. Funding liquidity risk is the risk of being unable to refinance the asset side of its balance sheet and to meet payment obligations punctually and in full out of readily available liquid resources. Market liquidity risk is the volatility in the economic value of, or in the income due to the potential inability to execute a transaction to offset, eliminate or reduce outstanding positions at reasonable market prices.For liquidity management and liquidity risk management the Group follows a decentralised model where both EIB and EIF have a separate liquidity framework in place tailored to the entity business model with the objective to ensure that each entity can always meet its payment obligations punctually and in full.Given the Bank’s business model, long-term funding is the prevailing source of funding for its lending activities. To raise liquidity on the capital markets, the Bank uses large, liquid benchmark bonds denominated both in its main operating currencies (EUR, GBP and USD) as well as in other currencies. The Bank has a specific policy in place to make sure that funding and liquidity costs are transferred to the client and that issuance is adequately diversified by tenor and currency. Furthermore, in defining its funding programme, the Bank pays due regard to the control of the structural maturity mismatch between its lending and borrowing activities. In order to manage its liquid assets, the Bank holds a liquidity buffer composed by several treasury portfolios with short, medium and long-term investment horizons, each of them managed according to risk guidelines approved by the Management Committee. Further to this, the Bank can participate in the monetary refinancing operations of the Eurosystem, through its access to the Banque Centrale de Luxembourg.Differently, the EIF does not fund itself on the capital markets. Liquid assets are managed by the EIF in such a way as to ensure that guarantee calls, private equity commitments and administrative expenditures can be regularly met, while earning a reasonable return on the assets invested, compatible with the protection of the value of the paid–in capital. The liquidity is managed so as to meet the Fund’s liquidity needs. For the most part, the treasury management is outsourced to the EIB under a treasury management agreement mandating the EIB services to perform selection, execution, settlement, monitoring, bookkeeping and valuation of the transactions. Meanwhile, a short-term treasury portfolio is managed directly by the EIF for daily liquidity management.The Bank uses derivative instruments as part of its asset and liability management activities, to manage interest rate, cross-currency basis and foreign currency risks and reduce the exposures to such risks.The exposure of the Bank to derivative counterparts is mitigated through Credit Support Annexes (CSA) to the ISDA Master Agreements, which provide for daily collateralization of exposures. The CSAs signed by the Bank are unilateral (or 1-way), meaning that the EIB is not obliged to post collateral –EIB Group Risk Management Disclosure Report 2019 | 103

104 | EIB Group Risk Management Disclosure Report 2019 neither in the form of cash, nor securities – as it would be under an ordinary bilateral CSA. Within the unilateral CSA framework, the Bank is executing mark-to-market swaps which are standard cross currency swaps with quarterly resets of their nominal to match the changes in the relevant FX rate over the period. These resets are settled in cash on a quarterly basis.For further information on the current funding programme and its currencies and maturities, as well as on the treasury assets portfolios and the use of derivatives, please refer to the related disclosures in the Financial Statements.Both entities have in place an independent Risk Management unit monitoring and controlling the liquidity risk of each respective entity. The best banking practice rules on liquidity risk that shall apply on an individual as well as on a consolidated basis are assessed and determined according to the BBP Guiding Principles.Management, monitoring and reportingThe Group has in place sound internal processes for identifying, measuring, monitoring and controlling liquidity risk. The management monitoring and reporting are implemented within the Group taking into consideration proportionality and the business model specificities of each entity.On a daily basis, information about EIB daily cash flows in all the operating currencies are available for the purposes of short-term liquidity planning and investment. On a weekly basis, all cash flows arising from assets, liabilities and off-balance sheet items are projected over several time horizons, under both “base-case” as well as under internally determined “stressed” conditions. The latter take into account severe lending and funding forecasts as well as stressed loan repayments, liquid assets and contingent outflows. Both market and funding liquidity risks are covered by these stresses. The cash flow projections contribute to determining the appropriate size of the Bank’s liquidity buffer, by ensuring that it is sufficient to cover the Bank’s future net cash outflows under all conditions, “base- case” and “stressed” alike. Further to the aforementioned cash flow projections, the Bank uses a structural cumulative liquidity gap analysis to ensure that the structural mismatches between long- term funding and lending activities are sustainable, both from a liquidity and spread risk standpoint.Tolerance levels and limits for the main internal liquidity risk indicators are specified in the Risk Appetite Framework with the aim of ensuring that the Bank and the Fund holds an adequate liquidity buffer to cover its future net cash outflows. Such indicators are calculated by the EIB on a daily and weekly basis, and by the EIF on a quarterly basis. The Risk Appetite Framework (RAF) indicators are approved by the senior management through the respective RAFs and are subject to regular updates to ensure their ongoing adherence with the business model of the two entities.The Risk Management of both EIB and EIF regularly reports the level of the liquidity risk indicators to senior management. During 2019, all liquidity risk indicators were well in line with the approved risk tolerance.Both EIB and EIF have in place contingency plans that define the escalation procedures and course of actions in the event of a liquidity crisis. The contingency plans may be activated as a result of extraordinary market conditions and/or as a result of the internal liquidity indicators reaching pre- defined crisis levels. The plans are updated and tested on an annual basis.

EIB Group Risk Management Disclosure Report 2019 | 105 Further information on the Group’s liquidity risk management is provided in the Financial Statements under IFRS, Note S.3. These also provide the maturity profile for derivative and non-derivative financial liabilities.Internal Liquidity Assessment Process (ILAAP)As an integral part of its risk management framework, EIB and EIF have in place an Internal Liquidity Adequacy Assessment Process (ILAAP), which is tailored to its public function and to its specific business model. Both entities in the group have established robust liquidity and liquidity risk management frameworks and liquidity risk is managed prudently in order to ensure the regular functioning of the core activities under both normal and stressed conditions. Relevant policies and practices are in place and in line with the identified liquidity risk tolerance levels and are communicated to senior management through internal reporting tools, in order to facilitate the robust measurement, monitoring and control of liquidity risk.The ILAAP is a key element of the Basel III framework, as transposed into European legislation by CRD IV (Directive 2013/36/EU).Liquidity coverage ratio (LCR)The Bank implemented the LCR in line with the requirements of the European Commission’s Delegated Regulation (EU) No 2015/61 of 10 October 2014.The Bank calculates LCR on a daily basis in its reporting currency (EUR) as defined in Article 3 of Commission Delegated Regulation (EU) 2015/61. Furthermore, the Bank also monitors the LCR for all significant currencies (EUR, GBP and USD as at 31.12.2019). Consistency of the currency denomination of its liquid assets with its net liquidity outflows is ensured by the Bank on an ongoing basis, in order to prevent an excessive currency mismatch.The Bank includes stressed contingent outflows linked to the guarantee portfolio in its LCR calculations on top of the standard regulatory outflows provided for by the CRR and applies an appropriate representation of contingent outflows from derivative collateralization to take into account the specificities of its 1-way CSA agreements.A monthly Group LCR calculation has been in place since June 2019.

