UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

WASHINGTON, D.C. 20549

FORM 6-K

REPORT OF FOREIGN ISSUER

PURSUANT TO RULE 13a-16 OR 15d-16

UNDER THE SECURITIES EXCHANGE ACT OF 1934

For the month of February, 2021

Commission file number: 1-10110

BANCO BILBAO VIZCAYA ARGENTARIA, S.A.

(Exact name of Registrant as specified in its charter)

BANK BILBAO VIZCAYA ARGENTARIA, S.A.

(Translation of Registrant’s name into English)

Calle Azul 4,

28050 Madrid

Spain

(Address of principal executive offices)

Indicate by check mark whether the registrant files or will file annual reports under cover of Form 20-F or Form 40-F:

Form 20-F  ☒            Form 40-F  ☐

Indicate by check mark if the registrant is submitting the Form 6-K in paper as permitted by Regulation S-T Rule 101(b)(1):

Yes  ☐            No  ☒

Indicate by check mark if the registrant is submitting the Form 6-K in paper as permitted by Regulation S-T Rule 101(b)(7):

Yes  ☐            No  ☒

ANNUAL CORPORATE GOVERNANCE REPORT OF LISTED COMPANIES

ISSUER IDENTIFICATION

Tax Identification No. [C.I.F.].    A-48265169

Company Name: BANCO BILBAO VIZCAYA ARGENTARIA, S.A.

Registered Office: Plaza de San Nicolás, 4, 48005 Bilbao (Bizkaia)

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

1

ANNUAL CORPORATE GOVERNANCE REPORT

OF LISTED COMPANIES

A. OWNERSHIP STRUCTURE

A.1 Fill in the following table on the company’s share capital:

Indicate if there are different share classes with different rights associated with them:

No

A.2 Detail the direct and indirect holders of significant shareholdings in the company at financial year-end, excluding directors:

Details of indirect participation:

Indicate the most significant changes in the shareholder structure during the financial year:

State Street Bank and Trust Co., The Bank of New York Mellon S.A.N.V. and Chase Nominees Ltd., as international custodian/depositary banks, hold, as of 31 December 2020, 10.94%, 1.31% and 8.36% of BBVA’s share capital, respectively. Of said positions held by the custodian banks, BBVA is not aware of any individual shareholders with direct or indirect holdings greater than or equal to 3% of the BBVA share capital.

Communication of significant shareholdings to the Spanish National Securities Market Commission (CNMV): On 18 April 2019, Blackrock, Inc. informed the CNMV that it had an indirect holding of 5.917% of BBVA’s share capital, through the company Blackrock, Inc.

Communication of significant shareholdings to the CNMV: On 11 May 2020, Norges Bank informed the CNMV that it had a direct holding of 3.366% of BBVA’s share capital.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

2

A.3 Fill in the following tables with the members of the company’s board of directors with voting rights on company shares:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

3

Details of indirect participation:

A.4 Where applicable, indicate any family, commercial, contractual or corporate relationships between holders of significant shareholdings, insofar as the company is aware of them, unless they are of little relevance or due to ordinary trading or exchange activities, except those described in Section A.6:

A.5 Where applicable, indicate any commercial, contractual or corporate relationships between holders of significant shareholdings and the company and/or its group, unless they are of little relevance or due to ordinary trading or exchange activities:

A.6 Describe the relationships, unless insignificant for the two parties, that exist between significant shareholders or shareholders represented on the board and directors, or their representatives in the case of directors that are legal persons.

Explain, as the case may be, how the significant shareholders are represented. Specifically, state those directors appointed to represent significant shareholders, those whose appointment was proposed by significant shareholders or who were linked to significant shareholders and/or their group companies, and specify the nature of the relationships. In particular, indicate, where applicable, the existence, identity and position of board members—or their representatives—of the listed company who are members—or representatives of members—of the management body of companies that hold significant shareholdings in the listed company or of companies of said significant shareholders’ groups.

A.7 Indicate whether the company has been informed of any shareholder agreements that may affect it, as set out under Articles 530 and 531 of the Corporate Enterprises Act. Where applicable, briefly describe them and list the shareholders bound by such agreement:

No

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

4

Indicate whether the company is aware of the existence of concerted actions by its shareholders. If so, describe them briefly:

No

If there has been any amendment or breaking-off of said pacts or agreements or concerted actions in the financial year, indicate this expressly:

A.8 Indicate whether any legal or natural person exercises or may exercise control over the company pursuant to Article 5 of the Securities Exchange Act. If so, identify them:

No

A.9 Fill in the following tables regarding the company’s treasury shares:

At financial year-end:

Give details of any significant changes that have occurred during the financial year:

Explain the significant changes

In 2020, five communications regarding treasury shares were sent to the CNMV, as the acquisitions had exceeded the 1% threshold. The communications were as follows:

A.10 Describe the conditions and term of the current mandate of the general meeting for the board of directors to issue, buy back and transfer treasury shares.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

5

To date, BBVA has not adopted any resolution using this delegated power.

Through the aforementioned delegation, BBVA has made six issuances of contingently convertible perpetual securities (Additional Tier 1 capital instruments), without pre-emptive subscription rights, namely two issuances in the 2017 financial year in the amounts of EUR 500 million and USD 1 billion; one in the 2018 financial year in the amount of EUR 1 billion; two in the 2019 financial year in the amounts of EUR 1 billion and USD 1 billion; and one in 2020 in the amount of EUR 1 billion.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

6

A.11 Estimated floating capital:

Remarks

This estimated floating BBVA capital has been calculated by deducting, from the share capital, the capital held by the direct and indirect holders of significant shares (Section A.2), the members of the Board of Directors (Section A.3) and the capital held in treasury shares (Section A.9), all as of 31 December 2020, in accordance with the instructions for completing the Annual Corporate Governance Report

A.12 Indicate whether there is any restriction (statutory, legislative or of any other kind) on the transferability of securities and/or any restriction on voting rights. In particular, report the existence of any restrictions that might hinder the takeover of the company through the purchase of its shares on the market, as well as any authorisation or prior communication regimes that are applicable to the purchase or transfer of the company’s financial instruments in accordance with sector legislation.

Yes

Description of the restrictions

Regarding the exercise of the right to vote, there are no legal or statutory restrictions on this. Thus, in accordance with Article 31 of the Bylaws, each voting share will confer the right to one vote on the holder, whether present or represented at the General Shareholders’ Meeting, regardless of its disbursement.

There are also no statutory restrictions on the acquisition or transfer of shares in the company’s share capital.

As for the legal restrictions on the acquisition or transfer of holdings in the company’s share capital, Spanish Act 10/2014, of 26 June, on the regulation, supervision and solvency of credit institutions (the LOSS) establishes that the direct or indirect acquisition of a significant holding (as defined in Article 16 of that Act) in a credit institution is subject to assessment by the Bank of Spain as set out in Articles 16 et seq. of that Act. Additionally, Article 25 of Royal Decree 84/2015, implementing the LOSS, establishes that the Bank of Spain shall evaluate proposals for acquisitions of significant shares and submit a proposal to the European Central Bank regarding whether to oppose this acquisition or not. This same article establishes the criteria that should be considered during said evaluation and the applicable timelines.

A.13 Indicate whether the general meeting has agreed to adopt measures to neutralise a public takeover bid, pursuant to Act 6/2007.

No

If so, explain the measures approved and the terms under which the restrictions would be rendered effective:

Explain the measures approved and the terms under which such limitations would cease to apply

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

7

A.14 Indicate whether the company has issued securities that are not traded on a regulated market in the EU.

Yes

Where applicable, indicate the different share classes, and the rights and obligations that each share class confers.

Indicate the different share classes

All the shares in BBVA’s share capital have the same class and series, and confer the same political and economic rights. There are no different voting rights for any shareholder. There are no shares that do not represent capital.

The Bank’s shares are admitted to trade on the stock exchanges in Madrid, Barcelona, Bilbao and Valencia, through the Spanish Stock Exchange Interconnection System (Continuous Market), as well as on the stock exchanges in London and Mexico. BBVA’s American Depositary shares (ADS) are traded on the New York stock exchange.

B. GENERAL SHAREHOLDERS’ MEETING

B.1 Indicate, giving details where applicable, whether there are any deviations from the minimum standards established under the Corporate Enterprises Act (CEA) with respect to the quorum for holding the general meeting.

Yes

Description of the differences

Article 194 of the Corporate Enterprises Act establishes that in order for a general meeting (whether ordinary or extraordinary) to validly resolve to increase or reduce capital or make any other amendment to the bylaws, bond issuance, the suppression or limitation of pre-emptive subscription rights over new shares, or the transformation, merger or spin-off of the company or global assignment of assets and liabilities or the offshoring of domicile, the shareholders present and represented on first calling must own at least 50% of the subscribed capital with voting rights.

On second calling, 25% of said capital will be sufficient.

Notwithstanding the foregoing, Article 25 of the BBVA Bylaws requires a super quorum of two thirds of the subscribed capital with voting rights on first calling, and 60% of the subscribed capital on second calling, for the valid adoption of resolutions on the following matters: change of the corporate purpose; the transformation, total spin-off or winding up of the Company; and the modification of the statutory article defining this super quorum.

B.2 Indicate, giving details where applicable, whether there are any deviations from the minimum requirements established under the Corporate Enterprises Act (CEA) for the adoption of corporate resolutions:

No

B.3 Indicate the rules applicable to amendments to the company bylaws. In particular, report the majorities established to amend the bylaws, and the rules, if any, to safeguard shareholders’ rights when amending the bylaws.

Article 30 of the BBVA Company Bylaws establishes that the General Shareholders’ Meeting is empowered to amend the Company Bylaws and to confirm or rectify the manner in which they are interpreted by the Board of Directors.

To such end, the rules established under Articles 285 et seq. of the Corporate Enterprises Act shall apply.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

8

The above paragraph notwithstanding, Article 25 of the BBVA Bylaws establishes that in order to validly adopt resolutions regarding any change to the corporate purpose, transformation, total spin-off or winding up of the Company and amendment of the second paragraph of said Article 25, two thirds of the subscribed capital with voting rights must attend the General Meeting on first calling, and 60% of said capital on second calling.

As regards the procedure for amending the Bylaws, Article 4.2 c) of Spanish Act 10/2014, of 26 June, on the regulation, supervision and solvency of credit institutions (the LOSS), establishes that the Bank of Spain shall be responsible for authorising the amendments to the bylaws of credit institutions as set out by applicable regulations.

Further to the above, Article 10 of Royal Decree 84/2015, of 13 February, implementing the LOSS, stipulates that the Bank of Spain shall make a decision within two months following receipt of the request for amendment of the Bylaws and that said request must be accompanied by certified minutes recording the agreement, a report substantiating the proposal drawn up by the board of directors and draft new bylaws, identifying the cited amendments.

Notwithstanding the foregoing, the aforementioned Article 10 establishes that no prior authorisation from the Bank of Spain is required, though the latter must be notified for the purposes of entry in the Registro de Entidades de Crédito (Spanish register of credit institutions), for amendments with the following purposes:

This communication must be made within 15 working days following the adoption of the statute amendment resolution.

Finally, as a significant entity, BBVA is under the direct supervision of the European Central Bank (ECB) in cooperation with the Bank of Spain under the Single Supervisory Mechanism, so the authorisation of the Bank of Spain mentioned above will be submitted to the ECB, prior to its resolution by the Bank of Spain.     

B.4 Indicate the data on attendance at general meetings held during the financial year to which this report refers and the previous two financial years:

B.5 Indicate whether there were any items on the agenda that were not approved by shareholders for any reason, for all general meetings that took place in the financial year.

No

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

9

B.6 Indicate if there is any statutory restriction that sets out a minimum number of shares required to attend the general meeting or vote remotely:

Yes

Remarks

Article 23 of the BBVA Bylaws establishes that holders of 500 shares or more may attend ordinary and extraordinary General Shareholders’ Meetings, provided that their shares are registered at least five days prior to such a meeting, in the corresponding accounting record, in accordance with the Securities Exchange Act and other applicable provisions.

Holders of fewer shares may group together until they have at least that number, and name a representative.

However, there is no minimum number of shares required to vote remotely. Pursuant to the provisions of Article 8 of BBVA’s Regulations of the General Shareholders’ Meeting, shareholders may vote by proxy, by post, electronically or by any other means of remote communication, provided that the voter’s identity is duly guaranteed. In terms of the constitution of the General Shareholders’ Meeting, shareholders who vote remotely will be counted as present.

B.7 Indicate whether it has been established that certain decisions, other than those set out by law, involving an acquisition, disposal, the allocation of essential assets to another company or a similar corporate transaction, must be submitted to the general shareholders’ meeting for approval.

No

B.8 Indicate the address and means of access, on the company website, to information on corporate governance and other information on the general meetings that must be made available to shareholders on the Company’s website.

Information relating to corporate governance and the Company’s general meetings can be accessed via the Banco Bilbao Vizcaya Argentaria, S.A. company website, www.bbva.com, in the Shareholders and Investors – Corporate Governance and Remuneration Policy section (https://shareholdersandinvestors.bbva.com/corporate-governance-and-remuneration-policy/).

C. COMPANY MANAGEMENT STRUCTURE

C.1 Board of Directors

C.1.1 Maximum and minimum number of directors established in the bylaws and the number set by the general meeting:

Remarks

In accordance with the provisions of Article 34, Paragraph 2 of the Bylaws, the General Shareholders’ Meeting, held on 13 March 2020, resolved to set the total number of directors on the BBVA Board of Directors at 15.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

10

C.1.2 Fill in the following table on the board members:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

11

Indicate any appointment terminations, as a result of resignation or by resolution of the general meeting, that have occurred on the board of directors during the reporting period:

C.1.3 Fill in the following tables on the board members and their directorship type:

EXECUTIVE DIRECTORS

EXTERNAL PROPRIETARY DIRECTORS

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

12

EXTERNAL INDEPENDENT DIRECTORS

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

13

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

14

Indicate whether any director considered an independent director is receiving from the company or from its group any amount or benefit under any item that is not the remuneration for their directorship, or maintains or has maintained over the last financial year a business relationship with the company or any company in its group, whether in their own name or as a significant shareholder, director or senior manager of an entity that maintains or has maintained such a relationship.

Where applicable, include a reasoned statement from the board with the reasons why it deems that this director can perform their duties as an independent director.

OTHER EXTERNAL DIRECTORS

Identify all other external directors and explain why these cannot be considered proprietary or independent directors, and detail their relationships with the company, its executives or shareholders:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

15

Indicate any changes that may have occurred during the period in the directorship type of each director:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

16

C.1.4 Fill in the following table with information regarding the number of female directors over the last four financial years and their directorship types:

C.1.5 Indicate whether the company has diversity policies for the company’s board of directors with regard to issues such as age, gender, disabilities, or professional training and experience. In accordance with the definition given in the Spanish Account Auditing Act, small and medium-sized companies will have to report, at a minimum, the policy that they have agreed in regard to gender diversity.

Yes

If yes, please outline these diversity policies, their objectives, their measures, the way in which they have been applied and the results thereof in this financial year. Any specific measures adopted by the board of directors and the appointments committee to attain a balanced and diverse representation of directors must also be indicated.

If the company does have a diversity policy, explain the reason for this.

Outline of the policies, their objectives, their measures, the way in which they have been applied and the results thereof

The Bank has a Policy on the selection, suitability and diversity of the BBVA Board of Directors (the Selection Policy), the current text of which was revised and approved at the end of 2020 by the Board of Directors, at the proposal of the Appointments and Corporate Governance Committee, in both cases, in accordance with their respective regulatory powers, taking into account the recommendations included in the Good Governance Code of Listed Companies of the CNMV and local and international best practices and recommendations.

This Selection Policy sets out the principles and criteria governing the process for the selection, appointment and renewal of the members of the BBVA Board of Directors, as well as the legal requirements that directors must meet, including suitability requirements. The Policy also provides for elements and objectives concerning the composition of the corporate bodies, including diversity, which will be attended to ensure that the corporate bodies properly exercise their functions and to guarantee their effective functioning. All the foregoing in the Bank’s best corporate interest.

In this sense, with regard to diversity, the Selection Policy states that the BBVA Board of Directors will promote diversity in the composition of the Bank’s corporate bodies by encouraging the inclusion of people with different profiles, qualities, knowledge, training and experience.

To ensure that the corporate bodies have an adequate and balanced composition, the refreshment and selection processes will encourage diversity of their members, based on the needs of the Bank at all times.

In particular, they will strive to ensure that the Board of Directors has a balanced representation of men and women. To this end, the Appointments and Corporate Governance Committee has set a target for representation of the lesser-represented gender, namely to endeavour that female directors should represent at least 40% of the Board of Directors by the end of the 2022 financial year and beyond, not dropping below 30% prior to this.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

17

Additionally, the composition of the Board of Directors shall seek to feature an adequate balance between the different types of director, for non-executive directors to represent an ample majority over executive directors and for the number of independent directors to account for at least 50% of the total seats.

The corporate bodies shall also seek to combine individuals who have experience and knowledge of the Group, its businesses and the financial sector in general, with others who have training, skills, knowledge and experience in other areas and sectors relevant to the Bank.

In any case, BBVA’s corporate bodies may take any other diversity factor into consideration that is relevant at any given moment to accommodate the composition of the corporate bodies to the needs of the Bank, including criteria such as gender diversity, academic profile, professional experience, knowledge, disability, origin or age, thus being able to achieve an adequate balance aimed at ensuring that the corporate bodies can properly and effectively exercise their functions.

