Deutsche Bank Governance and operations Non-Financial Report 2022 Product responsibility Product suitability and appropriateness FS1 Deutsche Bank’s Global Client Suitability and Appropriateness Policy outlines minimum standards that all divisions must meet, including implementing controls related to the performance of suitability and appropriateness assessments as relevant, the clarity of warnings and notifications provided to clients, and the effectiveness of such warnings. Further consideration is given to metrics, governance, and training. Suitability and appropriateness metrics relating to the underlying products and services are provided monthly to the Bank’s Non-Financial Risk Committee. They include trends on relevant customer complaints, New Product Approval breaches, and other metrics. The divisional Product Governance Policies support the bank’s efforts to offer products and services based on processes and principles designed to comply with legal and regulatory requirements. For example, they outline factors that may be considered for monitoring to determine whether products have only been sold to the appropriate client group. In accordance with regulatory requirements, the bank assesses where required various parameters, including a product’s complexity as well as clients’ product knowledge, experience, regulatory classification, and investment objectives. The bank may be subject to litigation in instances where clients believe they have been sold an unsuitable or inappropriate product or service and these grievances cannot otherwise be resolved. Any material matters would be disclosed in Note 27 “Provisions” of the Annual Report 2022. Selling practices and marketing GRI 2-23/25, 3-3, 417-1 Deutsche Bank is committed to marketing products and services responsibly and to providing information clients can trust. This not only supports clients’ interests but promotes market efficiency by providing all market participants with the opportunity to act on information that is neither false nor misleading. Accordingly, the bank’s Business Communications Policy requires all communications, independent of format, medium, or audience, to meet certain minimum standards and requirements for content in addition to being fair, clear, and accurate. For example, any mention of the prospective profit or advantages of a transaction must be balanced by reference to relevant risk factors. Deutsche Bank’s business divisions and units have varied and nuanced controls that reflect products and services it offers. For example, the Origination & Advisory business periodically compares a sample of its pitchbooks against a predefined checklist to verify products and services have been presented fairly and clearly and include appropriate disclosures and disclaimers. The output of such controls, such as the number of exceptions, are included in materials discussed in senior governance fora in order identify any negative trends and, if necessary, propose remediation steps. Furthermore, the business conducts regular risk assessments in addition to Compliance’s annual assessment that considers the appropriateness of the control environment across the divisions. These assessments consider numerous factors including client base, product availability, business volumes, regulatory requirements, past incidents, and issues identified, that is, no single factor such as associated revenue determines the extent of controls. At Private Bank Germany, each loan application includes an analysis of the clients’ situation in order to protect the clients, mainly retail clients, from over-indebtedness. The bank’s loan processes, and staff training reflect this commitment. The bank takes a variety of steps to mitigate hardship in conjunction with nonperforming loans. The bank notifies clients early if they fail to repay loans or repay late. In addition, the bank’s products aim to benefit individual clients while not harming society at large. This rules out, for example, advisory of mutual funds that involve the manufacturing or sale of nuclear weapons, cluster munitions, and landmines, promote or use child labor, violate human rights, or support drug trafficking or money laundering. Conflicts of interest GRI 2-15 The potential for a conflict of interest occurring, including between the bank and its clients, between employees and clients, or between one or more clients in the course of provision of services by the bank, is present daily and an inherent part of the bank’s activities. Deutsche Bank’s Conflicts of Interest Policy (*) outlines the types of conflicts that may arise and requires all employees to identify, report, and manage them appropriately. Conflicts of interest can arise in conjunction with the services and activities carried out on behalf of the bank’s clients; its own corporate activities; and its employees’ activities, whether through trading for their own accounts, their outside business interests, or their family and close personal relationships. Some conflicts of interest are not permitted as a matter of law or regulation and others are permitted so long as the bank has appropriate means by which to manage them. 94