Quantitative disclosure on LCRThe following table reports the EIB Group’s average LCR over 2019 and its composition by main items11. Table 10-1: Liquidity coverage ratio Scope of consolidation (solo) Total unweighted value Total weighted value EUR million Year ending on 31.12.2019 31.12.2019 Number of data points used in the calculation of averages 12 12 HIGH-QUALITY LIQUID ASSETS 1 Total high-quality liquid assets (HQLA) 49,333 CASH OUTFLOWS 2 Retail deposits and deposits from small business customers, of which: - - 3 Stable deposits 0 0 4 Less stable deposits 0 0 5 Unsecured wholesale funding 8,071 7,029 6 Operational deposits (all counterparties) and deposits in networks of cooperative banks 0 0 7 Non-operational deposits (all counterparties) 1,834 792 8 Unsecured debt 6,237 6,237 9 Secured wholesale funding 1,123 10 Additional requirements 99,501 16,587 11 Outflows related to derivative exposures and other collateral requirements 7,129 7,129 12 Outflows related to loss of funding on debt products 0 0 13 Credit and liquidity facilities 92,372 9,459 14 Other contractual funding obligations 5,563 5,563 15 Other contingent funding obligations 11,303 2,184 16 TOTAL CASH OUTFLOWS 32,486 CASH-INFLOWS 17 Secured lending (e.g. reverse repos) 7,092 7,092 18 Inflows from fully performing exposures 10,662 9,390 19 Other cash inflows 3,042 3,042 EU-19a (Difference between total weighted inflows and total weighted outflows arising from transactions in third countries where there are transfer restrictions or which are denominated in non-convertible currencies) - EU-19b (Excess inflows from a related specialised credit institution) - 20 TOTAL CASH INFLOWS 20,796 19,524 EU-20a Fully exempt inflows 0 0 EU-20b Inflows subject to 90% cap 0 0 EU-20c Inflows subject to 75% cap 20,796 19,524 21 LIQUIDITY BUFFER 49,333 22 TOTAL NET CASH OUTFLOWS 13,842 23 LIQUIDITY COVERAGE RATIO (%) 356% The EIB Group’s LCR as at 31.12.2019 stood at 491% (31.12.2018: 184%). The increase year on year is driven primarily by treasury activities (size, quality and maturity profile). 11 The monthly EIB Group LCR figures are available from June 2019. For the production of the table, the EIB standalone LCR is used for the first half of the 2019 data points.106 | EIB Group Risk Management Disclosure Report 2019

Net stable funding ratioThe Basel III framework proposed significant enhancements to liquidity risk management, which include the Net Stable Funding Ratio (‘NSFR’). Following the adoption of the CRR II in 2019, the NSFR is going to be introduced in the EU framework starting in June 2021.The Group will disclose additional information on this ratio when it will come into force based on the respective EU banking legislative acts and guidelines.Asset encumbranceAn asset is considered to be encumbered if it has been pledged or if it is used to secure, collateralise or credit enhance a transaction such that it cannot be freely withdrawn by the Group. Marketable, high-quality assets that are unencumbered are part of a liquid asset portfolio as they can generally help to obtain emergency liquidity in stress situations.Asset encumbrance for the EIB Group is only driven by the EIB's treasury operations with financial institutions and Central Banks. Encumbered assets in 2019 were generated by repo transactions (mainly in EUR). The Group does not at present engage into securities lending activities and covered bonds issuances, and no assets are placed with settlement systems, including default funds and initial margins. A daily monitoring process for unencumbered and encumbered assets is in place.As of 31.12.2019, the asset encumbrance ratio amounts to 0.2% as measured according to the EBA definition12, in line with 2019 levels. 12 Commission Implementing Regulation (EU) No 2015/79 of 18 December 2014EIB Group Risk Management Disclosure Report 2019 | 107

108 | EIB Group Risk Management Disclosure Report 2019 The following disclosures follow the EBA’s disclosure templates on asset encumbrance.Table 10-2: Encumbered and unencumbered assets of EIB GroupThe below table provides an overview of the amount and type of accounting values of on-balance sheet assets that are encumbered and unencumbered at the EIB Group. 31.12.2019 Encumbered Assets Unencumbered assets EUR million Carrying amount of encumbered assets Fair value of encumbered assets Carrying amount of unencumbered assets Fair value of unencumbered assets of which notionally eligible EHQLA andHQLA of which notionally eligible EHQLA andHQLA of which notionally eligible EHQLA andHQLA of which notionally eligible EHQLA andHQLA Assets of the reporting institution 1,691 1,691 552,327 32,879 Equity instruments 0 0 7,830 0 Debt securities 1,691 1,691 1,714 1,714 44,525 15,741 45,053 15,909 Other assets 0 0 499,972 17,138 Table 10-3: Encumbrance of collateral received by the EIB GroupThis table shows the amount and type of collateral received by the Group that is encumbered or available for encumbrance. 31.12.2019 Fair value of encumbered collateral received or own debt securities issued Fair value of collateral received or own debt securities issued available for encumbrance EUR million of which notionally eligible EHQLAand HQLA of which EHQLAand HQLA Collateral received by the reporting institution 0 0 42,353 12,825 Equity instruments 0 0 0 0 Debt securities 0 0 36,140 12,825 Other collateral received 0 0 6,212 0 Own debt securities issued other than own covered bonds or ABSs 0 0 0 0 Table 10-4: Sources of encumbrance The below table provides information on liabilities associated with encumbered assets and collateral. 31.12.2019 Matching liabilities, contingent liabilities or securities lent Assets, collateral received andown debt securities issued other than covered bonds and ABSsencumbered EUR million Carrying amount of selected financial liabilities 1,712 1,691

Operational riskIntroductionOperational risk is the risk of loss resulting from inadequate or failed processes or systems, human factors or due to external events, which includes legal risk but excludes strategic and reputational risk. Legal risk is the financial risk resulting from the Group being held liable for a legal claim, damages from the failure to meet its legal obligations of contractual requirements or infringement of intellectual property rights. ICT risk is defined as the risk of loss due to breach of confidentiality, failure of integrity of systems and data, inappropriateness or unavailability of systems and data or inability to change information technology (IT) within a reasonable time frame and at reasonable cost when the environment or business requirements change (i.e. agility). This includes security risks resulting from inadequate or failed internal processes or external events including cyber-attacks or inadequate physical security.For further details on risk identification, assessment, monitoring and reporting on operational risk please see Section 4.4.3.Risk measurementUntil 2018, to measure capital requirements for operational risk, the EIB used the Advanced Measurement Approach (‘AMA’), while the EIF applied the Basic Indicator Approach. Since 2019, the Group has decided to early adopt the Standardised Approach (‘SA’) as determined by Basel III standards.AMA approach (applied by the EIB until 2018)The AMA approach commenced in 2007 and includes an evaluation of the key business environment and internal controls, operational risk internal and external losses as well as the top operational risks captured through the operational risk scenario assessment. The ORM framework is aligned with the calculation of regulatory capital for operational risk. The Bank´s AMA model relies on four data sources:Internal loss data, which has been collected since 2002, and each event is documented in the Bank’s operational risk management system (SAS), which feeds the AMA model.External loss data, which is sourced from an external database (UK Finance13).Scenario analysis, which is performed annually to obtain expert opinion of all DGs and business line and risk managers assessing residual risk with remediation to address identified deficiencies that are outside accepted levels of residual risk.Business environment and internal control factors, monitored by Operational Risk Indicators, which include measureable thresholds and limits to monitor the identified risks. These are reported in the monthly operational risk report to alert management when risk levels exceed acceptable ranges.Statistical distributions reflecting the Bank’s severity and frequency of losses are created based on a combination of the above elements. When calibrating the base or data-driven frequency and severity13 On 1 July 2017, the British Bankers’ Association, together with the Asset-Based Finance Association, the Council for Mortgage Lenders, Payments UK, the UK Cards Association and Financial Fraud Action UK merged to form a new association, UK Finance.EIB Group Risk Management Disclosure Report 2019 | 109

110 | EIB Group Risk Management Disclosure Report 2019 distributions, historical loss patterns and exposures form a reasonable proxy for future events. The modelled distribution functions for both frequency and severity are then leveraged to generate the annual loss distribution. AMA capital requirements are calculated as VaR (Value at Risk), or the maximum potential loss over one year, at a 99.9% confidence level to calculate regulatory capital requirements. The Bank does not use insurance or similar risk transfer mechanisms for mitigating operational risks in the AMA model.SA approach (applied since 2019)The Basel Committee on Banking Supervision published the final Basel III framework In December 2017, stating that the regulatory capital requirements on operational risks will be determined by the standardised approach, which will replace the AMA. The SA is based on a business indicator component (utilised as a size proxy for banks in the SA context) and a historical loss experience component (with a number of parameters that are subject to national discretion).