In line with the foregoing, the composition of the BBVA Board of Directors brings together directors with broad experience and knowledge of the financial and banking sector with other directors who have experience and knowledge in the other areas of interest to the Bank and its Group, such as audit, risk management, sustainability, corporate governance, the legal and academic field, multinational enterprise, public institutions and digital business and technology, both at the national and international level.

Together with this diversity of profiles and expertise, the Board has members with broad experience on the Board of Directors, which gives them in-depth knowledge of the Bank and its businesses at both the national and international level. It also ensures that the process of ongoing refreshment of the corporate bodies, which entails the inclusion of new profiles with lesser knowledge of the Group, is carried out without affecting the proper functioning of the Board.

Thus, the Board, as a whole, has suitable balance in its composition and suitable knowledge of the Bank and Group’s environment, activities, strategies and risks, which contributes to bettering its functioning.

In addition, as a result of the Board refreshment process that has taken place in recent years, in 2020:

(i) the appropriate balance between the different types of director has been strengthened and the majority of non-executive directors on the Board has increased (to 86.67%);

(ii) the majority of independent directors has been increased (to 66.67%); and

(iii) the target for female representation established in the Selection Policy applicable to 2020, i.e. for 30% of directors to be female by 2020, has been achieved (specifically, women represent 33.33% of the Board).

Therefore, at the end of the 2020 financial year, the Board of Directors meets the aforementioned diversity targets relating to the composition of the Board of Directors, as provided for in the Selection Policy, which are also in line with applicable regulations.

C.1.6 Explain any measures that have been agreed by the Appointments Committee to ensure that the selection procedures are free from implicit biases that could hinder the selection of female directors, and to ensure that the company includes and makes a conscious effort to find potential female candidates who match the professional profile, in order to achieve a balanced representation of men and women. Also indicate whether these measures include encouraging the company to have a significant number of female senior managers:

Explanation of the measures

As stated in Section C.1.5, the Board of Directors has a Selection Policy that establishes that, with respect to the selection processes for new Bank directors, as part of the process of progressive and systematic refreshment of the corporate bodies, the Appointments and Corporate Governance Committee will ensure that they promote diversity and that, in general, they are not impaired by implicit biases that may lead to any form of discrimination.

Furthermore, the Committee will ensure that these selection processes facilitate the selection of a sufficient number of female directors so as to guarantee a balanced representation of women and men, endeavouring to ensure that women with the relevant professional profile are included amongst potential candidates.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

18

To this end, the Appointments and Corporate Governance Committee has set a target for representation of the lesser-represented gender, namely to endeavour that female directors represent at least 40% of the Board by the end of the 2022 financial year and beyond, not dropping below 30% prior to this.

In light of the foregoing, BBVA has developed director selection processes in recent years, through which it has ensured compliance with the above principles, as they applied at any given time. In particular, the presence of women on the Board has been increasing. At the end of the year, one third of all Board members and 40% of independent directors were female.

As of the date of this report, BBVA has five women on its Board and they are members of five of the Committees. Furthermore, the majority of the members of the Audit Committee and the Remunerations Committee are women, including the Chair of the Remunerations Committee.

This means it is meeting the target established in the Selection Policy, which is aligned with the provisions of the CNMV Good Governance Code, for at least 30% of directors to be female in 2020.

Furthermore, in accordance with the provisions of Article 540 of the Spanish Corporate Enterprises Act, which stipulates that a brief description of the diversity policy, with regard to members of management, must be provided, BBVA has a selection and appointment policy for members of Senior Management that has been approved by the Board.

Said policy is designed to ensure that individuals in Senior Management positions at BBVA have the capacity to properly exercise the responsibilities conferred upon them. Thus, members of BBVA Senior Management must have top-level academic and technical qualifications, professional skills—underpinned by their professional careers to date—applicable to the responsibilities associated with the role to be fulfilled, a recognised honourable business and professional reputation, and commitment to BBVA’s values.

Pursuant to the provisions of this policy, for the assessment of internal talent, performance is assessed in terms of the achievement of objectives, potential to assume greater responsibilities in the future, and individuals’ professional capabilities and skills. These assessments may be supported by means of review sessions during which members of Senior Management analyse the profiles of certain employees and share their opinions on the achievements and strengths of each individual.

Moreover, for the selection of external candidates for senior management positions, references and top-level executive search firms are used. The Talent & Culture area ensures that external candidates possess top-level academic and technical qualifications, that their professional careers to date adequately encompass the responsibilities associated with the roles to be fulfilled, that they have recognised business and professional reputations, and that, during their careers at other organisations, they have demonstrated a high level of alignment with BBVA’s values. The candidates identified through the company’s external selection process are considered alongside internal candidates, in order to select the individual that best fits the role to be fulfilled.

Moreover, in accordance with the Regulations of the Board, the functions of this body include appointing members of Senior Management based on a report from the Appointments and Corporate Governance Committee. Prior to the proposal and appointment, the Bank follows a selection process for members of Senior Management which is governed by the principles and criteria outlined in the selection and appointment policy for members of Senior Management. This process involves analysing the functions and candidate profiles, confirming the suitability of the selected candidate, submitting the proposal for the consideration of the Appointments and Corporate Governance Committee, which drafts a preliminary report for the Board, and, finally, submitting the proposal to the Board for approval, which must be supported by a favourable preliminary report from the Appointments and Corporate Governance Committee.

Appointment of senior managers will be made on the proposal of the Group Executive Chairman for those who report thereto, and of the proposal of the Chief Executive Officer (Consejero Delegado), for those who report instead thereto, prior information to the Group Executive Chairman. The Board of Directors will be responsible for the appointment and dismissal of the head of the Internal Audit area, based on a proposal from the Audit Committee, and the Head of Regulation & Internal Control, on a proposal from the Risk and Compliance Committee, as well as the determination of their objectives and assessment of their performance, on a proposal from the corresponding committee.

Following the implementation of this policy, the number of women in Senior Management has increased, and 27% of senior managers were women at the end of the financial year.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

19

When, despite the measures taken, there are few or no female directors or senior managers, explain the reasons:

Explanation of the reasons

C.1.7 Explain the conclusions of the appointments committee regarding the verification of compliance with the policy aimed at promoting an appropriate composition of the board of directors.

As part of the annual performance assessment of the Board carried out for 2020, the Appointments and Corporate Governance Committee, in accordance with its Regulations, has analysed the structure, size and composition of the corporate bodies, taking into account that these must remain balanced and adapted to their needs at all times, and that the Board as a whole must have the right knowledge, skills and experience to understand the business, activities and main risks of BBVA and its Group, thereby also ensuring that it has the effective capacity to carry out its functions in the Bank’s best corporate interest.

This analysis is carried out in the context of the Board’s ongoing and systematic refreshment of the corporate bodies, whereby people with different profiles and experiences are introduced at appropriate intervals, thus increasing diversity and ensuring adequate rotation of the Board members, thereby guaranteeing a balanced representation of directors with a range of experience.

The analysis also takes into account the forecasts and objectives regarding the structure, size and composition of the Board as set out in applicable legislation, the Regulations of the corporate bodies and the Selection Policy, as well as the end of the statutory terms each director, where appropriate in each year.

The Committee also takes into account the functioning and performance of the corporate bodies in recent years. In 2020, it took into account, in particular, how they have operated during the COVID-19 crisis, during which the directors have shown a great deal of dedication to the Bank as well as demonstrating flexibility and an ability to adapt to the current circumstances, and during which their knowledge of the landscape and the Group itself has not only enabled the corporate bodies to adequately carry out their functions, it has also contributed to the Group being able to tackle the crisis from a position of strength.

Furthermore, the Committee takes into account the areas and subjects that are of particular relevance to the performance of the corporate bodies’ functions, in particular the Group’s current and future activities, business and strategy.

Among the information used by the Committee to carry out its work, of particular note is the skills and diversity matrix of the Board of Directors, which is developed to help to identify the Board’s skills, characteristics and experience, as well as those areas that needed to be improved in the future. The matrix also includes areas, sectors and matters related to banking and finance, as well as others that are of particular relevance to the Group’s strategy and activities.

The matrix includes areas such as banking and financial services; accounting and auditing; risk management; innovation and information technology; macroeconomic strategy and environment; human resources and compensation; institutions, legal and regulations; and corporate governance and sustainability.

The matrix includes directors’ professional experience and career paths in different areas such as, for example, business, boards of directors, public administration and academia, both nationally and internationally. It also indicates the Board’s ratio of men to women.

Regarding the above, the Committee has been able to verify that the Board brings together directors with broad experience and knowledge of the financial and banking sector with other directors who have experience in each of the other areas analysed, and that its directors have a diverse range of career paths, both nationally and internationally.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

20

The Board’s diversity of skills, knowledge and experience has been reinforced by the thorough refreshment process with regard to the corporate bodies, which has seen the introduction of seven new directors in the past three years, which in turn has bolstered said skills, knowledge and experience on the Board in areas of particular relevance to the Bank’s strategy, business and activities.

In this regard, the Board currently comprises directors with diverse experience on the Board, combining newly appointed members with others who have experience in the corporate bodies, and who have significant knowledge of the Group the operational dynamics and working culture of the corporate bodies; facilitating the progressive renewal process of the corporate bodies, which involves appointing new members with lesser knowledge of the Bank, without affecting the proper functioning of the corporate bodies.

Continued in section H.

C.1.8 Where applicable, explain why proprietary directors have been appointed at the behest of shareholders whose holding is less than 3% of the capital:

Indicate whether formal petitions for a seat on the board have been denied if such request has come from shareholders whose holding is equal to or greater than that of others at whose behest proprietary directors were appointed. Where applicable, explain why these petitions were not granted:

No

C.1.9 Where applicable, indicate the powers and faculties delegated by the board of directors to directors or to board committees:

C.1.10 Where applicable, identify any members of the board who hold positions as directors, representatives of directors or executives in other companies that belong to the same group as the listed company:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

21

C.1.11 Where applicable, provide details of any company directors (or representatives of corporate directors) who also serve as directors (or representatives of corporate directors) on the boards of other entities that are listed on regulated markets and do not form part of the company group, of which the company has been informed:

C.1.12 Indicate and, where applicable, explain whether the company has any agreed rules on the maximum number of company boards on which its directors may sit, detailing, where applicable, where such rules have been set out:

Yes

Explanation of the rules and where they are set out

Article 11 of the Regulations of the Board of Directors establishes that, in the performance of their duties, directors will be subject to the rules on limitations and incompatibilities established under the current applicable regulations, and in particular, to the provisions of Act 10/2014 on the regulation, supervision and solvency of credit institutions (the LOSS).

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

22

In this regard, Article 26 of the LOSS stipulates that the directors of credit institutions may not simultaneously hold more positions than those provided for in the following combinations: (i) one executive position and two non-executive positions; or (ii) four non-executive positions. Executive positions are understood to be those that undertake management duties irrespective of the legal bond attributed by those duties. In this respect, the following will count as a single position: 1) executive or non-executive positions held within the same group; 2) executive or non-executive positions held within (i) entities that form part of the same institutional protection scheme or (ii) trading companies in which the entity holds a significant shareholding. Positions held in non-profit organisations or entities or companies pursuing non-commercial purposes will not count when determining the maximum number of positions. Nevertheless, the Bank of Spain may authorise members of the Board of Directors to hold an additional non-executive position if it deems that this would not interfere with the proper performance of the director’s activities in the credit institution.

In addition, pursuant to the provisions of Article 11 of BBVA’s Regulations of the Board of Directors, directors may not:

C.1.13 Indicate the amounts of the following items relating to the total remuneration of the board of directors:

Remarks

The remuneration included in the first item of this section includes the fixed remuneration received by all directors in 2020, as well as, in the case of executive directors, the amount corresponding to the payment of the Deferred Portion of the Annual Variable Remuneration for the 2017 financial year to vest in 2021, in cash and in shares, together with its corresponding update. The amounts of the Deferred Portion of the Annual Variable Remuneration for 2017 have been determined in 2021, following the result of the Multi-Year Performance Indicators to which said remuneration was subject, and will be paid in the first quarter of 2021, providing that the conditions to that effect are met.

To calculate the amount in Euros of the Deferred Portion of 2017 Annual Variable Remuneration of the Chief Executive Officer, associated to his previous role as President & CEO de BBVA Compass (currently BBVA USA), the closing exchange rate for January 2021 has been used (USD/EUR 1.2136).

It is noted that executive directors have not accrued any Annual Variable Remuneration for the 2020 financial year, since they have voluntarily waived it in view of the exceptional circumstances arising from the COVID-19 crisis.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

23

C.1.14 Identify the members of senior management who are not also executive directors, and indicate the total remuneration accrued by them throughout the financial year:

C.1.15 Indicate whether there have been any amendments to the regulations of the board during the financial year:

No

C.1.16 Indicate the procedures for the selection, appointment, re-appointment and removal of directors. Provide details of the competent bodies, the procedures to be followed and the criteria to be used in each procedure.

Selection, appointment and re-appointment procedure:

The General Meeting is responsible for appointing and re-appointing members of the Board of Directors, though the Board has the authority to co-opt members if a seat falls vacant, in accordance with the regulations, the Bylaws, the Regulations of the Board and the Selection Policy described in Sections C.1.5 and C.1.6.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

24

The persons proposed to be appointed or re-appointed as members of the Board of Directors must meet the requirements set out in current legislation, in the specific regulations applicable to credit institutions, in the Bylaws, in the Regulations of the Board and in the Selection Policy.

Proposals for appointment or re-appointment of directors submitted by the Board of Directors to the General Meeting, as well as appointments made directly to fill vacancies under its co-opting authority, will be approved at the proposal of the Appointments and Corporate Governance Committee for independent directors and subject to a report from this Committee for all other directors.

Furthermore, proposals for appointment and re-appointment submitted to the General Meeting must be accompanied by an explanatory report from the Board of Directors assessing the skills, experience and merits of the proposed candidate. Proposals for the appointment or re-appointment of non-independent directors must also be accompanied by a report from the Appointments and Corporate Governance Committee.

To this end, said Committee will assess the balance of knowledge, skills and experience on the Board of Directors, as well as the conditions that the candidates must meet to cover vacancies (applicable legal and suitability requirements, inter alia), evaluating the time commitment considered necessary so that they can carry out their duties, according to the needs of the corporate bodies.

Thus, the Appointments and Corporate Governance Committee will develop renewal and selection processes for directors as part of the process of progressive and systematic refreshment of the corporate bodies, with a view to ensuring that the structure and composition of the Board remains balanced and in line with the needs of the Bank at all times, having directors with different profiles, knowledge, training, experience and qualities.

Within these processes, the Committee will ensure that diversity is promoted and that, in general, there are no implicit biases that may lead to any form of discrimination.

It shall also ensure that these processes facilitate the selection of a sufficient number of female directors to guarantee a balanced representation of men and women, with the aim that female directors represent at least 40% of the Board by the end of the 2022 financial year and beyond, with the figure not dropping below 30% prior to this, while endeavouring to ensure that women who match the professional profile sought are included amongst potential candidates.

Additionally, the aim is for the composition of the Board of Directors to feature an appropriate balance between the different types of director, for non-executive directors to represent an ample majority over executive directors and for the number of independent directors to account for at least 50% of the total seats.

The corporate bodies will also be assessed to ensure that they have a mix of individuals who have experience and knowledge of the Bank, the Group, its businesses and the financial sector in general, as well as others who have training, skills, knowledge and experience in other areas and sectors relevant to the Bank.

In any case, BBVA’s corporate bodies may take any other relevant diversity factor into consideration to adapt the composition of the corporate bodies to the needs of the Bank, taking into account criteria such as gender diversity, academic profile, professional experience, knowledge, disability, origin or age, thus being able to achieve an adequate balance.

In the performance of its functions, the Appointments and Corporate Governance Committee may employ external services to select potential candidates, when it deems this necessary or appropriate.

Duration of mandate and termination:

The directors will hold their position for the term set out in the company Bylaws (three years, after which they may be reappointed one or more times for an additional three-year term) or, if they have been co-opted, until the first General Shareholders’ Meeting has been held. They will leave their positions when the term for which they were appointed expires, unless they are re-appointed.

Directors must also inform the Board of Directors of any circumstances affecting them that could harm the company’s standing and reputation, and any circumstances that may have an impact on their suitability for their role. Directors must offer their resignation to the Board and accept the Board’s decision regarding their continuity in office. Should the Board decide against their continuity, they are required to tender their resignation, in the circumstances listed in section C.1.19 below.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

25

In any event, directors will resign from their posts upon reaching 75 years of age and must submit their resignation at the first meeting of the Bank’s Board of Directors held after the General Shareholders’ Meeting approving the accounts for the financial year in which they reach said age.

C.1.17 Explain the extent to which the annual evaluation of the board has led to significant changes in its internal organisation and in the procedures applicable to its activities:

Description of the amendments

Article 17 of the Regulations of the Board of Directors states that the Board will assess the quality and efficiency of the operation of the Board of Directors, based on the report submitted to it by the Appointments and Corporate Governance Committee. This procedure was followed in the 2020 financial year, and certain measures (indicated below) were undertaken and consolidated, as part of the ongoing process of developing and adapting BBVA’s Corporate Governance System to the needs of the corporate bodies, to the environment in which it carries out its activities and to regulatory requirements and best practices.

Accordingly, the BBVA Board of Directors has carried out their self-assessment process for the 2020 financial year, having carried out an analysis of its Corporate Governance System, which took into consideration, as a starting point, the self-assessment process for the 2019 financial year.

