"Not being compliant with new, or new views on, laws and regulations may lead to reputational damage or fines or endanger our long-term goals. Ensuring compliance with regulatory requirements can consume a substantial part of our resources, and also requires robust risk governance. A large number of staff and a high amount of budget have been made available for regulatory change initiative (such as MiFID II, GDPR, PSD2 and IFRS 9) and for strenghtening our risk governance. There are currently concerns within the Executive Board regarding our compliance with MiFID II requirements at the start of 2018. The Executive Board has identified and agreed upon the following areas of improvement and these are being actively managed by senior management:"