12. Remuneration policyThe EIB website publishes detailed information on the remuneration and other benefits applicable to members of its decision-making and supervisory bodies and to the members of its staff.Information is also provided on, for instance, the remuneration of members of the Board of Directors and the Audit Committee (attendance fees), the rules for determining the bonuses awarded to senior management and the Bank’s pension schemes.The Board of Governors is a non-remunerated governing body, which sets the compensation of the Board of Directors, the Management Committee and the Audit Committee.The members of the Board of Directors do not receive remuneration from the Bank but do receive an attendance allowance of EUR 600 for each meeting day of the Board in which they participate. The attendance allowance amount has been kept constant in nominal terms (i.e. no increase for inflation) since 2002. Some Board members are civil servants and may be required by national rules to pay the attendance allowance received to their national administration. The members of the Board of Directors do not receive a bonus and are not paid for preparation times between Board meetings or for written decisions.The Bank reimburses the travel expenses of Board members in respect of their attendance at meetings of the EIB Board of Directors, meetings of Board Committees or Working Groups and other events convened by the governing bodies of the Bank. When travelling, members of the Board of Directors have to use the most efficient and economical route possible. Private expenses must be strictly separated from expenses linked to the purposes of fulfilling duties connected with membership of the EIB’s Board of Directors, and should never give rise to an increase of the expenses incurred by the EIB.A flat-rate subsistence allowance (currently EUR 250) is credited to Board members for each hotel night to attend Board meetings or other events convened by the governing bodies of the Bank in Luxembourg.The remuneration of the Management Committee members is set by the Board of Governors and does not include individual rewards nor Bank’s performance objectives. The emoluments of the members of the Management Committee (President and Vice-Presidents of the EIB) are aligned with those of the President and Vice-Presidents of the European Commission respectively.The Audit Committee members and observers are not remunerated by the Bank. For each meeting day in which they participate, members and observers of the Audit Committee receive an attendance allowance of EUR 1,050, an amount which is set by the Board of Governors and has not changed since 2002. In addition, the Bank pays a flat-rate subsistence allowance of EUR 250 as a lump-sum reimbursement for hotel and related expenses incurred by individual Audit Committee members and also reimburses their travel expenses.The Bank has identified members of the Board of Directors, the Audit Committee, the Management Committee and the Directors General heading the different EIB organisational directorates as key management personnel and their annual compensation is disclosed in the EIB’s Annual Financial Report.EIB Group Risk Management Disclosure Report 2019 | 111

112 | EIB Group Risk Management Disclosure Report 2019 Within the EIF, the key management personnel definition encompasses the Board of Directors, the members of the Audit Board and the EIF Senior Management. The annual compensation of the EIF’s key management personnel is disclosed in the EIF’s Annual Report.

EIB Group Risk Management Disclosure Report 2019 | 113 AppendixAppendix I - Risk taxonomy (risk definitions) Main risk category Risk sub-category Definition Credit risk Credit risk in lending Credit risk in lending is defined as the risk that a counterpart of the Bank’s lending activities will fail to meet its agreed-upon obligations. Credit concentration risk The potential loss resulting from excessive concentration of exposure to a single client or a specific sector or geographical location. Country risk (including transfer & convertibility risk) Country risk is a broad concept that relates to the aggregate of specific risks of doing business in a particular country arising from events, including:Direct risks (as a result of sovereign intervention such as exchange controls, changes inregulated tariffs, bank deposit freezes, required repatriation of all foreign exchange receipts held abroad; refusal to clear a transfer of funds, punitive taxation and expropriation)Indirect risks (derived from political turmoil; economic contraction; price controls; devaluations; temporary closing of banking systems and/or an acute credit shortage; higher taxes; rule of law; enforceability of contracts; acts of terrorism and war). Transfer and convertibility risks are an example of the above-mentioned direct risks.Transfer risk can be the result of the imposition of foreign exchange controls by thegovernment at times of crisis that prohibit the transfer overseas of foreign currency to service foreign debt. Convertibility risk is the risk that the foreign exchange market will close. Credit risk in treasury Credit risk in the treasury books is defined as the risk that a counterparty will fail to meet its agreed-upon obligations (credit default risk) or the potential loss in terms of a decrease in asset values due to the decrease in the quality of the respective counterparts (issuer credit spread risk). Credit risk in derivatives and SFTs (including CVA) Credit risk in derivatives and securities financing transactions (SFTs) stems from losses with respect to derivatives and SFTs, which the Bank would incur in the event that the counterparty is unable to honour its contractual obligations (counterparty credit risk) and from potential fair value losses due to credit valuation adjustments (CVA risk). Credit risk in loan substitutes(loan book) The EIB provides long-term financing in the form of loan substitutes (i.e. asset-backed securities, covered bonds) which pose risk of losses due to a failure of interest/principal payment by the issuer. Market risk in the banking book Interest rate risk in the banking book The current or prospective risk to both the earnings and the economic value of an institution arising from adverse movements in interest rates that affect interest rate sensitive instruments, including gap risk, basis risk and option risk. FX risk The volatility in the economic value of, or in the income derived from, the Bank’s positions due to adverse movements of FX rates. Spread risk The volatility in the economic value of, or in the income derived from, the Bank’s positions due to movements in the funding or lending spread of the Bank. Equity risk Equity-type risks result from the Bank’s investments (direct or indirect and irrespective of its legal form) that de facto expose the Bank to the risk of the performance of the Market risk in the trading book Position risk related to non-securitisation debt instruments (interest rate risk in the trading book) investee’s business. As per Art. 326 of CRR, the Bank's own funds requirement for position risk shall be the sum of the own funds requirements for specific and general risks of its positions in debt instruments held in the trading portfolio. The specific risk component of the position risk on a traded debt instrument is the risk of a price change in the instrument concerned due to factors related to its issuer or, in the case of a derivative, the issuer of the underlying instrument. The general risk component of the position risk on a traded debt instrument is the risk of a price change in the instrument due to a change in the level of interest rates. Liquidity risk Funding liquidity risk The risk for the Bank to be unable to refinance the asset side of its balance sheet and to meet payment obligations punctually and in full out of readily available liquid resources. Market liquidity risk The volatility in the economic value of, or in the income derived from, the Bank’s positions due to potential inability to execute a transaction to offset, eliminate or reduce outstanding positions at reasonable market prices. Other financial risks Settlement risk The Bank defines settlement risk as the risk of potential losses due to unsettled transactions after their due delivery date and/or transactions that are settled later than the market standard in line with Articles 378 and 272 of Regulation EU 575/2013.

114 | EIB Group Risk Management Disclosure Report 2019 Main risk category Risk sub-category Definition Custodian risk The Bank defines custodian risk as the risk of a loss that the Bank may incur in the case of:non-asset segregation on the books of the custodiana carve-out from the liability of the custodian in the event of sub-custodian lossesinsolvency of a custodian and the inability of the Bank to claim a right and/or recover the securities held by the custodian Climate change risk Climate change risk as the risk of (i) transition to a lower-carbon economy, and (ii) risks related to the physical impacts of climate change. Pension risk Pension and health insurance risks are defined as the risks of losses due to the volatilityof the Bank’s pension and health insurance liabilities. Pension and health insurance risks primarily derive from a potential increase of the Bank’s obligations under adverseconditions impacting either the future benefits to be served to the members of the pension and health insurance schemes or the (net present) valuation of such benefits. In funded schemes (i.e. when a bank’s obligations are funded with a portfolio of segregated assets), pension and health insurance risks relate to the residual unfunded exposure of the bank and therefore also incorporate investment risks. Operational risk The risk of loss resulting from inadequate or failed processes or systems, human factors or due to external events, which includes legal risk but excludes strategic and reputational risk. ICT & security risk Risk of loss due to breach of confidentiality, failure of integrity of systems and data, inappropriateness or unavailability of systems and data or inability to change IT within areasonable time frame and cost when the environment or business requirements change (i.e. agility). This includes security risks resulting from inadequate or failed internal processes or external events including cyber-attacks or inadequate physical security. Reputational risk The risk arising from negative perception on the part of customers, counterparties,shareholders, investors, debt-holders, market analysts, other relevant parties or regulators that can adversely affect a bank's ability to maintain existing, or establish new, business relationships and continued access to sources of funding. Non-financialrisks Strategic risk is the risk that a sub-optimal contribution to achieve the EIB Group’s policymission supporting EU policy objectives could indirectly, through decreasing shareholder or stakeholder support, affect the long-term financial sustainability of the EIB or EIF. Strategic risk could be affected by inadequate strategic decisions, a failure to execute strategy or a lack of effective response to changes in the economic, political and business environment. Strategic risk Compliance risk The risk of legal or regulatory sanctions, financial loss, or loss to reputation a member of the EIB Group may suffer as a result of its failure to comply with all applicable laws, regulations, staff codes of conduct and standards of good practice. Conduct risk The Bank defines conduct risk as the current or prospective risk of losses to aninstitution arising from an inappropriate supply of financial services, including cases of fraud or wilful or negligent misconduct. Other non-creditassets obligations The risk of losses due to fixed assets and cash. Model risk Model risk refers to the potential for adverse consequences from decisions based on incorrect or misused model outputs and reports.