Within the evaluation process for the 2020 financial year, the following is highlighted:

In all of this, the Bank’s corporate bodies sought to keep BBVA’s Corporate Governance System adapted to the reality, circumstances and needs of the Bank and, consequently, to emphasise the importance attributed to ensuring its solidity and resilience under all circumstances.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

26

Describe the evaluation process and the areas evaluated by the board of directors (assisted, where applicable, by an external consultant) to assess the operation and composition of the board, its committees and any other area or aspect that was evaluated.

Description of the evaluation process and the areas evaluated

In accordance with Article 17 of the Regulations of the Board of Directors, the Board assesses the quality and efficiency of its operation, as well as the performance of the functions of the Chairman of the Board, based, in each case, on the report submitted to it by the Appointments and Corporate Governance Committee. The Board of Directors also assesses the performance of the Chief Executive Officer, based on the report by the Appointments and Corporate Governance Committee, which includes the assessment performed by the Executive Committee. Finally, the Board of Directors also assesses the operation of its committees, on the basis of the reports submitted to it by the latter.

The evaluation process carried out in relation to the 2020 financial year consisted of a thorough analysis and evaluation of the quality and efficiency of the operation of the corporate bodies and the performance of the Chairman and the Chief Executive Officer. This evaluation was carried out by the Appointments and Corporate Governance Committee, taking into account several aspects, such the Board’s self-assessment for the 2019 financial year, the directors’ view of the operation of the Board, and the various reports issued, described below.

In line the foregoing, the Board of Directors evaluated: (i) the quality and efficiency of the operation of the Board of Directors; (ii) the performance of the duties of the Chairman and the Chief Executive Officer; and (iii) the operation of the Board Committees; as detailed below:

In addition, the Board assessed the quality and efficiency of the functioning of each Committee on the basis of the reports submitted by their respective Chairs, as described in Section H of this Report.

C.1.18 For those financial years in which an external consultant provided assistance for the evaluation, provide details of any ongoing business relationships that the consultant or any entity in their group maintains with this company or any company in this group.

The assessment carried out by the Board of Directors in the 2020 financial year regarding its quality and operation, its Committees and the performance of the functions of the Chairman of the Board and the Chief Executive Officer was carried out without the support of an independent expert.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

27

C.1.19 Indicate the circumstances under which directors are obliged to resign.

In addition to the circumstances established in applicable law, directors will cease to hold office when the term for which they were appointed expires, unless they are re-appointed.

Accordingly, as set forth in Article 12 of the Regulations of the Board of Directors, directors must offer their resignation to the Board of Directors and accept the Board’s decision regarding their continuity in office. Should the Board decide against their continuity, they are required to tender their resignation, in the following circumstances:

C.1.20 Are supermajorities, other than those provided for in law, required for any type of decision?:

No

Where applicable, describe the differences.

C.1.21 Explain whether there are specific requirements, other than those relating to directors, to be appointed chairman of the board of directors.

No

C.1.22 Indicate whether the bylaws or regulations of the board establish an age limit for directors:

Yes

Remarks

As stipulated in Article 4 of the BBVA Regulations of the Board of Directors, directors will resign from their positions, in any event, upon reaching 75 years of age, and must submit their resignation at the first meeting of the Bank’s Board of Directors held after the General Shareholders’ Meeting approving the accounts for the financial year in which they reach said age.

C.1.23 Indicate whether the bylaws or regulations of the board of directors establish a limited mandate or other stricter requirements for independent directors in addition to those provided for in law:

No

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

28

C.1.24 Indicate whether the bylaws or the regulations of the board of directors establish specific rules for proxy voting within the board of directors for other directors, how this is carried out and, in particular, the maximum number of proxies that a director may have and whether there are any restrictions as to what categories may be appointed as a proxy, beyond the limitations provided for in law. Where applicable, provide a brief description of these rules.

Article 5 of the BBVA Regulations of the Board of Directors establishes that directors are required to attend meetings of the corporate bodies of which they form part, unless they have a justifiable reason for not doing so. Directors will participate in the deliberations, discussions and debates on matters submitted for their consideration and must personally attend the meetings held.

However, as set forth in Article 26 of the Regulations of the Board of Directors, if it is not possible for a director to attend a meeting of the Board of Directors, this director may authorise another director to act as their proxy and cast votes on their behalf, by sending a letter or email to the Company with the information needed by the proxy director to follow the absent director’s instructions. Applicable legislation states that non-executive directors may only grant proxy to another non-executive director. The same applies to attendance at meetings of Board Committees.

C.1.25 Indicate the number of meetings that the board of directors has held during the financial year. Where applicable, indicate how many times the board has met without the chairman in attendance. The chairman will be considered to have been in attendance if represented by a proxy provided with specific instructions.

Indicate how many meetings were held by the lead director with the other board members, without any executive director in attendance or represented:

Remarks

BBVA’s Board of Directors has a Lead Director who performs the functions set forth in the applicable legislation, as well as those stipulated by Article 21 of the Regulations of the Board of Directors.

In the performance of the functions assigned, during the financial year the Lead Director maintained ongoing contact, held recurring meetings and had conversations with other directors of the Bank in order to seek their opinions on the corporate governance and operation of the Bank’s corporate bodies.

In addition, in accordance with Article 37 of the Regulations of the Board, the Lead Director held and coordinated various meetings of non-executive directors, which took place following the meetings of the Board of Directors.

Furthermore, as of the date of this report, the Lead Director serves as Chair of the Risk and Compliance Committee and as a member of the Appointments and Corporate Governance Committee, which are composed of non-executive directors with a majority of independent directors. In addition, the Lead Director has held individual meetings with non-executive directors within the framework of the Board’s annual self-assessment process, in addition to those meetings described above, in order to fully fulfil his duties.

Indicate how many meetings of the board committees were held during the financial year:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

29

C.1.26 Indicate how many meetings were held by the board of directors during the financial year and provide details on the attendance of its members:

Remarks

The Board of Directors holds ordinary meetings on a monthly basis, in accordance with the annual calendar of ordinary meetings drawn up before the beginning of the financial year, and holds extraordinary meetings as often as deemed necessary.

Furthermore, following the declaration of a state of alarm in Spain and due to the situation created by the coronavirus and the measures taken in this respect by the authorities, Board meetings were held entirely remotely in such a way that enabled the recognition of attendees and made it possible for attendees to interact and for each of them to address the meeting in real time, maintaining the unity of the event, in accordance with the applicable regulations and the Regulations of the Board.

C.1.27 Indicate whether the individual or consolidated annual financial statements that are presented to the board for approval are certified beforehand:

No

Where appropriate, identify the person(s) who has/have certified the company’s individual and consolidated annual financial statements prior to board approval:

C.1.28 Explain the mechanisms, if any, established by the board of directors to ensure that the annual financial statements presented by the board of directors to the general shareholders’ meeting are drawn up in accordance with accounting regulations.

Article 32 of the Regulations of the BBVA Board of Directors specifies that the main task of the Audit Committee, which is composed exclusively of independent directors, is to assist the Board of Directors in supervising the preparation of the financial statements and public information, as well the relationship with the external auditor and the Internal Audit area.

In this regard, in accordance with Article 5 of the Regulations of the Audit Committee, it is the responsibility of the Audit Committee to oversee the process of preparing and reporting financial information and submit recommendations or proposals on safeguarding the integrity thereof to the Board of Directors.

It is also the responsibility of the Audit Committee to analyse all financial information and any related non-financial information contained in the annual financial statements of both the Bank and its consolidated Group, prior to their submission to the Board of Directors and in enough detail to guarantee their accuracy, reliability, sufficiency and clarity.

It is also the Committee’s responsibility to review the correct application of accounting criteria, as well as all relevant changes relating to the accounting principles used and the presentation of the financial statements, including the accurate consolidation perimeter.

Similarly, in accordance with Article 5 of the Regulations of the Audit Committee, said Committee is responsible for monitoring the effectiveness of the Company’s internal control and risk management systems in the preparation and reporting of financial information, including tax-related risks.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

30

In the performance of these functions, the Audit Committee maintains direct and ongoing contact with the heads of the area in the Group responsible for Accounting functions through monthly meetings, monitoring the evolution of the main figures on the Balance Sheet and the Income Statement of the Bank and its Group each month; overseeing the accounting policies, practices and principles and the valuation criteria followed by the Bank and the Group during the process of preparing and submitting financial information; and analysing changes made in relation to the main applicable accounting regulations, as well as the main impacts that their incorporation has had on the financial information of the Bank and its Group. To this end, the Committee had all of the information that it required, with the level of aggregation deemed appropriate.

In addition, given that the external audit is one of the core elements in the chain of control mechanisms established to ensure the quality and integrity of the financial information, in accordance with the Regulations of the Audit Committee, it is the Committee’s responsibility to check, at appropriate intervals, that the external audit schedule of work is being conducted under the agreed conditions, and that this satisfies the requirements of the competent authorities and the corporate bodies.

Moreover, it will require the auditor to periodically—at least once a year—provide an evaluation of the quality of the internal control procedures regarding the preparation and reporting of the Group’s financial information, discussing with the auditor any weaknesses in the internal control system identified during the audit, without undermining its independence, to then be able to submit recommendations or proposals to the Board of Directors, along with the deadline for their follow-up.

The Committee will also be apprised of any infringements, situations requiring adjustments or anomalies that may be detected during the external audit and are material in nature, i.e. those that, in isolation or as a whole, could cause significant and substantive harm to the Group’s equity, earnings or reputation, and discernment of such matters will be at the discretion of the Internal Audit area which, in the presence of doubt, must report these.

These matters are carefully considered by the Audit Committee, which maintains direct and ongoing contact with the external auditors through monthly meetings not attended by the Bank’s executives. At these meetings, the auditors provide detailed information on their work and the results thereof, which enables the Committee to continuously monitor said work and the conclusions thereof, ensuring that it is performed under optimal conditions and without interference from management.

C.1.29 Is the secretary of the board a director?

No

If the Secretary is not a director, complete the following table:

C.1.30 Indicate the specific mechanisms established by the company to preserve the independence of the external auditors, and, if any, the mechanisms to preserve the independence of financial analysts, investment banks and rating agencies, including how legal measures have been implemented in practice.

As set forth in the Regulations of the Audit Committee, one of the Committee’s functions, described in Section C.2.1, is to ensure the independence of the auditor through a dual approach:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

31

This matter is carefully considered by the Audit Committee, which holds meetings with the auditor’s representatives at each of the monthly meetings it has, without Bank executives in attendance, to gain a detailed understanding of any issues that may hinder the audit process, the progress and quality of the work carried out, and to confirm independence in the performance of its work.

The Committee also continually oversees the engagement of additional services to ensure compliance with the Regulations of the Audit Committee and with applicable legislation and thus the independence of the auditor, in accordance with the Bank’s internal procedure.

Moreover, in accordance with the provisions of Point f), Section 4 of Article 529 quaterdecies of the Spanish Corporate Enterprises Act and Article 5 of the Regulations of the Audit Committee, each year before the audit report is issued, the Committee must issue a report expressing its opinion on whether or not the independence of the auditor has been compromised. This report must, in all cases, contain a reasoned assessment of the provision of each and every kind of additional service provided to the Group companies, considered individually and collectively, except the legal audit and those relating to independence or the regulations on audit activity. Each year, the auditor must issue a report confirming its independence via-à-vis BBVA or entities linked to BBVA, either directly or indirectly, with detailed and itemised information on any kind of additional services provided to these entities by the external auditor, or by the individuals or entities linked to it, as set out in the consolidated text of the Spanish Account Auditing Act.

In compliance with the legislation in force, the relevant auditor and Audit Committee reports confirming the auditor’s independence were issued in the 2020 financial year.

In addition, as BBVA’s shares are listed on the New York Stock Exchange, it is subject to compliance with the Sarbanes Oxley Act and its implementing regulations.

The Board of Directors also has a policy in place for communication and contacts with shareholders and investors. The policy is governed by the principle of equal treatment for all shareholders and investors, who are in the same position in terms of information, participation and the exercise of their rights as shareholders and investors, inter alia.

Moreover, this policy contains the principles and channels established in relation to shareholders and investors, which govern, where applicable, BBVA relations with other stakeholders, such as financial analysts, Bank share management companies and custodians, and proxy advisors, among others.

C.1.31 Indicate whether the Company has changed its external auditor during the financial year. If so, identify the incoming and outgoing auditors:

No

If there were any disagreements with the outgoing auditor, explain these disagreements:

No

C.1.32 Indicate whether the auditing firm does any other work for the company and/or its group other than the audit. If so, declare the amount of fees received for such work and the percentage that the aforementioned amount represents of the total fees billed to the company and/or its group for audit work:

Yes

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

32

C.1.33 Indicate whether the audit report on the annual financial statements for the previous financial year contained qualifications. If so, indicate the reasons given by the chair of the audit committee to the shareholders at the General Meeting to explain the content and scope of such qualifications.

No

C.1.34 Indicate the number of consecutive financial years during which the current audit firm has been auditing the annual financial statements for the company. Likewise, indicate the total number of financial years audited by the current audit firm as a percentage of the total number of years in which the annual financial statements have been audited:

C.1.35 Indicate whether there is a procedure in place (and provide details, where applicable) whereby directors are provided with the information they need with sufficient time to be able to prepare for meetings of the management bodies:

Yes

Details of the procedure

As set forth in Article 5 of the Regulations of the Board of Directors, prior to the meetings, directors will be provided with the information needed to form an opinion with respect to the matters within the remit of the Bank’s corporate bodies, and may ask for any additional information and advice required to perform their duties. They may also ask the Board of Directors for external expert help for any matters put to their consideration whose special complexity or importance so requires.

These rights will be exercised through the Chairman or Secretary of the Board of Directors, who will attend to requests by providing the information directly or by establishing suitable arrangements within the organisation for this purpose, unless a specific procedure has been established in the regulations governing the Board of Directors’ committees.

Furthermore, as set forth in Article 28 of the Regulations of the Board of Directors, the directors will be provided with such information or clarifications as deemed necessary or appropriate with regards to the matters to be discussed at the meeting, either before or after the meetings are held.

In addition, BBVA implements an information model that ensures that decisions are made on the basis of complete, comprehensive, appropriate and consistent information, prepared in accordance with common principles so that analyses carried out by the corporate bodies are based on the correct data, thus allowing directors to perform their duties to the best of their ability.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

33

Thus, the Bank’s corporate bodies have a procedure in place for checking the information submitted for consideration, coordinated by the Board’s Secretariat with the departments responsible for the information, in order to provide directors with complete, comprehensive, appropriate and consistent information in sufficient time for the meetings of the Bank’s various corporate bodies. Prior to such meetings, information is made available to the Bank’s corporate bodies via an online system, to which all members of the Board have access.

C.1.36 Indicate and, where applicable, provide details of whether the company has set out rules that require directors to report and, where applicable, resign in the event that they are affected by circumstances that, whether or not related to their actions at the company itself, could harm the company’s standing and reputation:

Yes

Explanation of the rules

As set forth in Article 12 of the Regulations of the Board of Directors, directors must also inform the Board of Directors of any circumstances that may affect them and harm the Company’s standing and reputation, and any circumstances that may have an impact on their suitability to perform their role.

Directors must offer their resignation to the Board of Directors and accept its decision regarding their continuity in office. Should the Board decide against their continuing, they are required to tender their resignation when, for reasons attributable to the directors in their status as such, serious damage has been done to the Company’s equity, standing or reputation or when they are no longer suitable to hold the status of director at the Bank, among other circumstances referred to in Section C.1.19 of this report.

C.1.37 Indicate, unless there have been special circumstances recorded in the minutes, whether the board was informed or otherwise came to know of any situation concerning a director, whether or not related to their role in the company itself, that could harm the company’s standing and reputation:

No

C.1.38 Detail any significant agreements reached by the Company that are coming into force, or were amended or concluded as a result of a change in the control of the company stemming from a public takeover bid, and its effects.

The Company has not reached any significant agreements that are coming into force, or were amended or concluded as a result of a change in the control of the Company stemming from a public takeover bid.

C.1.39 Identify on an individual basis, when referring to directors, and in aggregate form for all other cases, and indicate in detail any agreements between the Company and its directors, managers or employees that provide for severance pay (guarantee or golden parachute clauses) for when such persons resign or are wrongfully dismissed or if the contractual relationship comes to an end owing to a public takeover bid or other kinds of transactions.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

34

Indicate whether, in addition to the circumstances provided for by law, the corporate bodies of the company or group must be notified of and/or approve these contracts. If so, specify the procedures, the circumstances provided for and the nature of the bodies responsible for approval or notification:

Remarks

The Board of Directors approves resolutions relating to the basic contractual conditions of members of Senior Management, pursuant to the provisions of Article 17 of the Regulations of the Board, which are hereby notified to the General Shareholders’ Meeting through this Report and through the information contained in the Annual Financial Statements, but does not approve the conditions applicable to other employees.

C.2 Committees of the board of directors

C.2.1 Detail all of the committees of the board of directors, their members and the proportion of executive, proprietary, independent and other external directors sitting thereon:

EXECUTIVE COMMITTEE

Explain the functions that have been delegated or assigned to this committee, other than those that have already been described in Section C.1.9, and describe both the procedures and organisational and operational rules of the committee. For each of these functions, indicate its most significant actions during the financial year and how it has, in practice, exercised each of the functions attributed to it, whether in law, in the bylaws or in other corporate resolutions.

Pursuant to Article 30 of BBVA’s Regulations of the Board of Directors and Article 1.2 of its own Regulations, the Executive Committee will be made aware of matters that the Board, as required by law, the Bylaws, the Regulations of the Board or its own Regulations, resolves to delegate to it.

In particular, in accordance with the powers conferred on it by Article 5 of the Regulations of the Executive Committee, the Committee performs the following functions:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

35

The Regulations of the Executive Committee set out the operational principles of the Committee and lay down the basic rules of its organisation and operation.

