Deutsche Bank Transition toward a sustainable and climate-neutral economy Non-Financial Report 2022 Climate risk Liquidity risk Deutsche Bank uses stress testing and pathway analysis to assess the impact of climate risk on liquidity. In particular, the bank’s stressed Net Liquidity Position scenarios, that are run on a daily basis, include climate disasters as possible triggers of stress (physical risks). In 2022 the bank also developed and ran an internal climate stress test on liquidity, discussed in section “Scenario analysis and stress testing” of this chapter. Physical climate risk is covered by the bank’s stressed Net Liquidity Position liquidity risk appetite, as one of the possible triggers that is modelled for liquidity risk events. Work done on physical risk shows that these risks are in most reasonable cases smaller than other risks that the bank daily reserves liquidity for. Transition risk, which is expected to develop incrementally over many years, will be managed through the Group’s annual funding planning processes. Non-financial risk / Operational risk Non-Financial Risk Management integrates climate-related and broader ESG drivers into certain aspects of its Operational Risk Management Framework. In 2022, an ESG flag was introduced to the taxonomy of sub-risk types under the overarching risk type “operational risk” to identify those sub-risk types where ESG is considered a key risk driver. This flagging will form part of regular reviews of the taxonomy. The integration efforts further progressed in 2022 through a new ESG driven risk review, which was used as an input into the regular risk & control assessment exercise carried out globally across divisions. This review will also help inform further integration activities in the Operational Risk Management Framework. In line with the Operational Risk Management Framework, risk identification takes place through analysis of past internal and external operational risk events. Exploratory scenario analysis is also used to analyze potential event situations and the effectiveness of related controls to identify areas for further risk mitigation and strengthening of the control environment. This library of scenarios included, for example, scenarios on physical risk (e.g., extreme weather events impacting the bank's data centers) as well as on Sustainable Finance products. In the materiality assessment of climate and environmental risks conducted in 2022 (described earlier in this chapter), the core transmission channels for Operational risk were identified as (i) direct damage or unavailability of service to clients as a result of physical risk impacts from extreme weather events and (ii) ESG-related liability consequences, which can amongst others, result from greenwashing. In order to mitigate physical risk impacts on its operations, Deutsche Bank has a long-standing Business Continuity Management framework in place which employs an all-hazards approach. This framework requires the 1st Line of Defense to conduct a Business Impact Analysis for the disruption of their processes/services and develop and regularly test recovery strategies for mandatory Business Continuity Management planning scenarios (such as loss of facility, pandemic / unavailability of staff, loss of business application, loss of 3rd Party, tested regardless of the root cause of the disruption). Business Continuity related scenario libraries and other framework documentation including Risk Appetite Statements are regularly reviewed and cover explicitly climate-related scenarios for some areas. These include: – The Business Continuity Management and Crisis Management Policy includes planning scenario examples for a) loss of primary production facility, b) significant staff unavailability and c) loss of third party – The bank’s city-wide outage planning demands yearly exercises in service center locations such as India, Philippines & Jacksonville, where climate-related scenarios are prevalent – In the severe scenario narrative library, a climate change & natural hazard driver is included among the emergency risk drivers – As part of the existing Business Continuity Management program, the bank has established hazard /region specific plans such as the Hurricane Plans for the Americas Region Regulators have increased their scrutiny on the topic of “greenwashing” (i.e., where companies are considered to obtain an unfair competitive advantage by inaccurately portraying, exaggerating or misleading the selling of and/or contents of products, or their general image, as being ‘environmentally friendly’, green or sustainable). Stringent controls are considered to be a key element to prevent and mitigate the risk of greenwashing. Analysis is therefore underway to review the greenwashing-related regulatory landscape, external events, impacted risk types and internal controls. In addition, work was kicked-off in 2022 that focuses on triggers of potential ESG-related litigations. The outcome of these analyses as well as the business-run ESG driven risk review will be used, where applicable, to enhance the control environment in 2023. Addressing this risk in an adequate manner supports: – Investors’ and society’s trust in the financial industry to support the transformation of the economy towards de-carbonization and sustainability, as envisaged by the European’s Commission Action Plan on Sustainable Finance – Protection of Deutsche Bank’s reputation – Mitigation of the risk of regulatory enforcement or civil litigation 44