EIB Group Risk Management Disclosure Report 2019 | 115 13.2. Appendix II - Abbreviations ABS Asset-Backed Securities ALCO ALM Committee ALM Asset Liability Management AMA Advanced Measurement Approach (for operational risk) AT1 Additional Tier 1 (Capital) BBP Best Banking Practice BCBS Basel Committee on Banking Supervision BEICFs Business Environment and Internal Control Systems BIA Basic Indicator Approach BPV Basis Point Value CAD Capital Adequacy CCC Climate Coordination Committee CCF Credit Conversion Factor CET1 Common Equity Tier 1 (Capital) CRA Credit Risk Adjustment CRAS Climate Risk Assessment System CRCF Credit Risk Control Function CRD IV/CRR Capital Requirements Directive IV and Regulation CRM Credit Risk Mitigation CRO Chief Risk Officer CS BPV Credit Spread Basis Point Value CSA Credit Support Annex CSI-SC Climate Strategy Implementation Steering Committee DPO Data Protection Officer DSMC Derivatives Strategy and Models Committee EAD Exposure at Default EBA European Banking Authority EDPS European Data Protection Supervisor EFSI European Fund for Strategic Investments EC European Commission EDTF Enhanced Disclosure Task Force EIB European Investment Bank EIF European Investment Fund EL Expected Loss ELM External Lending Mandate EU European Union EVE Economic value of own funds FI Finance Directorate FMGP Financial Monitoring Guidelines and Procedures FX Foreign Exchange GLR General Loan Reserve GMRA Global Master Repurchase Agreement GCRO Group Chief Risk Officer GRI Global Reporting Initiative GSM Guarantees, Securitisations and Microfinance GWWR General Wrong Way risk ICAAP Internal Capital Adequacy Assessment Process IIW Infrastructure and Innovation Window ICF Internal control framework ICFC ICF Control function ICT Information and Communication Technologies IMMIPE Internal Model Method (for counterparty credit risk)Investment Plan for Europe IRB Internal Ratings-Based (approach for credit risk) IRM Internal Rating Methodology

116 | EIB Group Risk Management Disclosure Report 2019 IRMMC Internal Rating Models Maintenance Committee IRRBB Interest Rate Risk in the Banking Book ISDA International Swaps and Derivatives Association ITS Implementing technical standards LCR Liquidity Coverage Ratio LG Loan Grading LGD Loss Given Default LGTT Loan Guarantee Instrument for Ten-T Projects MC Management Committee NOPOF Notional Portfolio of Own Funds NPC New Product Committee NSFR Net Stable Funding Ratio OCCO Office of the Chief Compliance Officer OCR Overall regulatory capital requirements OPS Operational Directorates ORM Operational Risk Management ORMF Operational Risk Management Framework PE Private Equity PBI Project Bond Initiative PD Probability of Default PJ Projects Directorate RCR Risk Capital Resource RM Risk Management Directorate RSFF Risk-Sharing Finance Facility RSI Risk Sharing Instrument RWA Risk-Weighted Assets SA Standardised Approach SAR Special Activities Reserve SEC-ERBA Securitisation External Ratings Based Approach SEC-IRBA Securitisation IRB Approach SEC-SA Securitisation Standardised Approach SFF Structured Finance Facility SFT Securities Financing Transactions SLP Securities Liquidity Portfolio SME Small and Medium-Sized Enterprises SREP Supervisory review and evaluation process SSPE Securitisation special purpose entity STS Simple, transparent and standardised SWWR Specific Wrong Way risk T2 Tier 2 (Capital) TMR Transaction Management and Restructuring VaR Value-at-Risk 13.3. Appendix III - List of figures Figure 4-1: Organisational structure of the Risk Management Directorate at the EIB p.19 Figure 4-2: Organisational structure of Risk Management at the EIF p.19 Figure 6-1: Credit risk exposure by IRB exposure class p.58 13.4. Appendix IV - List of tables Table 4-1: Main EIB Group risk categories as at 2019 p.23 Table 5-1: Capital instruments’ main applicable features p.49

EIB Group Risk Management Disclosure Report 2019 | 117 Table 5-2: Own funds disclosure p.50 Table 5-3: Reconciliation table for own funds p.51 Table 5-4: EIB Group’s CRR methodologies per risk type p.51 Table 5-5: Overview of risk-weighted assets (RWA) and regulatory capital (RGC) by exposure class p.52 Table 5-6: Summary reconciliation of accounting assets and leverage ratio exposures p.53 Table 5-7: CRR leverage ratio common disclosure p.54 Table 5-8: Breakdown of CRR leverage ratio exposure by type of banking book exposure p.54 Table 5-9: Countercyclical capital buffer p.55 Table 6-1: CRR exposure classes mapped to EIB counterparty types p.57 Table 6-2: Analysis of exposures (on- and off-balance sheet) and portfolio quality by product p.59 Table 6-3: Changes in defaulted loans and debt securities from year-end 2018 to 2019 p.60 Table 6-4: Specific credit risk adjustments by IRB exposure class p.60 Table 6-5: Credit quality of exposures by industry and geography p.61 Table 6-6: Total and average credit risk exposures p.65 Table 6-7: Geographical distribution of credit risk exposures p.66 Table 6-8: Distribution of credit risk exposures by economic sector at year-end p.68 Table 6-9: Distribution of credit risk exposures by residual maturity p.70 Table 6-10: Overview of protections against credit risk p.71 Table 6-11: Credit exposure secured by financial collateral and coverage ratio breakdown p.71 Table 6-12: Protected exposure by guarantor rating class p.72 Table 6-13: Standardised approach p.72 Table 6-14: EIB's internal ratings p.73 Table 6-15: Estimation of weighted average risk parameters by IRB portfolio and PD range at year-end p.76 Table 6-16: Back-testing the internal rating process and PD per portfolio p.78 Table 6-17: Changes in IRB credit risk RWA during 2019 p.79 Table 6-18: Credit risk mitigation effect on RWA p.79 Table 6-19: Exposure weighted-average risk parameters by relevant geographical region p.80 Table 6-20: Equities under the simple risk weight method p.82 Table 6-21: Cash and other non-credit obligation exposures p.82 Table 7-1: Analysis of counterparty credit risk exposure (CCR) by approach p.85 Table 7-2: IRB - CCR exposures by portfolio and PD scale p.86 Table 7-3: Credit valuation adjustment (CVA) overview p.86 Table 7-4: Impact of netting and collateral held on exposure values p.87 Table 8-1: Securitisation activities - Balance of securitised product exposure and their type at the end of each reporting period p.92 Table 8-2: Securitisation positions and associated regulatory capital - Bank acting as originator p.92 Table 8-3: Securitisation positions and associated regulatory capital - Bank acting as investor p.93 Table 8-4: Summary of capital requirements (RGC) for securitisation activities p.93 Table 8-5: Exposures securitised by the institution - Exposures in default and specific credit risk adjustments p.94