The Regulations of the Executive Committee specifically provide that the Committee will meet whenever it is called to do so by its Chair, who is empowered to call the Committee and to set the agenda, and also set out the procedure for calling ordinary and extraordinary meetings.

For the proper performance of its functions, the Committee will have available, where necessary, the reports of the relevant Board committees on matters within their remits, and may request as a matter of relevance the attendance of the chairs of those committees at its own meetings where such reports are to be dealt with.

Other aspects of the organisation and operation of the Committee shall be subject to the Regulations of the Committee itself. All other matters not provided for in the aforementioned Regulations will be subject to the Regulations of the Board, insofar as they are applicable.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

36

The most significant actions carried out by the Executive Committee in the 2020 financial year are detailed in Section H of this Report.

AUDIT COMMITTEE

Explain the functions assigned to this committee, including, where appropriate, any that are in addition to those provided for by law, and describe both the procedures and organisational and operational rules of the committee. For each of these functions, indicate its most significant actions during the financial year and how it has, in practice, exercised each of the functions attributed to it, whether in law, in the bylaws or in other corporate resolutions.

The main task of the Audit Committee is to assist the Board of Directors in overseeing the preparation of the financial statements and public information, and the relationship with the external auditor and the Internal Audit area.

More specifically, in accordance with the powers assigned to it by Article 5 of the Regulations of the Audit Committee, and notwithstanding any other functions assigned to it by law, by the Bank’s internal regulations or by resolution of the Board the Audit Committee is entrusted with the following functions, inter alia:

In relation to overseeing the financial statements and public information:

In relation to the Internal Audit function:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

37

In relation to the external audit process:

The most significant actions carried out by the Audit Committee in the 2020 financial year, as well as its organisational and operational rules, are detailed in Section H of this Report.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

38

Identify the directors who are members of the audit committee and have been appointed on the basis of their knowledge and experience of accounting or auditing, or both, and specify the date on which the Chair of this committee was appointed to the post.

APPOINTMENTS AND CORPORATE GOVERNANCE COMMITTEE

Explain the functions assigned to this committee, including, where appropriate, any that are in addition to those provided for by law, and describe both the procedures and organisational and operational rules of the committee. For each of these functions, indicate its most significant actions during the financial year and how it has, in practice, exercised each of the functions attributed to it, whether in law, in the bylaws or in other corporate resolutions.

The main task of the Appointments and Corporate Governance Committee is to assist the Board of Directors in matters relating to the selection and appointment of members of the Board of Directors; the assessment of their performance; the drafting of succession plans; the Bank’s Corporate Governance System; and the oversight of the conduct of directors and any conflicts of interest that may affect them.

More specifically, in accordance with the powers assigned to it by Article 5 of the Regulations of the Appointments and Corporate Governance Committee, and notwithstanding any other functions assigned to it by law, by the Bank’s internal regulations or by resolution of the Board of Directors, the Appointments and Corporate Governance Committee is entrusted with the following functions:

To this end, the Committee will evaluate the balance of knowledge, skills and experience on the Board of Directors, as well as the conditions that the candidates must meet to cover any vacancies that arise, evaluating the time commitment considered necessary so that they can adequately carry out their duties, according to the needs of the corporate bodies at any given time.

The Committee will ensure that selection procedures are not implicitly biased in such a way that involves any kind of discrimination or, in particular, hinders the selection of members of the underrepresented gender, endeavouring to ensure that members of this gender who match the professional profile sought are included amongst potential candidates.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

39

When formulating its proposals for the appointment of directors, the Committee will take into consideration, if it considers them to be suitable, any requests that may be made by any member of the Board of Directors of potential candidates to fill the vacancies that have arisen.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

40

The organisational and operational rules and the most significant actions carried out by the Appointments and Corporate Governance Committee in the 2020 financial year are detailed in Section H of this Report.

REMUNERATIONS COMMITTEE

Explain the functions assigned to this committee, including, where appropriate, any that are in addition to those provided for by law, and describe both the procedures and organisational and operational rules of the committee. For each of these functions, indicate its most significant actions during the financial year and how it has, in practice, exercised each of the functions attributed to it, whether in law, in the bylaws or in other corporate resolutions.

The main task of the Remunerations Committee is to assist the Board of Directors in remuneration matters within its remit and, in particular, those relating to the remuneration of directors, senior managers and those employees whose professional activities have a significant impact on the risk profile of the Group (hereinafter, the Identified Staff), ensuring that the established remuneration policies are observed.

More specifically, in accordance with the powers assigned to it by Article 5 of the Regulations of the Remunerations Committee, and notwithstanding any other functions assigned to it by law, by the Bank’s internal regulations or by resolution of the Board, the Remunerations Committee broadly performs the following functions:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

41

The organisational and operational rules and the most significant actions carried out by the Remunerations Committee in the 2020 financial year are detailed in Section H of this Report.

RISK AND COMPLIANCE COMMITTEE

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

42

Explain the functions assigned to this committee and describe both the procedures and organisational and operational rules of the committee. For each of these functions, indicate its most significant actions during the financial year and how it has, in practice, exercised each of the functions attributed to it, whether in law, in the bylaws or in other corporate resolutions.

The main task of the Risk and Compliance Committee is to assist the Board of Directors in the determination and monitoring of the Group’s risk control and management policy, including internal risk control and non-financial risks, with the exception of those related to internal financial control, which are the responsibility of the Audit Committee; those related to technological risk, which are the responsibility of the Technology and Cybersecurity Committee; and those related to business and reputational risk, which are the responsibility of the Executive Committee. It also assists the Board in monitoring the Compliance function and implementing a risk and compliance culture in the Group.

More specifically, in accordance with Article 5 of the Regulations of the Risk and Compliance Committee, and notwithstanding any other functions assigned to it by law, by the Bank’s internal regulations or by resolution of the Board, the Risk and Compliance Committee performs the following functions:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

43

The organisational and operational rules and the most significant actions carried out by the Risk and Compliance Committee in the 2020 financial year are detailed in Section H of this Report.

TECHNOLOGY AND CYBERSECURITY COMMITTEE

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

44

Explain the functions assigned to this committee and describe both the procedures and organisational and operational rules of the committee. For each of these functions, indicate its most significant actions during the financial year and how it has, in practice, exercised each of the functions attributed to it, whether in law, in the bylaws or in other corporate resolutions.

The main task of the Technology and Cybersecurity Committee is to assist the Board of Directors in overseeing technological risk, in managing cybersecurity and in monitoring the Group’s technological strategy.

Specifically, in accordance with the powers assigned to it by Article 5 of the Regulations of the Technology and Cybersecurity Committee, and notwithstanding any other functions assigned to it by law, by the Bank’s internal regulations or by resolution of the Board, the Technology and Cybersecurity Committee performs the following functions, which fall into two categories:

The organisational and operational rules and the most significant actions carried out by the Technology and Cybersecurity Committee during the 2020 financial year are detailed in Section H of this Report.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

45

C.2.2 Fill in the following table with information on the number of female directors sitting on the committees of the board of directors at the close of the last four financial years:

C.2.3 Indicate, where applicable, if there are regulations for the board committees, where they can be consulted and any amendments made to them during the financial year. Indicate whether an annual report on the activities of each committee has been prepared voluntarily.

All the committees of the Board of Directors have their own regulations, approved by the Board and available on the Bank’s corporate website (www.bbva.com), under “Shareholders and Investors”, “Corporate Governance and Remuneration Policy”, in the “Board Committees” section. The regulations were not amended during the 2020 financial year.

In addition, within the framework of the annual performance process, all the committees of the Board have prepared and submitted a report to the Board of Directors detailing the activity carried out by each of them in the exercise of their functions during the 2020 financial year, which are described in Sections C.1.17 and C.2.1 above.

D.1 Explain the procedure and competent bodies, if any, for approving related-party and intra-group transactions.

Article 17.1.e) (iii) of the Regulations of the Board of Directors establishes that the Board is responsible for approving, where applicable, transactions conducted by the Company or Group companies with directors or with shareholders that, individually or together with others, hold a significant stake, including shareholders represented in the Board of Directors of the Company or of other Group companies or with individuals related to them, with the exceptions provided for by law.

Moreover, Article 8.6 of the Regulations of the Board of Directors establishes that approval of the transactions conducted by the Company or by Group companies with directors, the approval of which is the responsibility of the Board of Directors, will be granted subject to a prior report by the Audit Committee, where appropriate. The only exceptions to this approval will be transactions that simultaneously meet the three following specifications: (i) they are carried out under contracts with standard terms and are applied en masse to a large number of customers; (ii) they are executed at market rates or prices set in general by the party acting as supplier of the goods or services; and (iii) they are worth less than 1% of the Company’s annual revenues.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

46

D.2 Detail transactions deemed to be significant given their amount or content carried out between the company or its group companies and the company’s significant shareholders:

D.3 Detail any transactions deemed to be significant for their amount or content carried out between the company or its group companies and the directors or executives of the company:

Remarks

D.4 Detail the significant transactions in which the company has engaged with other companies belonging to the same group, except those that are eliminated in the process of drawing up the consolidated financial statements and that do not form part of the company’s usual trade with respect to its objects and conditions.

In any event, provide information on any intra-group transactions with companies established in countries or territories considered tax havens:

D.5 Detail any significant transactions between the company or its group companies and other related parties, which have not been listed in the previous entries.

D.6 Detail the mechanisms established to detect, determine and resolve possible conflicts of interest between the company and/or its group, and its directors, executives or significant shareholders.

Articles 7 and 8 of BBVA’s Regulations of the Board of Directors regulate issues relating to possible conflicts of interest, in summary, as follows:

Article 7: Directors must adopt necessary measures to avoid incurring in situations where their interests, whether on their own account or for that of others, may enter into conflict with the corporate interest and with their duties with respect to the Company, unless the Company has granted its consent under the terms established in applicable legislation and in the Regulations of the Board of Directors.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

47

Likewise, they must refrain from participating in deliberations and votes on resolutions or decisions in which they or a related party may have a direct or indirect conflict of interest, unless these decisions relate to the appointment or removal of positions on the management body.

Directors must notify the Board of Directors of any situation of direct or indirect conflict that they or parties related to them may have with respect to the Company’s interests.

Article 8: The duty of avoiding situations of conflicts of interest referred to in Article 7 above obliges the directors to refrain from, in particular:

The above provisions will also apply should the beneficiary of the prohibited acts or activities described in the previous sections be a related party to the director.

However, the Company may dispense with the aforementioned prohibitions in specific cases, authorising a director or a related party to carry out a certain transaction with the Company, to use certain corporate assets, to take advantage of a specific business opportunity or to obtain an advantage or remuneration from a third party.

When the authorisation is intended to dispense with the prohibition against obtaining an advantage or remuneration from third parties, or affects a transaction whose value is over 10% of the corporate assets, it must necessarily be agreed by the General Shareholders’ Meeting.

The obligation not to compete with the Company may only be dispensed with when no damage is expected to the Company or when any damage that is expected is compensated by the benefits that are foreseen from the dispensation. The dispensation will be conferred under an express and separate resolution of the General Shareholders’ Meeting.

In other cases, the authorisation may also be resolved by the Board of Directors, provided that the independence of the members conferring it is guaranteed with respect to the director receiving the dispensation. Moreover, it will be necessary to ensure that the authorised transaction will not do harm to the corporate equity or, where applicable, that it is carried out under market conditions and that the process is transparent.

Approval by the Board of Directors of the transactions of the Bank or companies within its Group with directors will be granted, where appropriate, after receiving a report from the Audit Committee. The only exceptions to this approval will be transactions that simultaneously meet the three following specifications:

1) they are carried out under contracts with standard terms and are applied en masse to a large number of customers;

2) they are executed at market rates or prices set in general by the party acting as supplier of the goods or services; and

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

48

3) they are worth less than 1% of the Company’s annual revenues.

Since BBVA is a credit institution, it is subject to the provisions of Spanish Act 10/2014 of 26 June, on the regulation, supervision and solvency of credit institutions (the LOSS), whereby the directors and general managers or similar may not obtain credits, bonds or guarantees from the Bank on whose board or management they work, above the limit and under the terms established in Article 35 of Royal Decree 84/2015, implementing the LOSS, unless expressly authorised by the Bank of Spain.

Continued in Section H of this Report.

D.7 Indicate whether the company is controlled by another entity within the meaning of Article 42 of the Spanish Commercial Code, whether listed or not, and has, directly or through its subsidiaries, business relations with said entity or one of its subsidiaries (other than those of the listed company) or engages in activities related to those of any one of them.

No

E. RISK CONTROL AND MANAGEMENT SYSTEMS

E.1 Explain the scope of the company’s Risk Control and Management System, including risks of a tax-related nature.

The BBVA Group has a general risk management and control model (hereinafter, the Model) adapted to its business model, its organisation, the countries in which it operates and its Corporate Governance System. This allows the BBVA Group to operate within the framework of the risk control and management strategy and policy defined by the Bank’s corporate bodies and to adapt to the changing economic and regulatory environment, addressing risk management on a global level in a manner adapted to the circumstances at any moment.

This Model, which is the responsibility of the Chief Risk Officer (CRO) and which must be updated or reviewed at least annually, is applied comprehensively in the Group and is made up of the basic elements set out below:

The Group promotes the development of a risk culture that ensures consistent application of the Model within the Group, and that guarantees that the risk function is understood and internalised at all levels of the organisation.

The Model applies to the management and control of all financial and non-financial risks of the Group, including tax risks, without prejudice to the fact that, with regard to tax, in addition to the management of this type of risk as a non-financial risk, BBVA has a tax risk management policy based on an adequate control environment, a risk identification system and a process for the monitoring and continuous improvement of the effectiveness of the established controls. This management model is revised and assessed by an independent expert.

For more information on the basic elements of the Model, see “General risk management and control model” in the “Risk management” chapter of the individual and consolidated Management Reports for financial year 2020.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

49

E.2 Identify the corporate bodies responsible for drawing up and enforcing the Risk Control and Management System, including tax-related risks.

With regard to risks, the Board of Directors’ responsibilities are those relating to establishing the policy for controlling and managing risk and the oversight and control of its implementation.

In addition, and for a proper discharge of its functions, the Board of Directors is assisted by the Risk and Compliance Committee in the matters specified below. It is also assisted by the Executive Committee, which focuses on strategy, finance and business-related matters in an integrated manner, in order to monitor the Group’s risks.

In particular, the Board of Directors establishes the Group’s risk strategy and, in the discharge of this function, determines the risk control and management policy, which is set out in: the BBVA Group’s Risk Appetite Framework, which includes the Group’s risk appetite statement, containing the general principles of the Group’s risk strategy and its target profile, as well as a set of quantitative metrics (core metrics—with their respective statements—and metrics by type of risk) originating from said statement that reflect the Group’s risk profile; the management policy framework for the different types of risk to which the Bank is or may be exposed, which contains the basic principles for managing and controlling risks consistently throughout the Group and in accordance with the Model and the Risk Appetite Framework; and the Model.

Furthermore, in parallel with the function of defining the risk strategy and within the scope of its risk monitoring, supervision and control functions, the Board of Directors monitors the evolution of the BBVA Group’s risks as well as the risks of each of its main geographical and/or business areas, ensuring their compliance with the BBVA Group’s Risk Appetite Framework, and also overseeing internal information and control systems.

At the executive level, the Group’s Chief Risk Officer (the Head of Global Risk Management) is responsible for managing all of the Group’s financial risks with the independence, authority, rank, experience, knowledge and resources required. They are responsible for ensuring, within their scope of functions, that the BBVA Group’s risks are managed according to the established model.

For decision-making, the Group’s Chief Risk Officer has a governance structure for the role that culminates in a support forum, the Global Risk Management Committee (GRMC), which is established as the main executive-level committee on the risks within its remit. Its purpose is to develop the strategies, policies, regulations and infrastructures needed to identify, assess, measure and manage the material risks within its remit that the Group faces in its business activity.

In addition, the chief risk officers of the geographical and business areas report functionally to the Group’s Chief Risk Officer and report operationally to the head of their geographical and/or business area. This dual reporting system aims to ensure the independence of the local risk management function from the operating functions, and enable its alignment with the Group’s risk-related general policies and goals.

With regard to non-financial risks and internal control, the Group has a Regulation & Internal Control area that is independent from the other units. This area is under the responsibility of the Global Head of Regulation & Internal Control, who is also appointed by the BBVA Board of Directors and reports directly to the corporate bodies, providing updates on the performance of its functions. This area is responsible for proposing and implementing policies related to non-financial risks and the Group’s internal control model. It also includes, amongst others, the Non-Financial Risk, Compliance and Internal Risk Control units.

For more information on the bodies responsible for risk management and control at BBVA, see “Governance and organisation” in the “General risk management and control model” section in the “Risk management” chapter of the individual and consolidated Management Reports for financial year 2020.

As far as tax risk is concerned, the Tax function of the BBVA Group is responsible for establishing the control mechanisms and internal rules necessary to ensure compliance with current tax regulations, as well as proposing tax strategy to the Board of Directors for their consideration and approval, where appropriate. In addition, the Audit Committee is responsible for overseeing the tax risks in the process of preparing and presenting financial information, which is evidenced by the reports made by the Head of the BBVA Group’s Tax function to the Committee.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

50

E.3 Indicate the primary risks, including tax-related risks and, where significant, risk derived from corruption (the latter can be understood to be within the scope of Royal Decree Law 18/2017) that could prevent business targets from being met.

