Deutsche Bank Governance and operations Non-Financial Report 2022 Product responsibility Product responsibility – Reinforcing Values and Beliefs through regular training – Evolving product responsibility policy, process, and governance – Collaborating across business and control functions in product reviews GRI 2-23/25, 3-3, 404-2, FS4 Deutsche Bank’s commitment to product responsibility is underpinned by its Code of Conduct (*), which is approved by the bank’s Chief Compliance Officer and applies to all employees and members of the bank’s Management Board. The Code is regularly reviewed and is updated as necessary in response to industry developments or incidents. Employees are required to attest to having read and understood the Code of Conduct on a regular basis. Furthermore, the bank has an extensive policy framework in place with accompanying governance designed to review and communicate policy requirements as required. Policies are widely available internally via a portal and in certain instances may be shared with other parties including vendors or made publicly available. It is when the bank delivers its products and services with integrity that trusting relationships with clients are developed and sustainable performance is achieved. In practice, this means the bank’s products and services are designed with input from various control functions, checking that the business have appropriately considered the intended target market and alignment with the bank’s objectives and values. Deutsche Bank seeks to adhere to relevant rules and regulations and endeavors to be fair, clear, and accurate when marketing its products and services. The bank has implemented checks and processes designed to screen potential and existing clients across multiple dimensions. The extent of screening varies by client, product risk profiles and jurisdictional requirements. The bank aims to minimize and/or appropriately mitigate any conflicts of interest the bank may encounter when providing products or services. The variable components of senior management’s compensation plans are carefully designed to establish appropriate incentives, particularly in relation to conduct and adherence to the bank’s values and beliefs. For more information, see the bank’s Compensation Report within the Annual Report 2022. Consequently, Deutsche Bank’s Compliance training program is tailored to address these important areas. Specifically, there are training modules on communicating with clients, identifying and managing conflicts, and checking products’ suitability and appropriateness. The module on the Code of Conduct includes topics related to product responsibility as well. Deutsche Bank believes it is vital for all employees to complete this training. Failure to do so can adversely affect employees’ compensation and their manager’s. Employees in the Investment Bank, Corporate Bank, and International Private Bank are required to complete an online training module named “The Essentials of our Duties to Customers” or, depending on the Employee’s client base, a similar module that addresses consumer protection. Employees of the aforementioned divisions must also take “The Essentials of Managing our Conflicts of Interest”. The in-scope employees complete these modules upon joining the bank and generally every two years thereafter. The latter module, which previously focused on business conflicts, was updated in recent years to include content on personal conflicts that was formerly part of a separate module; a new section on personal conflicts tailored to the needs of Infrastructure staff was added as well. If a client expresses dissatisfaction with a product or service, the bank has procedures in place to resolve the situation equitably, which may include, where relevant, notifying regulators through the provision of individual complaint details, aggregate complaint data or otherwise. The complaint process may vary by product type and jurisdiction, information can be found at db.com (*) or through a Deutsche Bank representative. Product design and advisory principles GRI 2-23, 3-3 Deutsche Bank’s New Product Approval and Systematic Product Review processes form a control framework designed to manage the risks associated with new products and services and their lifecycle management. These processes are overseen by Product Governance, within the Non-Financial Risk function. Existing products and services are reviewed in one- to three- year cycles designed to assess whether they remain fit for purpose and consistent with their respective target markets’ characteristics and objectives. Each product or service must be sponsored by a business Managing Director who bears ultimate accountability for it. Breaches of the New Product Approval requirements are in scope of the bank’s Red Flag program and as such may adversely affect employees’ compensation. 93