118 | EIB Group Risk Management Disclosure Report 2019 Table 9-1: Market risk under standardised approach p.95 Table 9-2: FX risk stress test results for EIB p.96 Table 9-3: Market risk stress testing results for EIB p.99 Table 9-4: Interest Rate Risk in the Banking Book: EBA standardised stress test scenarios p.100 Table 9-5: Interest Rate Risk in the Banking Book: standardised stress test on +200bp shift scenario p.100 Table 10-1: Liquidity coverage ratio p.106 Table 10-2: Encumbered and unencumbered assets of the EIB Group p.108 Table 10-3: Encumbrance of collateral received by the EIB Group p.108 Table 10-4: Sources of encumbrance p.108

EIB Group Risk Management Disclosure Report 2019 | 119 13.5. Appendix V - Reconciliation with financial statementsThe following table presents a high-level reconciliation between the EIB consolidated balance sheet prepared under EU accounting directives and regulatory exposures subject to credit risk calculation. Summary reconciliation of accounting assets and A-IRB regulatory exposures 31.12.2019 On-balancesheet amounts Off-balancesheet amounts Fair value of derivatives Exposure atdefault modelling Credit conversionfactors RegulatoryEAD EUR million Cash 947 0 0 0 0 947 Money market deposits and reverse repos 55,364 0 0 -5,441 0 49,923 Treasury bills and debt securities (including loan substitutes) 46,874 0 0 -3,608 0 43,266 Loans and advances 427,235 112,571 0 33,037 -14,329 558,514 Specific provisions -480 0 0 480 0 0 Shares and variable yield securities 8,276 9,712 0 2,678 0 20,666 Tangible and intangible assets 273 0 0 0 0 273 Other assets 57 0 -2 0 0 55 Prepayments and accrued income 16,662 0 -14,001 -2,052 0 609 Derivatives 0 0 17,263 49,063 0 66,326 Guarantees issued 0 20,546 0 0 -16,905 3,641 Total 555,208 142,829 3,260 74,157 -31,234 744,220

120 | EIB Group Risk Management Disclosure Report 2019 13.6. Appendix VI - CRR Disclosures compliance references CRR article Disclosure requirement Compliance reference Article 431 - Scope of disclosure requirements 431 (1) Institutions shall publicly disclose the information laid downin Part Eight, Title II. As disclosed in the current Pillar 3 report. 431 (2) Firms with permission to use specific operational riskmethodologies must disclose operational risk information. Not applicable. 431 (3) Institution must have a policy covering frequency ofdisclosures, their verification, comprehensiveness and overall appropriateness. A formal Pillar 3 policy was implemented during 2018. 431 (4) Institutions shall, if requested, explain their rating decisionsto SMEs and other corporate applicants for loans. Requests for information addressed to the EIB Group are handledby the Infodesk in line with the Group’s Transparency Policy. As the Group does not directly lend to SMEs, these will usually be informed that loan decisions and conditions of financing fall within the remit of the Financial Intermediaries and that the Group is not involved in the rating decision-making process. Article 432 - Non-material, proprietary or confidential information 432 (1) Institutions may omit information that is not material ifcertain conditions are respected. Qualitative disclosures with regard to EIB’s fully consolidatedsubsidiary, EIF, are subject to the proportionality of EIF’s risk in the context of the Group and may be omitted on the grounds of immateriality, as appropriate. 432 (2) Institutions may omit information that is proprietary orconfidential if certain conditions are respected. The EIB Group does not omit any information for proprietary orconfidentiality reasons. 432 (3) Where 432 (2) applies, this must be stated in thedisclosures, and more general information must be disclosed. As disclosed in the current Appendix. 432 (4) Paragraphs 1, 2 and 3 are without prejudice to the scope ofliability for failure to disclose material information. Not applicable. The EIB Group provides all relevant disclosures inthis report. Article 433 - Frequency of disclosure 433 Disclosures must be published once a year at a minimum,and more frequently if necessary. EIB Group Pillar 3 disclosures are published once a year. Article 434 - Means of disclosure 434 (1) Disclosures shall be provided in one medium or whereinformation is included in another medium, it will be clearly referenced. The majority of the disclosures are provided in the current Pillar 3report. For those Pillar 3 disclosures that are included solelywithin the EIB’s Annual Financial Report a specific reference is included in the current Appendix and/or within the respective Sections. 434 (2) Equivalent disclosures made under other reportingrequirements (e.g. financial statements) may be deemed to constitute compliance with Pillar 3 disclosure requirements. Where disclosures are included solely in the EIB’s Annual FinancialReport (as described in the point above) the Group deems that these constitute compliance with Pillar 3 disclosure requirements. Article 435 - Risk management objectives and policies 435 (1) (a) The strategies and processes to manage risks. See Section 4.2 on risk management framework, which includesan overview of the EIB’s risk management principles and Section4.4 on risk management guidelines and processes. The former Section also identifies risk types, presents the risk management principles of the Group, and introduces its risk identification and assessment process.Section 4.3 outlines the Group’s risk appetite framework and riskappetite statement. In addition, the risk management process for each risk type is disclosed separately (Chapters 5 to 11). 435 (1) (b) The structure and organisation of the relevant riskmanagement function. See Section 4.1 with regard to the Group’s risk managementorganisation, including detailed organisational structures of the EIB and the EIF.

EIB Group Risk Management Disclosure Report 2019 | 121 CRR article Disclosure requirement Compliance reference 435 (1) (c) The scope and nature of risk reporting and measurementsystems. Along with the strategies and processes to manage risks, relevantrisk reporting and measurement are also discussed (see Chapters5 to 11). See also Section 4.2 Risk management framework on Pillar 1 and 2 reporting and oversight. 435 (1) (d) The policies for hedging and mitigating risk, and strategiesand processes of monitoring the continuing effectiveness of hedges and mitigants. See Section 6.2 on credit risk mitigation, as well as the paragraphsunder the heading ‘Management, monitoring and reporting’ for other risk types. 435 (1) (e) A declaration approved by the management body on theadequacy of risk management arrangements of the institution, providing assurance that the risk management systems put in place are adequate with regard to the institution's profile and strategy. See Section 4.2 ‘Risk management framework’ and how the Group follows the principles of the “three lines of defence”. 435 (1) (f) A concise risk statement approved by the managementbody, succinctly describing the institution's overall risk profile associated with the business strategy. See Chapter 2 ‘Executive Summary’, which provides key riskmetrics and an overview of the risk profile of the Group. SeeSection 4.3 ‘Risk Appetite Framework’ for an overview of the Group’s risk appetite and tolerance. 435 (2) (a) Number of directorships held by members of themanagement body. Individual curriculum vitae and declaration of interest of membersof the Management Committee are available on the EIB’s official website.Individual curriculum vitae of members of the Board of Directors are available on the EIB’s official website.In accordance with Article 4 of the Code of Conduct for theMembers of the Board of Directors, Board members shall disclose to the Ethics and Compliance Committee (ECC) any official or professional position they hold at the time of their appointment, as well as any subsequent changes thereto. 435 (2) (b) The recruitment policy for the selection of members of themanagement body and their actual knowledge, skills and expertise. In accordance with the Statute of the Bank, the EIB’s Board ofDirectors consists of 29 directors and 19 alternate directors whoshall be chosen from persons whose independence and competence are beyond doubt and appointed by the Board of Governors for a collective five-year mandate that is renewable. In accordance with Article 23.a, first paragraph, of the Rules of Procedure of the Bank, the members of the Management Committee shall be persons of independence, competence and have experience in financial, banking and/or European Union matters. They shall at all times be of high integrity and enjoy highreputation; and, possess sufficient knowledge, skills and expertise to perform their duties.By virtue of Article 23.a, second paragraph, of the Rules of Procedure, the Appointment Advisory Committee shall give non-binding opinions on candidates' suitability to perform the duties of member of the Management Committee of the EuropeanInvestment Bank.Information on the knowledge, skills and expertise of members of the EIB management bodies is available in their individual curriculum vitae on the EIB’s official website. 435 (2) (c) The policy on diversity with regard to selection of membersof the management body, its objectives and any relevant targets set out in that policy, and the extent to which these objectives and targets have been achieved. In accordance with Article 23.a, second paragraph, of the Rules ofProcedure of the Bank, the overall composition of the Management Committee shall aim to reflect an adequately broad range of expertise as well as gender diversity.Gender diversity in the Board of Directors is reported in the EIB Annual Corporate Governance Report available on the EIB’s official website. 435 (2) (d) Whether or not the institution has set up a separate riskcommittee and the number of times the risk committee has met. The EIB Group has a separate Risk Policy Committee. It meetsquarterly or more frequently upon request. During 2019 it met nine times. It gives non-binding opinions and provides recommendations to the Board of Directors in relation to Bank risk policies so as to facilitate the decision-making process of the Board. See also Section 4.1. ‘Risk management organisation’.