BBVA has processes to identify risks and analyse scenarios, enabling dynamic and advance risk management. These processes are forward-looking to ensure the identification of emerging risks, and take into account the concerns of both the business and corporate areas, as well as those of Senior Management.

Risks are identified and measured in a consistent manner and in line with approved methodologies. Their measurement includes scenario analyses and stress testing, and considers the controls to which the risks are subject.

In this regard, there are a number of emerging risks that could impact the Group’s business performance. These risks are organised into the following large blocks:

For more information on these risks, see “Risk factors” in the “Risk management” chapter of the individual and consolidated Management Reports for financial year 2020, and “Other non-financial risks” chapter of the Non-Financial Information Statement, included in said Management Reports.

Likewise, amongst the possible crimes included in the criminal prevention model are those related to corruption and bribery, since there are a number of risks that could manifest in a company with characteristics such as those of BBVA. For more information, see “Other standards of conduct” and “Criminal prevention model” in the “Compliance system” section, which is included in the “Ethical behaviour” chapter of the Non-Financial Information Statement in the individual and consolidated Management Reports for the 2020 financial year.

On the other hand, and not having the consideration of significant risk referred to in this section, the Spanish judicial authorities are investigating the activities of the company Centro Exclusivo de Negocios y Transacciones, S.L. (Cenyt). Such investigation includes the provision of services by Cenyt to the Bank.

In this regard, on 29 July 2019, the Bank was named as an official suspect (investigado) in a criminal judicial investigation (Preliminary Proceeding No. 96/2017 – Piece No. 9, Central Investigating Court No. 6 of the National High Court) for alleged facts which could be constitutive of bribery, revelation of secrets and corruption. On 3 February 2020, the Bank was notified by the Central Investigating Court No. 6 of the order lifting the secrecy of the proceedings. Certain current and former officers and employees of the Group, as well as former directors have also been named as investigated parties in connection with this investigation. The Bank has been and continues to be proactively collaborating with the Spanish judicial authorities, including sharing with the courts the relevant information obtained in the internal investigation hired by the entity in 2019 to contribute to the clarification of the facts. As of the date of the approval of this report, no formal accusation against the Bank has been made.

This criminal judicial proceeding is in the pre-trial phase. Therefore, it is not possible at this time to predict the scope or duration of such proceeding or any related proceeding or its or their possible outcomes or implications for the Group, including any fines, damages or harm to the Group’s reputation caused thereby.

Continued in Section H of this Report.

E.4 Identify whether the company has risk tolerance levels, including for tax-related risks.

The Group’s Risk Appetite Framework, approved by the Board of Directors, determines the risks and the associated risk levels that the Group is prepared to assume to achieve its objectives, considering the organic development pattern of the business. These are expressed in terms of solvency, liquidity and funding, and profitability and recurrence of revenue, which are reviewed not only periodically but also if there are any substantial changes in the business strategy or relevant corporate transactions.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

51

The Risk Appetite Framework is expressed through the following elements:

In addition to this Framework, there is a level of management limits that is defined and managed by the areas responsible for managing each type of risk. This is to ensure that anticipatory risk management respects this structure and, in general, the established Risk Appetite Framework.

Each significant geographical area has its own Risk Appetite Framework consisting of its local Risk Appetite statement, core metrics and statements, statements and metrics by type of risk, which should be consistent with those set at the Group level, but adapted to their reality and approved by the corresponding corporate bodies of each entity. This Risk Appetite Framework has a limit structure in line and consistent with the above.

The corporate Risk area works together with the various geographical and/or business areas to define their Risk Appetite Framework, so that it is coordinated with and integrated into the Group’s Risk Appetite Framework, making sure that its profile is in line with the one defined. Also, for local monitoring purposes, the Chief Risk Officer for the geographical and/or business area will periodically report on the evolution of the local Risk Appetite Framework metrics to its corporate bodies, as well as, where appropriate, to the appropriate local top-level committees, following a scheme similar to that of the Group, in accordance with its own corporate governance systems.

For more information on the Risk Appetite Framework described above and on its monitoring and management integration, see “Risk Appetite framework” in the “General Risk management and control model” section within the “Risk management” chapter of the individual and consolidated Management Reports for financial year 2020.

E.5 State what risks, including tax-related risks, have occurred during the financial year.

Risk is inherent to financial activity, and the occurrence of minor and major risks is therefore an inseparable part of the Group’s activities. BBVA therefore offers detailed information on the evolution of risks which, by their nature, continuously affect the Group in carrying out its activity. This information is provided in its annual financial statements (notes 7 and 19 on risk management and tax risks, respectively, in the BBVA Group’s Consolidated Annual Financial Statements; and notes 5 and 17, on the same subject matters, in BBVA’s Individual Annual Financial Statements, both for financial year 2020) and in the individual and consolidated Management Reports, both for financial year 2020 (the “Risk management” chapter and “Other non-financial risks” chapter of the Non-Financial Information Statement).

E.6 Explain the response and oversight plans for the primary risks faced by the company, including tax-related risks, and the procedures followed by the company to ensure that the board of directors responds to any new challenges.

The BBVA Group’s internal control system for operational risks is based on the best practices developed both in the COSO (Committee of Sponsoring Organizations of the Treadway Commission) Enterprise Risk Management — Integrated Framework and in the Framework for Internal Control Systems in Banking Organisations drawn up by the Basel Bank for International Settlements (BIS).

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

52

The control model has a system comprising three lines of defence:

With regard to operational risk, the control activity of the first and second lines of defence is coordinated by the Non-Financial Risks Unit, which is responsible for providing the units with a common internal control methodology and global tools. This second line of defence is in place in all geographical areas in which the Group is present and acts in accordance with standardised practices that come from the corporate units in each of the fields.

The Group’s Head of Non-Financial Risks is responsible for the function and, together with the Chief Compliance Officer and the Head of Internal Risk Control, reports on its activity to the Global Head of Regulation & Internal Control and to the Risk and Compliance Committee, assisting the latter in any matters where requested.

As part of the second line of defence, the Group has a specific Internal Risk Control unit, within the area of Regulation & Internal Control, which, among other tasks, independently checks and monitors regulations and governance structure, in terms of financial risks, and the application and operation thereof in the area of Global Risk Management, as well as checking the development and implementation of financial risk management and control processes. It is also responsible for the validation of risk models.

The Group’s Head of Internal Risk Control is responsible for the function and reports on its activities and work plans to the Head of Regulation & Internal Control and to the Risk and Compliance Committee, assisting the Committee in any matters where requested, and in particular checking that the GRM reports presented to the Committee comply with the established criteria at all times.

In addition, the Internal Risk Control function is global and transversal, covering all types of financial risks and having specific units in all geographical and/or business areas, with functional dependency on the Group’s Head of Internal Risk Control.

As far as tax risk is concerned, the Tax Department, located within the Finance area, is responsible for establishing the policies and controls necessary to ensure compliance at all times with the current tax regulations and the tax strategy approved by the Board of Directors. The Internal Financial Control Unit, as a second line of defence against financial, accounting and tax risks, is responsible for assessing the quality of the design and effectiveness of the control model operating in tax processes, as detailed in Section F of this document.

In order to meet the new challenges that arise, the BBVA Group has a governance system that allows the Board of Directors to be informed of the real and potential risks that affect or may affect the Group at any time. Thus, in addition to the work carried out by the Bank’s different areas of control (Risk, Regulation & Internal Control and Internal Audit), as well as other areas of the Bank, such as the legal and finance areas, and the corresponding Board committees

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

53

(such as the Risk and Compliance Committee or the Audit Committee), there is also the monitoring and supervision carried out by the Technology and Cybersecurity Committee. Its work allows the Board of Directors to be informed of the main technological risks to which the Group is exposed—including those relating to information security risks, information technology compliance risks and cybersecurity risks—as well as of current technological trends and strategies, business continuity plans in matters of technology and relevant cybersecurity events affecting the Group or which might affect it in the future, among other functions.

Describe the mechanisms comprising the risk management and control systems for financial reporting (ICFR) in your entity.

F.1 The entity’s control environment

Give information on the key features of at least:

F.1.1. Which bodies and/or functions are responsible for: (i) the existence and maintenance of an adequate and effective ICFR; (ii) its implementation and (iii) its supervision.

Pursuant to Article 17 of its Regulations, the Board of Directors approves the financial information that BBVA is required to publish periodically as a listed company. The Board of Directors has an Audit Committee whose main task, among others, is to assist the Board in monitoring the preparation of financial statements and public information, as well as monitoring internal financial control.

In this regard, the Rules of Procedure of BBVA’s Audit Committee establish that one of the Committee’s functions is to monitor the effectiveness of the Company’s internal control and the risk management systems in the process of drawing up and presenting financial information, including tax risks, as well as discussing with the statutory auditor the significant weaknesses of the internal control system detected during the audit.

The BBVA Group complies with the requirements imposed by the Sarbanes Oxley Act (SOX) for each financial year’s consolidated annual financial statements due to its status as a publicly traded company listed with the United States Securities Exchange Commission (SEC). The main Group executives are involved in the design, compliance and maintenance of an effective internal control model that guarantees the quality and veracity of the financial information. The Finance area has been responsible during 2020 for producing the consolidated annual financial statements and maintaining the control model for financial information generation. Specifically, this function is performed by the Financial Internal Control area, which is integrated within the Group’s general internal control model, which is briefly outlined below:

The BBVA Group works continuously to bolster its internal control model, which comprises two key elements. The first is the control structure organised into three lines of defence, which is described in Section E.6 above; and the second is a governance scheme called Corporate Assurance, which establishes a framework for monitoring the internal control model and bringing the main aspects of the Group’s internal control to the attention of Senior Management.

Corporate Assurance establishes a committee structure, both at the local and corporate levels, that provides Senior Management with a comprehensive and homogeneous view of the main non-financial risks and relevant situations as regards the control environment. The aim is to facilitate fast and proactive decision-making in relation to the mitigation or assumption of major risks. These committees are formed by the main executives responsible for the business and support areas, as well as those responsible for the second line of defence (RCS).

The effectiveness of this internal control system is assessed periodically for those risks that may affect the correct compilation of the Group’s financial statements. The assessment is coordinated by the Internal Financial Control area and involves risk control specialists (RCS), as the second line of defence, and risk control assurers (RCA) for the main processes, in both business areas and support areas. The Group’s Internal Audit area also performs its own assessment of the internal control system with regard to the generation of financial information. In addition, the external auditor of the BBVA Group issues an opinion every year on the effectiveness of internal control over financial reporting based on criteria established by COSO (Committee of Sponsoring Organizations of the Treadway Commission) and in accordance with PCAOB (the US Public Company Accounting Oversight Board) standards. This opinion appears in Form 20-F, which is filed every year with the SEC.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

54

The result of the annual internal assessment of the System of Internal Control over Financial Reporting, conducted by Internal Audit and Internal Financial Control, is reported to the Audit Committee by the heads of Internal Financial Control.

F.1.2 Whether, especially in the process of drawing up financial information, the following elements exist:

Financial information is produced in the local Financial Management Units of the BBVA Group banks in the different countries where it maintains a presence. The consolidation work is carried out in the Corporate Centre, in the Finance Department, which has overall responsibility for the preparation and issuance of the Group’s financial and regulatory information.

BBVA’s organisational structure clearly defines lines of action and responsibility for the areas involved in the generation of financial information, both at the individual entity level and consolidated Group level; provides the channels and circuits necessary for the proper communication of the financial information; and provides a procedure for the dissemination of the annual financial statements. The units responsible for drawing up these financial statements have a suitable distribution of tasks and the necessary segregation of functions to draw up these statements in an appropriate operational and control framework.

Additionally, there is an accountability model aimed at extending the culture of, and commitment to, internal control. Those in charge of the design and operation of the processes that have an impact on financial reporting certify that all the controls associated with its operation under their responsibility are sufficient and have worked correctly.

BBVA has a Code of Conduct that is approved by the Board of Directors and reflects BBVA’s concrete commitments with regard to one of the principles of its Corporate Culture: Integrity in the consideration and undertaking of its business. This Code likewise establishes the corresponding whistleblowing channel regarding possible infringements of the Code. It is the subject of training and refresher programmes that include key personnel in the financial function.

Following the update to the Code in 2015, communication campaigns to share its new content have been in place since 2016, making use of new formats and digital channels. In addition, a training plan has been developed at a global level, reaching the entire workforce of the Group.

The Code of Conduct can be accessed on the Bank’s website (www.bbva.com) and on the employees’ website (Intranet). Additionally, Group members undertake personally and individually to observe its principles and rules in an express declaration of awareness and adhesion.

One of the functions of the Risk and Compliance Committee is to examine draft codes of ethics and conduct and their respective modifications prepared by the corresponding area of the Group, and give its opinion in advance of the proposals to be drafted to the corporate bodies.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

55

Additionally, BBVA has adopted a structure of Corporate Integrity Management Committees (with individual powers at jurisdiction or Group entity levels, as applicable). Their joint scope of action covers all the Group businesses and activities and their main function is to ensure effective application of the Code of Conduct. There is also a Corporate Integrity Management Committee, whose scope of responsibility extends throughout BBVA. The main mission of this committee entails ensuring uniform application of the Code in BBVA.

The Compliance Unit in turn independently and objectively promotes and supervises to ensure that BBVA acts with integrity, particularly in areas such as money-laundering prevention, conduct with customers, security market conduct, corruption prevention, and other areas that could entail a reputational risk for BBVA. The unit’s duties include fostering the knowledge and application of the Code of Conduct, promoting the drafting and distribution of its implementing standards, assisting in the resolution of any concern that may arise regarding the interpretation of the Code, and managing the Whistleblowing Channel.

Preservation of the Corporate Integrity of BBVA transcends merely personal accountability for individual actions, it calls for all employees to have zero tolerance for activities that do not comply with the Code of Conduct or that could harm the reputation or good name of BBVA. This attitude is reflected in everyone’s commitment to whistle-blowing, by timely communication, of situations that, even when unrelated to their activity or area of responsibility, could be infringe regulations or contradict the values and guidelines of the Code.

The Code of Conduct itself and contemplates a Whistleblowing Channel, whereby BBVA employees, as well as other parties not part of BBVA, may communicate, in a confidential manner and, if they wish, anonymously, any behaviours that may not comply with the Code or that may infringe applicable regulation. Complaints are handled promptly and diligently, guaranteeing the confidentiality of the investigations and the prohibition of retaliation or adverse consequences in light of communications made in good faith.

Telephone lines and email inboxes have been set up in each jurisdiction for these communications. The Whistleblowing Channel is available 24 hours 365 days.

As described in the previous section, BBVA has adopted a structure of Corporate Integrity Management Committees (with individual powers at jurisdiction or Group entity levels, as applicable), whose joint scope of action covers all the Group businesses and activities and whose functions and responsibilities (explained in greater detail in their corresponding regulations) include:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

56

Also, through the Compliance area, periodic reports are made to the Risk and Compliance Committee, which, pursuant to its own Regulations, monitors and controls the proper functioning of the Whistleblowing Channel.

The Finance area has a specific programme of courses and seminars, run in both its classroom and virtual campus, which complement the general training of all employees of the BBVA Group, in line with their roles and responsibilities. Specific training and periodic refresher courses are given on accounting and tax regulations, internal control and risk management, particularly for teams in the areas involved in preparing and reviewing the financial and tax-related information and in evaluating the internal control system, to help them perform their functions correctly. These courses are taught by professionals from the area and renowned external providers.

Additionally, the BBVA Group has a personal development plan for all employees, which forms the basis of a personalised training programme to deal with the areas of knowledge necessary to perform their functions.

F.2 Financial reporting risk assessment

Give information on at least:

F.2.1. The key features of the risk identification process, including error and fraud risks, with respect to:

The ICFR was developed by the Group Management in accordance with international standards set forth by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), which establishes five components on which the effectiveness and efficiency of internal control systems must be based:

In order to identify the risks with a greater potential impact on the generation of financial information, the processes through which such information is generated are analysed and documented, and an analysis of the risks, errors or inaccuracies that may arise in each is later conducted.

Based on the corporate internal control methodology, the risks are categorised by type, including process errors and fraud, and their probability of occurrence and possible impact are analysed.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

57

The process of identifying risk in the preparation of Financial Statements, including risks of error, falsehood or omission, is carried out by the first line of defence: those responsible for each of the processes that contribute to the preparation of financial information and those responsible for their control. This risk identification is performed taking into account the theoretical risk model and the mitigation and control framework previously defined by the specialists for each type of risk (within the second line of defence) which, in the case of Finance, is the Internal Financial Control unit (tax and financial reporting risk specialist), who, in addition, challenges the functioning and effectiveness of the controls implemented.

Whether the assessment of their controls is annual, quarterly or monthly is determined based on the significance of the risks, this ensuring coverage of the risks considered critical for the financial statements.

The assessment of the aforementioned risks and the design and effectiveness of their controls begins with the understanding of and insight into the analysed operating process, considering criteria of quantitative materiality, likelihood of occurrence and economic impact, in addition to qualitative criteria associated with the type, complexity and nature of the risks or of the business or process structure itself.

The system for identifying and assessing the risks of internal control over financial reporting is dynamic. It evolves continuously, always reflecting the reality of the Group’s business, changes in operating processes, the regulations applicable at all times, the risks affecting them and the controls that mitigate them.

All this is documented in a corporate management tool developed and managed by the Non-Financial Risk area (STORM). This tool documents all the risks and controls, by process, that are managed by the different risk specialists, including the Financial Internal Control unit.

Each of the processes identified in the BBVA Group for drawing up financial information aim to record all financial transactions, value the assets and liabilities in accordance with applicable accounting regulations and provide a breakdown of the information in accordance with regulatory requirements and market needs.

The financial information control model analyses each of the phases of the processes mentioned above (from procedural governance, documentation, criteria setting, decision making, information provision, application operation, monitoring generated information, and reporting), in order to ensure that the risks identified in each process are adequately covered by controls that operate efficiently. The control model is updated when changes arise in the relevant processes or support tools for producing financial information.

The Finance area includes a department responsible for the Group’s financial consolidation, which carries out a monthly process of identification, analysis and updating of the perimeter of the Group’s consolidated companies.

In addition, the information from the consolidation department on new companies set up by the Group’s different units and the changes made to existing companies is compared with the data analysed by a specific committee at corporate level, whose objective is to analyse and document the changes in the composition of the corporate group and optimise its corporate structure (Corporate Structure Committee — CSC).

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

58

In addition, the Finance area of the Bank, in controlling special purpose entities, makes a periodic report to the Audit Committee on the structure of the Group of companies.

The model of internal control over financial reporting applies to processes for directly drawing up such financial information and to all operational or technical processes that could have a relevant impact on the financial, accounting, tax-related or management information.

As mentioned above, the Group has an internal control model coordinated by the Regulation & Internal Control area, which uses a single methodology to assess all the Group’s non-financial risks (mainly operational, technological, financial, legal, tax-related, reputational, third party and compliance). All the specialist risk areas and heads of control use a common tool (STORM) to document the identification of the risks, the controls that mitigate those risks and the assessment of their effectiveness.

There are control assurers in all the operational or support areas, and therefore any type of risk that may affect the Group’s operations is analysed under that methodology and is included in the ICFR insofar as it may have an impact on the financial information.

The process for identifying risks and assessing the design, effectiveness and suitability of the controls for generating financial information is documented at least once a year, and is overseen by the Internal Audit area.

Moreover, the Group’s head of Internal Financial Control reports annually to the Audit Committee on analysis work that has been carried out, on the conclusions of the assessment of the control model relating to the generation of financial information, and on the process for downstream certification of the effectiveness of the control model. This process is undertaken by the financial officers of the main entities and holding control specialists. This work follows the SOX methodology in compliance with the legal requirements, under the regulation, on systems of internal control over financial reporting, and is included in Form 20-F, submitted annually to the SEC, as indicated in Section F.1 above.

F.3 Control activities

Give information on the main features, if at least the following exist:

F.3.1. Procedures for review and authorisation of financial information and the description of the ICFR, to be published on the stock markets, indicating who is responsible for it, and the documentation describing the activity flows and controls (including those concerning risk of fraud) for the different types of transactions that may materially impact the financial statements, including the procedure for closing the accounts and the specific review of the relevant judgements, estimates, valuations and projections.

All of the processes relating to the generation of financial information are documented, as is the corresponding control model, including potential risks associated with each process and the controls put in place to mitigate them. As explained in Section F.2.1, the aforementioned risks and controls are recorded in the corporate tool STORM, which also includes the result of the assessment of the effectiveness of the controls and the degree of risk mitigation.

In particular, the main processes relating to the generation of financial information are found in the Finance area, and they are: accounting, consolidation, financial reporting, financial planning and monitoring, and financial and tax management. The analysis of these processes, their risks and their controls is also supplemented by that of all other critical risks, in the processes of the various business areas or other support areas, that may have a financial impact on the financial statements.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

59

In the aforementioned review procedures, special attention is paid, from a control point of view, to the financial and tax-related information disseminated to the securities markets, including the specific review of controls on relevant judgements, estimates and projections used in the preparation of the above-mentioned information.

As noted in the annual financial statements themselves, it is occasionally necessary to make estimates to determine the amount at which some assets, liabilities, income, expenses and commitments should be recorded. These estimates are mainly related to:

These estimates are made based on the best information available on the financial statement closing date and, together with the other relevant issues for the closing of the annual and six-monthly financial statements, are analysed and authorised by a Technical Committee.

F.3.2. Internal control procedures and policies for information systems (among others, access security, change control, their operation, operational continuity and segregation of functions) that support the relevant processes in the entity with respect to drawing up and publishing financial information.

The Group’s current internal control model has expanded the catalogue of technological risks managed as non-financial risks to three distinct categories:

The internal control models therefore include procedures and controls regarding the operation of information and access security systems, the segregation of functions, and the development and modification of computer applications used to generate financial information.

Both types of control are identified in the model of internal control over financial reporting and are analysed and assessed periodically, in order to guarantee the integrity and reliability of the information drawn up.

With all these mechanisms, the BBVA Group can confirm that adequate management of access control is maintained, the correct and necessary steps are taken to put applications into production as well as ensuring their subsequent support, the creation of backup copies, and assurance of continuity in the processing and recording of operations.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

60

In summary, the entire process of preparing and publishing financial information has established and documented the procedures and control models for technology and IT systems necessary to provide reasonable assurance of the correctness of the BBVA Group’s public financial information.

F.3.3. Internal control procedures and policies designed to supervise the management of activities subcontracted to third parties and those aspects of evaluation, calculation and assessment outsourced to independent experts which may materially impact the financial statements.

The internal control model sets out specific controls and procedures for the management of subcontracted activities or those aspects of evaluation, calculation and assessment of assets or liabilities outsourced to independent experts.

There is a specialist area of risk arising in third-party operations, a standard and a committee for non-financial risk admission, which also analyses outsourcing operations and which establishes and supervises the requirements to be fulfilled at the Group level for the activities to be subcontracted.

There are procedural manuals for the outsourced financial processes that identify the procedures to be followed and the controls to be applied by the service provider units and outsourcing units. The controls established in the outsourced processes concerning the generation of financial information are also tested by the Internal Financial Control area.

The valuations from independent experts used for matters relevant for generating financial information are included within the standard circuit of review procedures executed by internal control, internal auditing and external auditing.

F.4 Information and communication

Give information on the main features, if at least the following exist:

F.4.1. A specific function in charge of defining and maintaining accounting policies (accounting policy department or area) and resolving queries or conflicts stemming from their interpretation, ensuring fluent communication with those in charge of operations in the organisation, and an up-to-date manual of accounting policies, communicated to the units through which the entity operates.

The Finance area and in particular the Accounting & Regulatory Reporting area have robust governance systems which include two Technical Committees: one for Accounting and one for Capital. The purpose of these committees is to analyse, study and issue standards that may affect the compilation of the Group’s financial and regulatory information, to determine the accounting and solvency criteria required to ensure that transactions are booked correctly, and to calculate capital requirements within the framework of the applicable standards.

The Group also has an Accounting Policies Manual, which is updated and made available to all Group units by means of the Intranet. This Manual is the tool that guarantees that all the decisions related to accounting policies or specific accounting criteria to be applied in the Group are supported and are standardised. This Manual is approved by the Technical Accounting Committee and is continuously documented and updated for use and analysis by all the Group’s entities.

F.4.2. Mechanisms to capture and prepare financial reporting in standardised formats, for application and use by all of the units of the entity or the group, that support the main financial statements and the notes, and the detailed information on ICFR.

The BBVA Group’s Finance area and the countries’ financial management units are responsible for the processes for preparing financial statements in accordance with the current accounting and consolidation manuals. There is also a consolidation computer application that collects the accounting information of the various companies within the Group and performs the consolidation processes, including the standardisation of accounting criteria, aggregation of balances and consolidation adjustments.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

61

Control measures have also been implemented in each of the aforementioned processes, both locally and at consolidated level, to ensure that all the data supplying the financial information is collected in a comprehensive, exact and timely manner. There is also a single and standardised financial reporting system that is applicable to and used by all the Group units and supports the main financial statements and the explanatory notes. There are also control measures and procedures to ensure that the information disclosed to the markets contains a breakdown that is tailored to regulatory requirements and sufficient so as to enable investors and other users of the financial information to understand and interpret it.

F.5 Supervision of the system’s operation

Give information on the key features of at least:

F.5.1. The ICFR supervision activities carried out by the audit committee and whether the entity has an internal audit function with powers that include providing support to the audit committee in its task of supervising the internal control system, including the ICFR. Likewise, information will be given on the scope of the ICFR assessment carried out during the financial year and of the procedure by which the person in charge of performing the assessment communicates its results, whether the entity has an action plan listing the possible corrective measures, and whether its impact on financial reporting has been considered.

The internal control units of the business areas and of the support areas conduct a preliminary assessment of the internal control model, assess the risks identified in the processes, the effectiveness of controls, and the degree of mitigation of the risks, as well as identifying possible weaknesses and designing, implementing and monitoring the mitigation measures and action plans.

The first assessment of the effectiveness of the risk controls for the financial information preparation process is carried out by the RCA (Risk Control Assurer), who is responsible for control in the first line of defence, and layer by the RCS (Risk Control Specialist — second line of defence) who must challenge the design and operation of the controls in order to issue a conclusion on the operation of the control model on the risks covered by his field of expertise.

BBVA also has an Internal Audit unit that supports the Audit Committee with regard to the independent supervision of the internal financial information control system. The Internal Audit function is entirely independent of the units that draw up the financial information.

All the weaknesses in controls, mitigation measures and specific action plans are documented in the corporate tool STORM and submitted to the internal control and operational risk committees of the areas, as well as to the local or global Corporate Assurance Committees, based on the significance of the detected issues.

Both the weaknesses identified by the internal control units and those detected by the internal or external auditor have an action plan in place to correct or mitigate risk.

During the 2020 financial year, the areas responsible for Internal Control conducted a full assessment of the system for internal control over financial reporting, and, to date, no material or significant weakness having any impact on the preparation of financial information have been revealed therein.

Additionally, in compliance with the SOX, the Group’s Internal Control and Internal Auditing areas annually assesses the effectiveness of the model of internal control over financial reporting on a group of risks (within the perimeter of SOX companies) that could affect the drawing up of financial statements at local and consolidated levels. This perimeter incorporates risks and controls in Finance and other specialisms that are not directly financial (technology, risks, operational processes, human resources, procurement, legal etc.). The results of this assessment are reported annually to the Audit Committee.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

62

F.5.2. Whether there is a discussion procedure via which the auditor (in line with the auditing technical standards), the internal audit function and other experts can inform senior management and the audit committee or the entity’s directors of significant weaknesses in the internal control encountered during the review processes for the annual financial statements or any others within their remit. Also provide information on whether there is an action plan to try to correct or mitigate the weaknesses observed.

As described in section (F.5.1) above, the Group has a procedure in place whereby the internal auditor and the heads of Internal Financial Control report to the Audit Committee any significant internal control weaknesses detected in the course of their work. Any significant or material weaknesses, if present, will likewise be reported. Similarly, there is a procedure whereby the external auditor reports to the Audit Committee the result of their work assessing the system for internal control over financial information.

Since BBVA is listed with the SEC, the BBVA Group’s external auditor annually issues its opinion on the effectiveness of the internal control over financial reporting contained in the Group’s consolidated annual financial statements on 31 December each year, under PCAOB (Public Company Accounting Oversight Board) standards, with a view to filing the financial information with the SEC on Form 20-F. The latest report issued on the financial information for the 2019 financial year is available at www.sec.gov and www.bbva.com.

All control weaknesses detected by the Internal Control, Internal Audit and External Audit areas have an action plan for resolution and are reported to the Internal Control Committees of each area, to the Corporate Assurance Committees (local or global, depending on the severity of the weaknesses) and also to the Audit Committee.

The internal control oversight carried out by the Audit Committee, described in the Regulations of the Audit Committee published on the Group website, www.bbva.com, includes the following activities:

The external auditor and the head of Internal Audit attend all regular meetings of the Audit Committee to report on the matters dealt with within their respective remits.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

63

F.6 Other relevant information

F.7 External auditor report

Report on:

F.7.1. Whether the ICFR information disclosed to the markets has been submitted by the external auditor for review, in which case the entity must attach the corresponding report as an annex. Otherwise, explain the reasons why it was not.

The information related to the BBVA Group’s internal control over financial reporting described in this report is reviewed by the external auditor, which issues its opinion on the control system and on its effectiveness in relation to the accounts published at the close of each financial year.

On 28 February 2020, the BBVA Group, as a private foreign issuer in the United States, filed the Annual Report (Form 20-F) for the financial year ending on 31 December 2019, which was published on the SEC website on that same date.

In accordance with the requirements set out in Section 404 of the Sarbanes-Oxley Act of 2002 by the Securities and Exchange Commission (SEC), the aforementioned Annual Report (Form 20-F) included certification of the Group’s executive principles with regard to the establishment, maintenance and assessment of the Group’s system of internal control over financial reporting. The Form 20-F report also included the opinion of the external auditor regarding the effectiveness of the Company’s system of internal control over financial reporting at the close of the 2019 financial year.

G. DEGREE OF COMPLIANCE WITH CORPORATE GOVERNANCE RECOMMENDATIONS

Indicate the extent of the company’s compliance with the recommendations of the Good Governance Code of Listed Companies.

If any recommendations are not being followed or are only being followed in part, a detailed explanation of the reasons for this should be given so that shareholders, investors and the market in general have sufficient information to assess the actions of the company. General explanations will not be acceptable.

1. The bylaws of listed companies should not place an upper limit on the votes that can be cast by a single shareholder, or impose other obstacles to the takeover of the company by means of share purchases on the market.

✓COMPLIANT

2. When the listed company is controlled, pursuant to the meaning established in Article 42 of the Commercial Code, by another listed or non-listed entity, and has, directly or through its subsidiaries, business relationships with that entity or any of its subsidiaries (other than those of the listed company) or carries out activities related to the activities of any of them, this is reported publicly, with specific information about:

a) The respective areas of activity and possible business relationships between, on the one hand, the listed company or its subsidiaries and, on the other, the parent company or its subsidiaries.

b) The mechanisms established to resolve any conflicts of interest that may arise.

NOT APPLICABLE

3. During the annual general meeting the chairman of the board of directors should verbally inform shareholders in sufficient detail of the most relevant aspects of the company’s corporate governance, supplementing the written information circulated in the annual corporate governance report. In particular:

a) Changes that have occurred since the previous annual general meeting.

b) The specific reasons for the company not following a given Corporate Governance Code recommendation, and any alternative procedures followed in its stead.

✓COMPLIANT

4. The company should define and promote a policy for communication and contact with shareholders and institutional investors within the framework of their involvement in the company, as well as with proxy advisors, that complies in full with the rules on market abuse and gives equal treatment to shareholders who are in the same position. The company should make said policy public through its website, including information regarding the way in which it has been implemented and the parties involved or those responsible its implementation.

Further, without prejudice to the legal obligations of disclosure of inside information and other regulated information, the company should also have a general policy for the communication of economic-financial, non-financial and corporate information through the channels it considers appropriate (media, social media or other channels) that helps maximise the dissemination and quality of the information available to the market, investors and other stakeholders.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

64

✓COMPLIANT

5. The board of directors should not make a proposal to the general meeting for the delegation of powers to issue shares or convertible securities without pre-emptive subscription rights for an amount exceeding 20% of capital at the time of such delegation.

When a board of directors approves the issuance of shares or convertible securities without pre-emptive subscription rights, the company should immediately post a report on its website explaining the exclusion as envisaged in company legislation.

PARTIALLY COMPLIANT

The General Shareholders’ Meeting on 17 March 2017 delegated to the Board of Directors a power to increase share capital and issue convertible securities, along with the power to wholly or partially exclude pre-emptive subscription rights in respect of capital increases and issues of convertible securities carried out using such delegated power. The power to exclude pre-emptive subscription rights is limited, overall, to 20% of share capital as it stood at the time of the delegation, except for the issuance of contingently convertible securities, the conversion of which is intended to satisfy regulatory solvency requirements as to eligibility as capital instruments in accordance with applicable regulations, because such instruments do not dilute the interests of shareholders.

6. Listed companies drawing up the following reports on a voluntary or compulsory basis should publish them on their website well in advance of the annual general shareholders’ meeting, even if their distribution is not obligatory:

a) Report on auditor independence.

b) Reports on the operation of the audit committee and the nomination and remuneration committee.

c) Audit committee report on related-party transactions.

✓COMPLIANT

7. The company should broadcast its general shareholders’ meetings live on its website.

The company should have mechanisms that allow the delegation and exercise of votes by electronic means and even, in the case of large-cap companies and, to the extent that it is proportionate, attendance and active participation in the general shareholders’ meeting.

PARTIALLY COMPLIANT

The Company broadcasts, live on its website, its General Shareholders’ Meetings; and has mechanisms that allow for proxy voting and remote voting by its shareholders. It is also expected that, for the 2021 General Shareholders’ Meeting, mechanisms will be in place to allow remote attendance and active participation by shareholders.

8. The audit committee should strive to ensure that the financial statements that the board of directors presents to the general shareholders’ meeting are drawn up in accordance to accounting legislation. And in those cases where the auditors includes any qualification in its report, the chairman of the audit committee should give a clear explanation at the general meeting of their opinion regarding the scope and content, making a summary of that opinion available to the shareholders at the time of the publication of the notice of the meeting, along with the rest of proposals and reports of the board.

✓COMPLIANT

9. The company should disclose its conditions and procedures for admitting share ownership, the right to attend the general shareholders’ meeting and the exercise or delegation of voting rights, and display them permanently on its website.

Such conditions and procedures should encourage shareholders to attend and exercise their rights and be applied in a non-discriminatory manner.

✓COMPLIANT

10. When an accredited shareholder exercises the right to supplement the agenda or submit new proposals prior to the general shareholders’ meeting, the company should:

a) Immediately circulate the supplementary items and new proposals.

b) Disclose the model of attendance card or proxy appointment or remote voting form duly modified so that new agenda items and alternative proposals can be voted on in the same terms as those submitted by the board of directors.

c) Put all these items or alternative proposals to the vote applying the same voting rules as for those submitted by the board of directors, with particular regard to presumptions or deductions about the direction of votes.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

65

d) After the general shareholders’ meeting, disclose the breakdown of votes on such supplementary items or alternative proposals.