122 | EIB Group Risk Management Disclosure Report 2019 CRR article Disclosure requirement Compliance reference 435 (2) (e) Description of the information flow on risk to themanagement body. A monthly internal risk report provides a detailed view on credit,ALM, and financial risks and is provided to the Management Committee and the Board of Directors. Article 436 - Scope of application 436 (a) The name of the institution to which the requirements ofthe CRR apply. See Chapter 1 ‘Overview of EIB Group’ and Section 3.2 ‘Scope ofapplication’. 436 (b) An outline of the differences in the basis of consolidationfor accounting and prudential purposes. See Chapter 1 ‘Overview of EIB Group’ and Section 3.2 ‘Scope ofapplication’. 436 (c) Any current or foreseen material practical or legalimpediment to the prompt transfer of own funds or repayment of liabilities among the parent undertaking and its subsidiaries. Not applicable. The EIF’s shareholders comprise the EIB, theEuropean Union and financial institutions’ shareholders. Together the EIB and the European Union are committed to hold more than 88% of the shares in EIF capital. The EIF’s members have committed themselves to provide additional capital (up to 80% of the par value of each share – callable capital) in addition to paid- in capital upon request by the EIF General Meeting and to the extent required for the EIF to meet its liabilities towards its creditors. 436 (d) The aggregate amount by which the actual own funds areless than required in all subsidiaries not included in the consolidation, and the name or names of such subsidiaries. Not applicable. All subsidiaries are fully consolidated. 436 (e) If applicable, the circumstance of making use of Articles 7‘Derogation to the application of prudential requirements on an individual basis’ and 9 ‘Individual consolidation method’. Not applicable. The EIB Group does not make use of thederogation described in Article 7 or the individual consolidation method specified in Article 9 of the CRR. Article 437 - Own Funds 437 (1) Disclosure requirements regarding Own Funds. See Chapter 5, Section 5.2 ‘Regulatory capital’, Tables 5-1, 5-2 and5-3. Article 438 - Capital Requirements 438 (a) A summary of the institution's approach to assessing theadequacy of its internal capital to support current and future activities. Information on the Group's approach to assessing the adequacyof its internal capital is included in Section 4.2 under the heading ‘Pillar 2 reporting and oversight’. 438 (b) Upon demand from the relevant competent authority, theresult of the ICAAP. As the EIB Group is not formally subject to the CRR, but complieswith it on a voluntary basis, it has not received such request. 438 (c) - (d) Disclosure of capital requirements for each regulatoryexposure class calculated under Standardised Approach and Internal Ratings-Based Approach. See Chapter 5, Section 5.3 ‘Regulatory capital’, Table 5-5. 438 (e) Own funds requirements, calculated in accordance withpoints (b) and (c) of Article 92(3) of CRR, concerningposition risk, large exposures exceeding the limits, foreign- exchange risk, settlement risk and commodities risk. As disclosed in Chapter 9 ‘Market risk’. Own funds calculations arerequired solely for foreign-exchange risk and position risk relatedto non-securitisation debt instruments (Interest rate risk in the trading book). 438 (f) Own funds requirements for operational risk calculated inaccordance with Part Three, Title III, Chapters 2, 3 and 4 and disclosed separately. See Chapter 5, Section 5.3 ‘Regulatory capital’, Table 5-5. 438(endnote) Requirement to disclose specialised lending exposures andequity exposures in the banking book falling under the simple risk weight approach. For equity exposures under the simple risk weight approach, seeChapter 6.4 ‘Internal Ratings Based approach’, Table 6-20. Specialised lending exposures are not subject to the simple risk weight approach. Article 439 - Exposure to counterparty credit risk (CCR) 439 (a) A discussion of the methodology used to assign internalcapital and credit limits for counterparty credit exposures. Information is provided in Section 7.1 ‘Counterparty credit riskmanagement’. 439 (b) A discussion of policies for securing collateral andestablishing credit reserves. Information is provided in Section 7.1 ‘Counterparty credit riskmanagement’. 439 (c) A discussion of policies with respect to wrong way riskexposures. Information is provided in Section 7.1 ‘Counterparty credit riskmanagement’, but no policy currently considers wrong way risk exposures explicitly.

EIB Group Risk Management Disclosure Report 2019 | 123 CRR article Disclosure requirement Compliance reference 439 (d) A discussion of the impact of the amount of collateral theinstitution would have to provide given a downgrade in its credit rating. Under its contractual arrangements, the EIB Group is not requiredto post collateral in the event of a downgrade in its credit rating. 439 (e) Gross positive fair value of contracts, netting benefits,netted current credit exposure, collateral held and net derivatives credit exposure. Information is provided in Table 7-4. 439 (f) Measures for exposure value under the methods set out inPart Three, Title II, Chapter 6, Sections 3 to 6 whichever method is applicable; Information is provided in Tables 7-1 and 7-3. 439 (g) The notional value of credit derivative hedges, and thedistribution of current credit exposure by types of credit exposure. Not applicable as no credit derivatives are currently in use. 439 (h) The notional amounts of credit derivative transactions. Not applicable as no credit derivatives are currently in use. 439 (i) The estimate of α if the institution has received thepermission of the competent authorities to estimate α. Not applicable as the Group is currently not using the InternalModel Method (IMM). Article 440 - Capital buffers 440 (1) (a) Geographical distribution of exposures relevant for thecalculation of the countercyclical capital buffer. Section 5.5, ‘Combined CRD IV Buffer, Table 5-9. 440 (1) (b) Amount of institution-specific countercyclical capital buffer Section 5.5, ‘Combined CRD IV Buffer, Table 5-9. Article 441 - Indicators of global systemic importance 441 (1) Values of the indicators used for G-SII score. The EIB Group is neither identified, nor required to hold a G-SIIbuffer. Article 442 - Credit risk adjustments 442 (a) The definitions for accounting purposes of 'past due' and'impaired'. The definitions of ‘past due’, ‘default’ and ‘impaired’ foraccounting purposes are provided in Section 6.1 under the title ‘Portfolio quality and credit risk adjustments’. 442 (b) A description of the approaches and methods adopted fordetermining specific and general credit risk adjustments. See Section 6.1. 442 (c) The total amount of exposures after accounting offsets andwithout taking into account the effects of credit risk mitigation, and the average amount of the exposures overthe period broken down by different types of exposure classes. See Table 6-6 on the total and average exposures post-substitution and pre-mitigation by collateral. 442 (d) The geographic distribution of the exposures, broken downin significant areas by material exposure classes, and further detailed if appropriate; See Table 6-7. 442 (e) The distribution of the exposures by industry orcounterparty type, broken down by exposure classes, including specifying exposure to SMEs, and further detailed if appropriate. See Table 6-8. 442 (f) The residual maturity breakdown of all the exposures,broken down by exposure classes, and further detailed if appropriate. See Table 6-9. 442 (g) (i-iii) By significant industry or counterparty type, the amount of:impaired exposures and past due exposures, provided separately;specific and general credit risk adjustments;charges for specific and general credit risk adjustments during the reporting period. See Table 6-5. 442 (h) The amount of the impaired exposures and past dueexposures, provided separately, broken down by significant geographical areas including, if practical, the amounts ofspecific and general credit risk adjustments related to each geographical area. See Table 6-5.