NOT APPLICABLE

11. In the event that a company plans to pay for attendance at the general shareholders’ meeting, it should first establish a general, long-term policy in this respect.

NOT APPLICABLE

12. The board of directors should perform its duties with unity of purpose and independent judgement, according the same treatment to all shareholders in the same position. It should be guided at all times by the company’s best interest, understood as the creation of a profitable business that promotes its sustainable success over time, while maximising its economic value.

In pursuing the corporate interest, it should not only abide by laws and regulations and conduct itself according to principles of good faith, ethics and respect for commonly accepted customs and good practices, but also strive to reconcile its own interests with the legitimate interests of its employees, suppliers, clients and other stakeholders, as well as with the impact of its activities on the broader community and the natural environment.

✓COMPLIANT

13. The board of directors should have an optimal size to promote its efficient functioning and maximise participation. The recommended range is accordingly between five and fifteen members.

✓COMPLIANT

14. The board of directors should approve a policy aimed at promoting an appropriate composition of the board of directors and that:

a) Is concrete and verifiable;

b) Ensures that appointment or re-election proposals are based on a prior analysis of the competences required by the board; and

c) Favours s diversity of knowledge, experience, age and gender. Therefore, measures that encourage the company to have a significant number of female senior managers are considered to favour gender diversity.

The results of the prior analysis of competences required by the board should be written up in the nomination committee’s explanatory report, to be published when the general shareholders’ meeting is convened that will ratify the appointment and re-election of each director.

The appointments committee should run an annual check on compliance with the policy and set out its findings in the annual corporate governance report.

✓COMPLIANT

15. Proprietary and independent directors should constitute an ample majority on the board of directors, while the number of executive directors should be the minimum practical bearing in mind the complexity of the corporate group and the ownership interests they control.

Further, the number of female directors should account for at least 40% of the members of the board of directors before the end of 2022 and thereafter, and not less than 30% previous to that.

✓COMPLIANT

16. The percentage of proprietary directors out of all non-executive directors should be no greater than the proportion between the ownership stake of the shareholders they represent and the remainder of the company’s capital.

This criterion can be relaxed:

a) In large cap companies where few or no equity stakes attain the legal threshold for significant shareholdings.

b) In companies with a plurality of shareholders represented on the board of directors but not otherwise related.

✓COMPLIANT

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

66

17. Independent directors should be at least half of all board members.

However, when the company is not highly capitalised or is highly capitalised but has one or more shareholders acting in concert and controlling more than 30% of the share capital, the minimum number of independent directors should be at least one third of the total.

✓COMPLIANT

18. Companies should disclose the following director particulars on their websites and keep them regularly updated:

a) Background and professional experience.

b) Directorships held in other companies, listed or otherwise, and other paid activities they engage in, of whatever nature.

c) Statement of the director class to which they belong, in the case of proprietary directors indicating the shareholder they represent or have links with.

d) Date of their first appointment as a board member and subsequent re-appointments.

e) Shares held in the company, and any options on the same.

✓COMPLIANT

19. Following verification by the nomination committee, the annual corporate governance report should disclose the reasons for the appointment of proprietary directors at the urging of shareholders controlling less than 3% of capital; and explain any rejection of a formal request for a board place from shareholders whose equity stake is equal to or greater than that of others applying successfully for a proprietary directorship.

NOT APPLICABLE

20. Proprietary directors should resign when the shareholders they represent dispose of their ownership interest in its entirety. If such shareholders reduce their stakes, thereby losing some of their entitlement to proprietary directors, the latter number should be reduced accordingly.

NOT APPLICABLE

21. The board of directors should not propose the removal of independent directors before the expiry of their tenure as mandated by the bylaws, except where they find just cause, based on a proposal from the nomination committee. In particular, just cause will be presumed when directors take up new posts or responsibilities that prevent them allocating sufficient time to the work of a board member, or are in breach of their fiduciary duties or come under one of the disqualifying grounds for classification as independent enumerated in the applicable legislation.

The removal of independent directors may also be proposed when a takeover bid, merger or similar corporate transaction alters the company’s capital structure, provided the changes in board membership ensue from the proportionality criterion set out in recommendation 16.

✓COMPLIANT

22. Companies should establish rules obliging directors to disclose any circumstance that might harm the organisation’s name or reputation, related or not to their actions within the company, and tendering their resignation as the case may be, and, in particular, to inform the board of any criminal charges brought against them and the progress of any subsequent trial.

When the board is informed or becomes aware of any of the situations mentioned in the previous paragraph, the board of directors should examine the case as soon as possible and, attending to the particular circumstances, decide, based on a report from the nomination and remuneration committee, whether or not to adopt any measures such as opening of an internal investigation, calling on the director to resign or proposing his or her dismissal. The board should give a reasoned account of all such determinations in the annual corporate governance report, unless there are special circumstances that justify otherwise, which must be recorded in the minutes. This is without prejudice to the information that the company must disclose, if appropriate, at the time it adopts the corresponding measures.

✓COMPLIANT

23. Directors should express their clear opposition when they feel a proposal submitted for the board’s approval might damage the corporate interest. In particular, independents and other directors not subject to potential conflicts of interest should strenuously challenge any decision that could harm the interests of shareholders lacking board representation.

When the board makes material or reiterated decisions about which a director has expressed serious reservations, then he or she must draw the pertinent conclusions. Directors resigning for such causes should set out their reasons in the letter referred to in the next recommendation.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

67

The terms of this recommendation also apply to the secretary of the board, even if he or she is not a director.

✓COMPLIANT

24. Directors who give up their position before their tenure expires, through resignation or resolution of the general meeting, should state the reasons for this decision, or in the case of non-executive directors, their opinion of the reasons for the general meeting resolution, in a letter to be sent to all members of the board.

This should all be reported in the annual corporate governance report, and if it is relevant for investors, the company should publish an announcement of the departure as rapidly as possible, with sufficient reference to the reasons or circumstances provided by the director.

✓COMPLIANT

25. The nomination committee should ensure that non-executive directors have sufficient time available to fulfil their responsibilities effectively.

The board of directors’ regulations should lay down the maximum number of company boards on which directors can serve.

✓COMPLIANT

26. The board should meet with the necessary frequency to properly perform its functions, eight times a year at least, in accordance with a calendar and agendas set at the start of the year, to which each director may propose the addition of initially unscheduled items.

✓COMPLIANT

27. Director absences should be kept to a strict minimum and quantified in the annual corporate governance report. In the event of absence, directors should delegate their powers of representation with the appropriate instructions.

✓COMPLIANT

28. When directors or the secretary express concerns about some proposal or, in the case of directors, about the company’s performance, and such concerns are not resolved at the meeting, they should be recorded in the minute book if the person expressing them so requests.

✓COMPLIANT

29. The company should provide suitable channels for directors to obtain the advice they need to carry out their duties, extending if necessary to external assistance at the company’s expense.

✓COMPLIANT

30. Regardless of the knowledge directors must possess to carry out their duties, they should also be offered refresher programmes when circumstances so advise.

✓COMPLIANT

31. The agendas of board meetings should clearly indicate on which points directors must arrive at a decision, so they can study the matter beforehand or gather together the material they need.

For reasons of urgency, the chairman may wish to present decisions or resolutions for board approval that were not on the meeting agenda. In such exceptional circumstances, their inclusion will require the express prior consent, duly minuted, of the majority of directors present.

✓COMPLIANT

32. Directors should be regularly informed of movements in share ownership and of the views of major shareholders, investors and rating agencies on the company and its group.

✓COMPLIANT

33. The chairman, as the person charged with the efficient functioning of the board of directors, in addition to the functions assigned by law and the company’s bylaws, should prepare and submit to the board a schedule of meeting dates and agendas; organise and coordinate regular evaluations of the board and, where appropriate, the company’s chief executive officer; exercise leadership of the board and be accountable for its proper functioning; ensure that sufficient time is given to the discussion of strategic issues, and approve and review refresher courses for each director, when circumstances so advise.

✓COMPLIANT

34. When a lead independent director has been appointed, the bylaws or board of directors regulations should grant him or her the following powers over and above those conferred by law: chair the board of directors in the absence of the chairman or vice chairmen give voice to the concerns of non-executive directors; maintain contacts with investors and shareholders to hear their views and develop a balanced understanding of their concerns, especially those to do with the company’s corporate governance; and coordinate the chairman’s succession plan.

✓COMPLIANT

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

68

35. The board secretary should strive to ensure that the board’s actions and decisions are informed by the governance recommendations of the Good Governance Code of relevance to the company.

✓COMPLIANT

36. The board in full should conduct an annual evaluation, adopting, where necessary, an action plan to correct weakness detected in:

a) The quality and efficiency of the board’s operation.

b) The performance and membership of its committees.

c) The diversity of board membership and competences.

d) The performance of the chairman of the board of directors and the company’s chief executive.

e) The performance and contribution of individual directors, with particular attention to the chairmen of board committees.

The evaluation of board committees should start from the reports they send the board of directors, while that of the board itself should start from the report of the nomination committee.

Every three years, the board of directors should engage an external facilitator to aid in the evaluation process.

Any business dealings that the facilitator or members of its corporate group maintain with the company or members of its corporate group should be detailed in the annual corporate governance report.

The process followed and areas evaluated should be detailed in the annual corporate governance report.

✓COMPLIANT

37. When there is an executive committee, there should be at least two nonexecutive members, at least one of whom should be independent; and its secretary should be the secretary of the board of directors.

✓COMPLIANT

38. The board should be kept fully informed of the business transacted and decisions made by the executive committee. To this end, all board members should receive a copy of the committee’s minutes.

✓COMPLIANT

39. All members of the audit committee, particularly its chairman, should be appointed with regard to their knowledge and experience in accounting, auditing and risk management matters, both financial and non-financial.

✓COMPLIANT

40. Listed companies should have a unit in charge of the internal audit function, under the supervision of the audit committee, to monitor the effectiveness of internal reporting and control systems. This unit should report functionally to the board’s non-executive chairman or the chairman of the audit committee.

✓COMPLIANT

41. The head of the unit handling the internal audit function should present an annual work programme to the audit committee, for approval by this committee or the board, inform it directly of any incidents or scope limitations arising during its implementation, the results and monitoring of its recommendations, and submit an activities report at the end of each year.

✓COMPLIANT

42. The audit committee should have the following functions over and above those legally assigned:

1. With respect to internal control and reporting systems:

a) Monitor and evaluate the preparation process and the integrity of the financial and non-financial information, as well as the control and management systems for financial and non-financial risks related to the company and, where appropriate, to the group – including operating, technological, legal, social, environmental, political and reputational risks or those related to corruption – reviewing compliance with regulatory requirements, the accurate demarcation of the consolidation perimeter, and the correct application of accounting principles.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

69

b) Monitor the independence of the unit handling the internal audit function; propose the selection, appointment and removal of the head of the internal audit service; propose the service’s budget; approve or make a proposal for approval to the board of the priorities and annual work programme of the internal audit unit, ensuring that it focuses primarily on the main risks the company is exposed to (including reputational risk); receive regular report-backs on its activities; and verify that senior management are acting on the findings and recommendations of its reports.

c) Establish and supervise a mechanism that allows employees and other persons related to the company, such as directors, shareholders, suppliers, contractors or subcontractors, to report irregularities of potential significance, including financial and accounting irregularities, or those of any other nature, related to the company, that they notice within the company or its group. This mechanism must guarantee confidentiality and enable communications to be made anonymously, respecting the rights of both the complainant and the accused party.

d) In general, ensure that the internal control policies and systems established are applied effectively in practice.

2. With regard to the external auditor:

a) Investigate the issues giving rise to the resignation of the external auditor, should this come about.

b) Ensure that the remuneration of the external auditor does not compromise its quality or independence.

c) Ensure that the company notifies any change of external auditor to the CNMV as a material event, accompanied by a statement of any disagreements arising with the outgoing auditor and the reasons for the same.

d) Ensure that the external auditor has a yearly meeting with the board in full to inform it of the work undertaken and developments in the company’s risk and accounting positions.

e) Ensure that the company and the external auditor adhere to current regulations on the provision of non-audit services, limits on the concentration of the auditor’s business and other requirements concerning auditor independence.

PARTIALLY COMPLIANT

Certain functions contained in this recommendation, in particular in paragraph 1(a), on the monitoring of risk control and management systems; paragraph 1(c), on the monitoring of a mechanism for the reporting of irregularities of particular importance; and paragraph 1(d), on the monitoring of the implementation of internal control policies and systems, are assigned, in accordance with the provisions of the Regulations of the Board of Directors, to the Risk and Compliance Committee, composed exclusively of non-executive directors, most of them being independent directors, as well as its Chairman.

Within the framework of BBVA’s Corporate Governance System, this Committee assists the Board in determining and monitoring the policy for control and management of all risks (financial and non-financial) of the Group, with the exception of the functions that correspond to internal financial control, that are the responsibility of the Audit Committee; those of technological risk, which correspond to the Technology and Cybersecurity Committee; and those of business and reputational risk, which correspond to the Executive Committee. It also carries out monitoring of the information and internal control systems, the Regulation & Internal Control function (which includes, among other units, the Compliance Unit) and implementation within the Group of risk and compliance culture.

Notwithstanding the foregoing, the Audit Committee may, where appropriate, receive information on the above, within the framework of its responsibilities and under the inter-committee coordination mechanism provided for in the Regulations of the Board, for the best exercise of its functions.

43. The audit committee should be empowered to meet with any company employee or manager, even ordering their appearance without the presence of another senior officer.

✓COMPLIANT

44. The audit committee should be informed of any fundamental changes or corporate transactions the company is planning, so the committee can analyse the operation and report to the board beforehand on its economic conditions and accounting impact and, when applicable, the exchange ratio proposed.

✓COMPLIANT

45. Risk control and management policy should identify at least:

a) The different types of financial and non-financial risk the company is exposed to (including operational, technological, financial, legal, social, environmental, political and reputational risks, and risks relating to corruption), with the inclusion under financial or economic risks of contingent liabilities and other off-balance-sheet risks.

b) A risk control and management model based on different levels, of which a specialised risk committee will form part when sector regulations provide or the company deems it appropriate.

c) The level of risk that the company considers acceptable.

d) The measures in place to mitigate the impact of identified risk events should they occur.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

70

e) The internal control and reporting systems to be used to control and manage the above risks, including contingent liabilities and off-balance sheet risks.

✓COMPLIANT

46. Companies should establish a risk control and management function in the charge of one of the company’s internal department or units and under the direct supervision of the audit committee or some other dedicated board committee. This function should be expressly charged with the following responsibilities:

a) Ensure that risk control and management systems are functioning correctly and, specifically, that major risks the company is exposed to are correctly identified, managed and quantified.

b) Participate actively in the preparation of risk strategies and in key decisions about their management.

c) Ensure that risk control and management systems are mitigating risks effectively in the frame of the policy drawn up by the board of directors.

✓COMPLIANT

47. Appointees to the nomination and remuneration committee – or of the nomination committee and remuneration committee, if separately constituted – should have the right balance of knowledge, skills and experience for the functions they are called on to discharge. The majority of their members should be independent directors.

✓COMPLIANT

48. Large cap companies should operate separately constituted nomination and remuneration committees.

✓COMPLIANT

49. The nomination committee should consult with the company’s chairman and chief executive, especially on matters relating to executive directors.

When there are vacancies on the board, any director may approach the nomination committee to propose candidates that it might consider suitable.

✓COMPLIANT

50. The remuneration committee should operate independently and have the following functions in addition to those assigned by law:

a) Propose to the board the standard conditions of senior management contracts.

b) Monitor compliance with the remuneration policy established by the company.

c) Periodically review the remuneration policy for directors and senior officers, including share-based remuneration systems and their application, and ensure that their individual compensation is proportionate to the amounts paid to other directors and senior officers in the company.

d) Ensure that conflicts of interest do not undermine the independence of any external advice the committee engages.

e) Verify the information on director and senior officers’ pay contained in corporate documents, including the annual directors’ remuneration statement.

✓COMPLIANT

51. The remuneration committee should consult with the company’s chairman and chief executive, especially on matters relating to executive directors and senior officers.

✓COMPLIANT

52. The rules of performance and membership of supervision and control committees should be set out in the board of directors’ regulations and aligned with those governing legally mandatory board committees as specified in the preceding sets of recommendations. They should include:

a) Committees should be formed exclusively by non-executive directors, with a majority of independents.

b) They should be chaired by independent directors.

c) The board should the members of such committees with regard to the knowledge, skills and experience of its directors and each committee’s terms of reference; discuss their proposals and reports; and provide report-backs on their activities and work at the first board plenary following each committee meeting.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

71

d) They may engage external advice, when they feel it necessary for the discharge of their functions.

e) Meeting proceedings should be minuted and a copy made available to all board members.

✓COMPLIANT

53. The task of supervising compliance with the policies and rules of the company in the environmental, social and corporate governance areas, and internal rules of conduct, should be assigned to one board committee or split between several, which could be the audit committee, the nomination committee, a committee specialised in sustainability or corporate social responsibility, or a dedicated committee established by the board under its powers of selforganisation. Such a committee should be made up solely of non-executive directors, the majority being independent and specifically assigned the following minimum functions.

PARTIALLY COMPLIANT

The responsibility of supervising compliance with the Bank’s policies and rules in the area of environmental, social and corporate governance, as well as internal codes of conduct, and other matters referred to in Recommendation 54, is shared between several Board Committees: namely, the Appointments and Corporate Governance Committee, the Audit Committee and the Risk and Compliance Committee, composed exclusively of non-executive directors; and also the Executive Committee.

In particular, regarding environmental and social matters, the Executive Committee and the Risk and Compliance Committee play a more active role in assisting the Board on such matters, each within the limits of their powers.

The Executive Committee, which is comprised of a majority non-executive directors, is established to support the Board in the area of strategy and finance and oversees, on a recurrent basis, the integration of sustainability into the Group’s business processes and activity, in line with the strategic priorities set out by the Bank. This Committee also oversees the implementation of the Bank’s Sustainability Policy, approved by the Board, as well as the implementation of the Corporate Social Responsibility Policy, also approved by the Board.

In turn, the Risk and Compliance Committee, composed of a large majority of independent directors and without the presence of executive directors, monitors and supervises the integration of sustainability into the Group’s risk analysis and management, from the perspectives of both risk planning and risk management. This Committee’s functions also include to examine draft codes of ethics and conduct and their respective modifications, and matters related to money laundering, conduct on the securities markets, data protection and the scope of Group activities with respect to competition.

Finally, the Appointments and Corporate Governance Committee, composed of a majority of independent directors, is responsible for regularly reviewing and assessing BBVA’s corporate governance system; and the Audit Committee, composed exclusively of independent directors, is responsible for overseeing the process of preparing and reporting financial and related non-financial information.

54. The minimum functions referred to in the above recommendation are as follows:

a) Monitor compliance with the company’s internal codes of conduct and corporate governance rules, and ensure that the corporate culture is aligned with its purpose and values.

b) Monitor the implementation of the general policy regarding the disclosure of economic-financial, non-financial and corporate information, as well as communication with shareholders and investors, proxy advisors and other stakeholders. Similarly, the way in which the entity communicates and relates with small and medium-sized shareholders should be monitored.

c) Periodically evaluate the effectiveness of the company’s corporate governance system and environmental and social policy, to confirm that it is fulfilling its mission to promote the corporate interest and catering, as appropriate, to the legitimate interests of remaining stakeholders.

d) Ensure the company’s environmental and social practices are in accordance with the established strategy and policy.

e) Monitor and evaluate the company’s interaction with its stakeholder groups.

✓COMPLIANT

55. Environmental and social sustainability policies should identify and include at least:

a) The principles, commitments, objectives and strategy regarding shareholders, employees, clients, suppliers, social welfare issues, the environment, diversity, fiscal responsibility, respect for human rights and the prevention of corruption and other illegal conducts.

b) The methods or systems for monitoring compliance with policies, associated risks and their management.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

72

c) The mechanisms for supervising non-financial risk, including that related to ethical aspects and business conduct.

d) Channels for stakeholder communication, participation and dialogue.

e) Responsible communication practices that prevent the manipulation of information and protect the company’s honour and integrity.

✓COMPLIANT

56. Director remuneration should be sufficient to attract individuals with the desired profile and compensate the commitment, abilities and responsibility that the post demands, but not so high as to compromise the independent judgement of non-executive directors.

✓COMPLIANT

57. Variable remuneration linked to the company and the director’s performance, the award of shares, options or any other right to acquire shares or to be remunerated on the basis of share price movements, and membership of long-term savings schemes such as pension plans, retirement schemes and other savings schemes, should be confined to executive directors.

The company may consider the share-based remuneration of non-executive directors provided they retain such shares until the end of their mandate. This condition, however, will not apply to shares that the director must dispose of to defray costs related to their acquisition.

✓COMPLIANT

58. In the case of variable awards, remuneration policies should include limits and technical safeguards to ensure they reflect the professional performance of the beneficiaries and not simply the general progress of the markets or the company’s sector, or circumstances of that kind.

And, in particular, variable remuneration items should meet the following conditions:

a) Be subject to predetermined and measurable performance criteria that factor the risk assumed to obtain a given outcome.

b) Promote the long-term sustainability of the company and include nonfinancial criteria that are relevant for the company’s long-term value creation, such as compliance with its internal rules and procedures and its risk control and management policies.

c) Be focused on achieving a balance between the delivery of short, medium and long-term objectives, such that performance-related pay rewards ongoing achievement, maintained over sufficient time to appreciate its contribution to long-term value creation. This will ensure that performance measurement is not based solely on one-off, occasional or extraordinary events.

✓COMPLIANT

59. The payment of the variable components of remuneration is subject to sufficient verification that previously established performance, or other, conditions have been effectively met. Entities should include in their annual directors’ remuneration report the criteria relating to the time required and methods for such verification, depending on the nature and characteristics of each variable component.

Additionally, entities should consider establishing a reduction clause (‘malus’) based on deferral for a sufficient period of the payment of part of the variable components that implies total or partial loss of this remuneration in the event that prior to the time of payment an event occurs that makes this advisable.

✓COMPLIANT

60. Remuneration linked to company earnings should bear in mind any qualifications stated in the external auditor’s report that reduce their amount.

✓COMPLIANT

61. A major part of executive directors’ variable remuneration should be linked to the award of shares or financial instruments whose value is linked to the share price.

✓COMPLIANT

62. Following the award of shares, options or financial instruments corresponding to the remuneration schemes, executive directors should not be able to transfer their ownership or exercise them until a period of at least three years has elapsed.

Except for the case in which the director maintains, at the time of the transfer or exercise, a net economic exposure to the variation in the price of the shares for a market value equivalent to an amount of at least twice his or her fixed annual remuneration through the ownership of shares, options or other financial instruments.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

73

The foregoing shall not apply to the shares that the director needs to dispose of to meet the costs related to their acquisition or, upon favourable assessment of the nomination and remuneration committee to address an extraordinary situation.

✓COMPLIANT

63. Contractual arrangements should include provisions that permit the company to reclaim variable components of remuneration when payment was out of step with the director’s actual performance or based on data subsequently found to be misstated.

✓COMPLIANT

64. Termination payments should not exceed a fixed amount equivalent to two years of the director’s total annual remuneration and should not be paid until the company confirms that he or she has met the predetermined performance criteria.

For the purposes of this recommendation, payments for contractual termination include any payments whose accrual or payment obligation arises as a consequence of or on the occasion of the termination of the contractual relationship that linked the director with the company, including previously unconsolidated amounts for long-term savings schemes and the amounts paid under post-contractual non-compete agreements.

✓COMPLIANT

H. OTHER POINTS OF INTEREST

1. If there is any other aspect relevant to the corporate governance in the company or in the group entities that has not been addressed in the rest of the sections of this report, but is necessary to include to provide more comprehensive and well-grounded information on the corporate governance structure and practices in the Bank or its group, give a brief description of them.

2. This section may also include any other information, clarification or detail related to previous sections of the report if it is relevant and not reiterative.

In particular, indicate whether the company is subject to corporate governance legislation from a country other than Spain and, if so, include the mandatory information to be provided, if different from that required by this report.

3. The company may also indicate if it has voluntarily signed up to other international, industry-wide or any other codes of ethical principles or best practices. Where applicable, identify the code in question and the date of signing. In particular, indicate whether it has signed up to the Code of Good Tax Practices of 20 July 2010.

The data in this report refers to the financial year ending 31 December 2020, except in those cases when another reference date is specifically stated.

Further to Section A.3, BBVA has a fixed remuneration system with deferred share delivery for its non-executive directors, as approved by the General Meeting. This consists of the annual allocation to each non-executive director of a number of BBVA “theoretical shares” equivalent to 20% of the total cash compensation received by each non-executive director in the previous year. This will be delivered as appropriate, after their termination as a director for any reason other than serious dereliction of duties. Details on the annual allocation made by the Board and the accumulated theoretical shares can be found in Notes 54 and 49 on “Remuneration and other benefits to the Board of Directors and to members of the Bank’s Senior Management” within the notes to the annual financial statements corresponding to BBVA’s Consolidated and Individual Annual Accounts for the 2020 financial year, respectively, as well as in BBVA’s Annual Report on the Remuneration of Directors.

The remuneration system for executive directors includes, among other elements, an annual variable remuneration whose settlement and payment system includes a share portion and deferral periods. The details of the shares that correspond to each executive director as part of this remuneration are also set out in Notes 54 and 49 on “Remuneration and other benefits to the Board of Directors and to members of the Bank’s Senior Management” of the notes to the annual financial statements for the BBVA Consolidated and Individual Annual Accounts the 2020 financial year, respectively, and in BBVA’s Annual Report on the Remuneration of Directors.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

74

Further to Section A.9, relating to income from treasury-share trading, Rule 21 of Circular 4/2017 and IAS 32, Paragraph 33, expressly prohibit the recognition, in the income statement, of gains or losses made through transactions carried out with own capital instruments, including their issuance and redemption. Said profits and losses are directly booked against the company’s net equity. In the table of significant variations, the date of entry of CNMV Model IV into the registries of that body. This model is related to communications with treasury shares and contains the reason for such communication.

For the purpose of clarifying the information contained in Section C.1.2, it is indicated that Jaime Félix Caruana Lacorte accepted his appointment on 4 June 2018; Ana Cristina Peralta Moreno accepted her appointment on 8 May 2018; Ana Leonor Revenga Shanklin and Carlos Vicente Salazar Lomelín accepted their appointments on 1 April 2020, with the date of appointment by the corresponding General Meeting set out in Section C.1.2.

Further to section C.1.7, the Committee observed that independent directors contribute to the suitable composition of both the Board of Directors and its committees and, in particular, those that assist the Board in its supervision and control functions. These Committees must have a significant number of independent directors, from among which the chairs of these committees must also be appointed.

Finally, the current composition of the Board complies with the provisions of the applicable legislation, the Regulations of the corporate bodies and the objectives of the Selection Policy in this regard. In addition to the foregoing paragraphs, it is worth noting that:

In light of the above, it is the view of the Committee that the Board of Directors as a whole has an adequate and diverse composition, with extensive knowledge of the environment, strategy, activities, business and risks of the Bank and its Group, and which is balanced and suited to current needs, thus helping the corporate bodies to perform their functions in the Bank’s best corporate interest.

Further to Section C.1.9, the various Board Committees with oversight and control functions also have certain functions delegated by the Board of Directors, which are set forth in their corresponding regulations and are available on the Bank’s website.

Further to the information included in section C.1.13:

The amount included in the item “Remuneration of the Board of Directors accrued during the financial year” corresponds, based on the instructions of this Report, with the amount declared as total remuneration accrued according to Table C) “Summary of remunerations” of section 3.4 (Statistical appendix) of BBVA’s Annual Report on the Remuneration of Directors, which includes: the fixed and in-kind remuneration of the executive and non-executive directors received during the 2020 financial year; the payment of the deferred portion of the Annual Variable Remuneration for the 2017 financial year, in cash and monetised shares, together with its corresponding update, payable in 2021 if the corresponding conditions are met; as well as the remuneration paid as a result of the non-compete agreement to the former executive director Head of Global Economics & Public Affairs, who ceased as director on 13 March 2020, and the consolidated amounts of rights to savings system corresponding to this director. The consolidated amount of rights to savings system indicated in the Annual Report of Remunerations for Directors corresponds to the total of the accumulated funds to meet the retirement commitments made by the Bank to the former executive director Head of Global Economics & Public Affairs, which, in accordance to BBVA Directors’ Remuneration Policy and the conditions established in his contract, he will be entitled to receive, paid as a lump sum or in instalments, when he reaches the legally established retirement age, without the Bank having to make any additional contributions since the termination.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

75

The amount included in the item “Remuneration of the Board of Directors accrued during the financial year” does not include the initial portion of the Annual Variable Remuneration of the executive directors for the 2020 financial year since it has not accrued due to the executive directors waiving its generation in light of the exceptional circumstances arising from the COVID-19 crisis.    

These concepts are detailed, individually for each director, in Notes 54 and 49 of the notes to the annual financial statements corresponding to BBVA’s Annual Consolidated and Individual Accounts for the 2020 financial year, respectively.

For the purposes of calculating the cash value of the shares corresponding to the Deferred Portion of the 2017 Annual Variable Remuneration, to be paid in 2021, and bearing in mind that these shares had not yet been delivered to their beneficiaries as of the date of this report, the average closing price of BBVA’s share price for the stock exchanges between 15 December 2020 and 15 January 2021 inclusive has been taken as a reference. This price stood at EUR 4.12 per share. The price used to initially determine the number of shares of the deferred part of the 2017 Annual Variable Remuneration in accordance with the policy applicable in that financial year was the average closing price of BBVA’s share for trading sessions between 15 December 2017 and 15 January 2018, which was EUR 7.254 per share.

With regard to the “Amount of entitlements accrued by current directors in regard to pensions” indicated in section C.1.13 of this Report, during the 2020 financial year, the Bank made pension commitments to the Chairman to cover the contingencies of retirement, disability and death in accordance with the provisions of the Bylaws, the BBVA Directors’ Remuneration Policy and his contract entered into with the Bank. For the Chief Executive Officer, the Bank has no pension commitments, although it does have commitments to cover the contingencies for disability and death, in accordance with the BBVA Directors’ Remuneration Policy and the contract entered into with the Bank.

The main characteristics of the pension system of the Chairman to cover the retirement contingency are detailed in the BBVA Directors’ Remuneration Policy, and include, inter alia, the following: it is a defined contribution system; no provision for receiving the retirement pension in advance; and 15% of the agreed contribution is considered “discretionary pension benefits”, in accordance with the requirements of the applicable regulations. They are also included in Notes 54 and 49 of the Annual Report corresponding to the annual financial statements for BBVA’s Consolidated and Individual Annual Financial Statements for the 2020 financial year, respectively, which include the amounts of the entitlements accrued by the Chairman as at 31 December 2020.

The balance of the item “Provisions — Funds for pensions and similar obligations” on the Group’s consolidated balance sheet at 31 December 2020 includes EUR 73 million as post-employment provision commitments maintained with former members of the Board of Directors.

Further to the information included in section C.1.14:

The item “Total remuneration of Senior Management” includes the remuneration of the members of Senior Management (15 members as at 31 December 2020, excluding the executive directors), which includes: the annual and in-kind fixed remuneration received during the 2020 financial year; the payment of the Deferred Portion of the Annual Variable Remuneration for the 2017 financial year, in cash and monetised shares, together with its corresponding update, payable in 2021, if the corresponding conditions are met. The monetised shares stood at the same value as that indicated in the case of the executive directors (i.e. EUR 4.12 per share; see Section C.1.13). As in the case of the executive directors, this item does not include the Annual Variable Remuneration for the 2020 financial year as it has not been accrued since the members of the Senior Management waived its generation in light of the exceptional circumstances arising from the COVID-19 crisis.

The main characteristics of the pension systems for this group are, inter alia, the following: defined contributions; no provision for receiving the retirement pension in advance; and 15% of the agreed contributions are considered “discretionary pension benefits”, in accordance with the requirements of the applicable regulations.

The above concepts are detailed in Notes 54 and 49 of the annual financial statements corresponding to BBVA’s Consolidated and Individual Annual Financial Statements for the 2020 financial year, respectively.

The balance of the item “Provisions — Funds for pensions and similar obligations” on the Group’s consolidated balance sheet at 31 December 2020 includes EUR 282 million as post-employment provision commitments maintained with former members of the Bank’s Senior Management.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

76

In addition, it is indicated that, on 22 December 2020, José Luis Elechiguerra was appointed Head of Engineering & Organization; as at the date of this report, his position as Senior Manager of Banco Bilbao Vizcaya Argentaria, S.A. was pending registration in the Bank of Spain’s Register of Senior Officers, in accordance with the applicable regulations.

Further to Section C.1.17, set out below is the assessment carried out by the Board of Directors of its committees’ operation, based on reports submitted by their respective Chairs:

All of which has been taken into consideration by the Board of Directors during the assessment process carried out in respect of the 2020 financial year described in the preceding paragraphs.

With regard to Section C.1.27, as BBVA shares are listed on the New York Stock Exchange, it is subject to the supervision of the Securities and Exchange Commission (SEC) and, thus, to compliance with the Sarbanes Oxley Act and its implementing regulations, and for this reason each year the Group Executive Chairman, the Chief Executive Officer and the executive tasked with preparing the Accounts sign and submit the certifications described in sections 302 and 906 of this Act, related to the content of the Annual Financial Statements. These certificates are contained in the annual registration statement (Form 20-F) which the Company files with this authority for the official record.

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

77

Further to Section C.2.1, the following is a brief indication of what the regulations establish with regard to the composition and functions of each of the remaining Board Committees:

This English version is a translation of the original in Spanish for information purposes only. In case of a discrepancy, the Spanish original will prevail.

78

Also, following the most important activities of the Board Committees and their organisational and operational rules as set out in paragraph C.2.1:

In addition, the Committee has played a key role in monitoring and controlling the measures implemented in BBVA for the management of the health and economic crisis caused by COVID-19, with intensive monitoring of the Bank’s businesses and activities adapted to the needs of the Bank and the environment, in a changing and uncertain context, and prioritising matters that required increased monitoring and control as well as those with the greatest impact on BBVA, including the Bank’s main management measures, the impacts of the crisis on activity, results and organisation, the capital situation, liquidity and solvency, and the development of risk management.

Furthermore, the Committee has ensured the coherence and alignment of RAF with the strategy established by the Board of Directors and has reviewed and proposed the bases for the proposals upon which RAF has been drafted, which were submitted to the Board by the Risk and Compliance Committee. The Committee has also supported the Board in analysing and monitoring the drafting of the Budget, the Capital Plan and the Liquidity and Funding Plan prior to submission to the Board.