124 | EIB Group Risk Management Disclosure Report 2019 CRR article Disclosure requirement Compliance reference 442 (i) (i-v) The reconciliation of changes in the specific and generalcredit risk adjustments for impaired exposures, shown separately. The information shall comprise:a description of the type of specific and general creditrisk adjustments;the opening balances;the amounts taken against the credit risk adjustments during the reporting period;the amounts set aside or reversed for estimatedprobable losses on exposures during the reporting period, and any other adjustments;the closing balances. See Note D.2 of the EIB’s Group Consolidated FinancialStatements under EU directives. 442(endnote) Specific credit risk adjustments and recoveries recordeddirectly to the income statement shall be disclosed separately. See Note D.2 of the EIB’s Group Consolidated FinancialStatements under EU directives. Article 443 - Unencumbered assets 443 Disclosure on encumbered and unencumbered assets. The EIB Group follows the Commission Delegated Regulation2017/2295 for disclosure of encumbered and unencumbered assets. See Section 10.5 ‘Asset encumbrance’, Tables 10-2, 10-3,and 10-4. Article 444 - Use of ECAIs 444 Disclosures on the use of ECAIs. See Section 6-3. Not applicable, as the EIB Group makes verylimited use of the Standardised Approach, mostly on its strategic equity-type investments. For the Corporate exposures under SA there are no ECAIs credit ratings available and consequently 100% risk weight default treatment is applied. Article 445 - Exposure to market risk 445 Own funds requirements, calculated in accordance withpoints (b) and (c) of Article 92(3) of CRR, concerning position risk, large exposures exceeding the limits, foreign- exchange risk, settlement risk and commodities risk. As disclosed in Chapter 9 ‘Market risk’. Own funds calculations arerequired solely for foreign-exchange risk and position risk related to non-securitisation debt instruments (Interest rate risk in the trading book). Article 446 - Operational risk 446 Institutions shall disclose the approaches for theassessment of own funds requirements for operational riskthat the institution qualifies for; a description of the methodology set out in Article 312(2) of CRR, if used by the institution, including a discussion of relevant internal and external factors considered in the institution's measurement approach, and in the case of partial use, the scope and coverage of the different methodologies used. See Section 4.4.3 and Chapter 11. Article 447 - Exposure in equities not included in the trading book 447 (a) The differentiation between exposures based on theirobjectives, including for capital gains relationship and strategic reasons, and an overview of the accounting techniques and valuation methodologies used, including key assumptions and practices affecting valuation and any significant changes in these practices. Types of equity exposures and their objectives are explained inSection 9.2.4. 447 (b) The balance sheet value, the fair value and, for thoseexchange-traded, a comparison to the market price where it is materially different from the fair value. The balance sheet value and the corresponding fair values aredisclosed under Note T ‘Fair value of financial instruments’ of the EIB Group’s Consolidated Financial Statements under EU directives. 447 (c) The types, nature, and amounts of exchange-tradedexposures, private equity exposures in sufficiently diversified portfolios, and other exposures. See Table 6-20.

EIB Group Risk Management Disclosure Report 2019 | 125 CRR article Disclosure requirement Compliance reference 447 (d) The cumulative realised gains and losses arising from salesand liquidations. See Note P ‘Net result on financial operations’ of the EIB Group’sConsolidated Financial Statements under EU directives. 447 (e) The total unrealised gains and losses and the total latentrevaluation gains or losses in the period. See Note E.2 ‘Shares, other variable-yield securities andparticipating interests’ of the EIB Group’s Consolidated Financial Statements under EU directives. Article 448 - Exposure to interest rate risk on positions not included in the trading book 448 The nature of the interest rate risk and the key assumptionsand frequency of measurement of the interest rate risk. See Section 9.3 ‘Non-traded market risk’. 448 The variation in earnings, economic value or other relevantmeasure used by the management for upward and downward rate shocks. See Section 9.3 ‘Non-traded market risk’, Tables 9-4 and 9-5 Article 449 - Exposure to securitisation positions 449 (a) A description of the institution's objectives in relation tosecuritisation activity. See Section 8.1 ‘Securitisation management’. 449 (b) The nature of other risks including liquidity risk inherent insecuritised assets. See Section 8.1 ‘Securitisation management’. 449 (c) The type of risks in terms of seniority of underlyingsecuritisation positions and in terms of underlying assets. See Section 8.1 ‘Securitisation management’. 449 (d) The different roles played by the institution in thesecuritisation process. See Section 8.1 ‘Securitisation management’. 449 (e) An indication of the extent of the institution's involvementin each of the roles referred to in point (d). See Section 8.1 ‘Securitisation management’. 449 (f) A description of the processes in place to monitor changesin the credit and market risk of securitisation exposures. See “Management, monitoring and reporting” under Section 8.1‘Securitisation management’. 449 (g) A description of the institution's policy governing the use ofhedging and unfunded protection to mitigate the risks of retained securitisation and re-securitisation exposures. The retained securitisation and re-securitisation exposures aremanaged directly in the banking book as normal loans and no specific hedging takes place. In terms of unfunded protection, the Bank has exposure to several facilities (as originator of the respective synthetic securitisations) that focus on debt-based financing via loans and guarantees, where the residual risk is significantly reduced via unfunded first loss protection provided by a third party. For further information, see Section 8.1 ‘Securitisation management’. 449 (h) The approaches to calculating risk-weighted exposureamounts that the institution follows for its securitisation activities including the types of securitisation exposures to which each approach applies. See Table 8-2 and 8-3, which provide an overview of usedapproaches and the exposure and RWA treated under the approach. 449 (i) The types of SSPE that the institution, as sponsor, uses tosecuritise third-party exposures. Not applicable, as the Group is not a sponsor of any transactionsand does not manage or advise entities that invest in own originated securitisations. 449 (j) A summary of the institution's accounting policies forsecuritisation activities: See Section 8.1 ‘Securitisation management’, as well as NotesA.2.6 of the Consolidated Financial Statements under EUdirectives and B.4.2 ‘Involvement with unconsolidated structured entities’ of the EIB Group’s Consolidated Financial Statements under IFRS. 449 (j) (i) Whether the transactions are treated as sales or financings. Not applicable, as there have been no securitisation transactions,where the Group acts as originator, that were transferred to third parties. 449 (j) (ii) The recognition of gains on sales. Not applicable, as:there have been no securitisation transactions, where the Group acts as originator, that were transferred to third parties;the loan substitutes are classified as held to maturity. 449 (j) (iii) The methods, key assumptions, inputs and changes fromthe previous period for valuing securitisation positions. See Note A.2.6 of the Consolidated Financial Statements under EUdirectives, as well as Note R ‘Fair value of financial assets andliabilities’ of the EIB Group’s Consolidated Financial Statements under IFRS.

126 | EIB Group Risk Management Disclosure Report 2019 CRR article Disclosure requirement Compliance reference 449 (j) (iv) The treatment of synthetic securitisations if not covered byother accounting policies. See Section 8.1 ‘Securitisation management’. 449 (j) (v) How assets awaiting securitisation are valued and whetherthey are recorded in the institution's non-trading book or the trading book. Not applicable. 449 (j) (vi) Policies for recognising liabilities on the balance sheet forarrangements that could require the institution to provide financial support for securitised assets. See Section 8.1 ‘Securitisation management’. 449 (k) The names of the ECAIs used for securitisations and thetypes of exposure for which each agency is used. The ECAIs used for external ratings are described in Section 8.1. 449 (l) Description of the Internal Assessment Approach. Not applicable as the Internal Assessment Approach is not used. 449 (m) An explanation of significant changes to any of thequantitative disclosures in points (n) to (q) since the last reporting period. See section 8.2 ‘Quantitative disclosures’. 449 (n) (i) Total amount of outstanding exposures securitised by theinstitution, separately for traditional and syntheticsecuritisations, and securitisations for which the institution acts only as sponsor. See Tables 8-1 and 8-3. 449 (n) (ii) The aggregate amount of on-balance sheet securitisationpositions retained or purchased and off-balance sheet securitisation exposures. See Table 8-1. 449 (n) (iii) The aggregate amount of assets awaiting securitisation. Not applicable. 449 (n) (iv) Disclosures for securitised facilities subject to the earlyamortisation treatment. Not applicable. 449 (n) (v) The amount of securitisation positions that are deductedfrom own funds or risk-weighted at 1250%. See Tables 8-2 and 8-3. 449 (n) (vi) A summary of the securitisation activity of the currentperiod, including the amount of exposures securitised and recognised as a gain or loss on sale. See Section 8.1 ‘Securitisation management’. There were no gainsor losses on sale recognised, as described under the line for CRR Article 449 (j) (ii) above. 449 (o) (i) Aggregate amount of securitisation positions retained orpurchased and the associated capital requirements. See Table 8-4. 449 (o) (ii) The aggregate amount of re-securitisation exposuresretained or purchased. See Table 8-4. 449 (p) Amount of impaired/past due assets securitised and thelosses recognised by the institution during the current period, both broken down by exposure type. See Table 8-5. 449 (q) For the trading book, the total outstanding exposuressecuritised by the institution and subject to a capital requirement for market risk, broken down into traditional/ synthetic and by exposure type. Not applicable, since there are no securitised exposures in thetrading book. 449 (r) Where applicable, whether the institution has providedsupport within the terms of Article 248(1) and the impact on own funds. Not applicable. Article 450 - Remuneration disclosures 450 (1) Disclosures regarding the remuneration policy and practicesof the institution for those categories of staff whose professional activities have a material impact on its risk profile. See Chapter 12. Article 451 - Leverage 451 (1) (a) The leverage ratio and how the institution applies Article499(2) and (3). The EIB Group makes use of Article 499 (3) and calculates an end-of quarter leverage ratio.

EIB Group Risk Management Disclosure Report 2019 | 127 CRR article Disclosure requirement Compliance reference 451 (1) (b) A breakdown of the total exposure measure as well as areconciliation of the total exposure measure with therelevant information disclosed in published financial statements. See Section 5.4 ‘Leverage ratio’, Tables 5-6, 5-7 and 5-8. 451 (1) (c) Where applicable, the amount of derecognised fiduciaryitems in accordance with Article 429(11). Not applicable, there are no derecognised fiduciary items. 451 (1) (d) A description of the processes used to manage the risk ofexcessive leverage. See Section 5.4 ‘Leverage ratio’. 451 (1) (e) A description of the factors that had an impact on theleverage ratio during the period to which the disclosed leverage ratio refers. See Section 5.4 ‘Leverage ratio’ and Chapter 2 ‘ExecutiveSummary’. Article 452 - Use of IRB approach to credit risk 452 (a) The competent authority's permission in respect of theapproach or approved transition. Not applicable, EIB Group is committed to applying best bankingpractice and thus applies the A-IRB approach voluntarily. A-IRB models are validated internally. 452 (b) (i) The structure of internal rating systems and the relationshipbetween internal and external ratings. See Section 6.4 ‘Internal Ratings-Based approach’. 452 (b) (ii) The use of internal estimates other than for calculating risk-weighted exposure amounts in accordance with the IRB approach. See Section 6.4 ‘Internal Ratings-Based approach’. 452 (b) (iii) The process for managing and recognising credit riskmitigation. See Section 6.2 ‘Credit risk mitigation’. 452 (b) (iv) The control mechanisms for rating systems including adescription of independence, accountability, and rating systems review. See Section 6.4 ‘Internal Ratings-Based approach’. 452 (c) A description of the internal ratings process, providedseparately for the following exposure classes: See below: 452 (c) (i) Central governments and central banks; See Section 6.4 ‘Internal Ratings-Based approach’. 452 (c) (ii) Institutions; See Section 6.4 ‘Internal Ratings-Based approach’. 452 (c) (iii) Corporate, including SMEs, specialised lending andpurchased corporate receivables; See Section 6.4 ‘Internal Ratings-Based approach’. 452 (c) (iv) Retail Not applicable, as the EIB Group has no retail exposures. 452 (c) (v) Equities Not applicable, as the EIB applies the simple risk weight approachfor equity exposures. 452 (d) The exposure values for each exposure class. See Section 6.4 ‘Internal Ratings-Based approach’,Table 6-15 and Chapter 7 ‘Counterparty credit risk’, Table 7-2. 452 (e) For each exposure class, and across a sufficient number ofobligor grades (including default) to allow for a meaningful differentiation of credit risk. See below: 452 (e) (i) Total exposures, including for the exposure classes ofcentral governments and central banks, institutions and corporate, the sum of outstanding loans and exposurevalues for undrawn commitments; and for equities the outstanding amount. See Section 6.4 ‘Internal Ratings-Based approach’,Table 6-15 and Chapter 7 ‘Counterparty credit risk’, Table 7-2. Not applicable for equities, as the EIB applies the simple risk weight approach for those exposures. 452 (e) (ii) Exposure-weighted average risk weight. See Section 6.4 ‘Internal Ratings-Based approach’,Table 6-15, column ‘RWA density’ and Chapter 7 ‘Counterparty credit risk’, Table 7-2, column ‘RWA density’. 452 (e) (iii) For the institutions using own estimates of conversionfactors for the calculation of risk-weighted exposure amounts, the amount of undrawn commitments and exposure-weighted average exposure values for each exposure class. See Section 6.4 ‘Internal Ratings-Based approach’Table 6-15. 452 (f) Disclosure on retail exposures. Not applicable, as the EIB Group has no retail exposures.

128 | EIB Group Risk Management Disclosure Report 2019 CRR article Disclosure requirement Compliance reference 452 (g) The actual specific credit risk adjustments in the precedingperiod for each exposure class and how they differ from past experience. See Table 6-4 in conjunction with Table 6-15. 452 (h) A description of the factors that impacted on the loss experience in the preceding period. See Section 6.4 ‘Internal Ratings-Based approach’ Table 6-16. 452 (i) The institution's estimates against actual outcomes over alonger period. At a minimum, this shall include information on estimates of losses against actual losses in each exposure class over a period sufficient to allow for a meaningful assessment of the performance of the internal rating processes for each exposure class. See Section 6.4 ‘Internal Ratings-Based approach’ Table 6-16. 452 (j) (i)-(ii) For all IRB exposure classes and for the institutions usingown LGD estimates for the calculation of risk-weighted exposure amounts, the exposure-weighted average LGD and PD in percentage terms for each relevant geographical location of credit exposures. See Section 6.4 ‘Internal Ratings-Based approach’Table 6-19. Article 453 - Use of credit risk mitigation techniques 453 (a) The policies and processes for, and an indication of theextent to which the entity makes use of, on- and off- balance sheet netting; See Sections 4.4.2. ‘Financial risk’, 6.2 ‘Credit risk mitigation’, 7.1‘Counterparty credit risk management’, as well as Note R, part‘Offsetting financial assets and financial liabilities’ of the EIB Group’s Consolidated Financial Statements under IFRS. 453 (b) The policies and processes for collateral valuation andmanagement; See Section 6.2 ‘Credit risk mitigation’. 453 (c) A description of the main types of collateral taken by theinstitution; See Section 6.2 ‘Credit risk mitigation’. 453 (d) The main types of guarantor and credit derivativecounterparty and their creditworthiness; See Section 6.2 ‘Credit risk mitigation’ and Table 6-10. 453 (e) Information about market or credit risk concentrationswithin the credit mitigation taken; See Section 6.2 ‘Credit risk mitigation’. 453 (f)-(g) Separately for each exposure class, the total exposure thatis covered by guarantees or credit derivatives. See Section 6.2 ‘Credit risk mitigation’Table 6-10. Article 454 - Use of Advanced Measurement Approaches to operational risk 454 Disclosures on use of AMA to operational risk See Section 11 ‘Operational risk’. Article 455 - Use of internal market risk models 455 Disclosure on use of Internal Market Risk Models Not applicable, as the EIB Group does not calculate capitalrequirements for market risk using Internal Market Risk Models.

European Investment Bank98 -100, boulevard Konrad Adenauer L-2950 Luxembourg3 +352 4379-22000www.eib.org – U info@eib.org © European Investment Bank, 06/2020 - EN Risk Management Disclosure Report 2019