Deutsche Bank Appendix Non-Financial Report 2022 Principles for Responsible Banking Response Links and references Deutsche Bank established a comprehensive sustainability governance to manage, Non-Financial Report 2022: measure and control sustainability activities across the bank. The most senior forum and Sustainability strategy and main governance body is the Group Sustainability Committee, which was created in 2020 implementation/ Sustainability and is chaired by the bank’s Chief Executive Officer. It consists of Management Board governance members, and the heads of the bank’s business divisions (GMC members) as well as infrastructure functions. The committee acts as senior decision-making body for Non-Financial Report 2022: sustainability-related matters on group level. Its “run the bank”-mandate has oversight of Climate Risk/Governance sustainability strategy implementation across divisions and also ensures alignment of the sustainability strategy with the client centric pillar of the bank’s corporate strategy. Non-Financial Report 2022: Environmental and social due The Group Risk Committee (GRC), chaired by the Chief Risk Officer, is established by the diligence/Environmental and Management Board to serve as the central forum for review and decision making on matters Social Policy Framework related to risk, capital, and liquidity. This includes the responsibility for developing the bank’s committees of the GRC are Climate Risk Framework. A number of delegated sub- responsible for the development and management of specific elements of climate risk: The Enterprise Risk Committee (ERC), which is composed of senior risk experts from various risk disciplines, focuses on enterprise-wide risk trends, events, and cross-risk portfolios. The ERC oversees the development of the bank’s holistic climate risk management framework. The Non-Financial Risk Committee (NFRC) which oversees, governs and coordinates the management of non-financial risks group-wide and establishes a cross-risk and holistic perspective of the bank’s key non-financial risks, including risks to own infrastructure, employees, and key processes including those arising from climate risks The Group Reputational Risk Committee (GRRC), which is responsible for the oversight, governance, and coordination of reputational risk management, including potential reputational risks arising from transactions linked to climate (and broader environmental and social) issues. Robust frameworks and systematic risk evaluation are integral to the bank’s risks management processes. Regarding environmental and social risks, the bank’s management process is summarized in the Environmental and Social Policy Framework. The Framework in turn is an integral part of the bank’s Reputational Risk Framework. The degree to which ESG targets are met is among the assessment criteria used to calculate the bank’s top executives’ performance-based compensation 5.2 Promoting a culture of responsible banking: Describe the initiatives and measures of your bank to foster a culture of responsible banking among its employees (e.g., capacity building, e-learning, sustainability trainings for client-facing roles, inclusion in remuneration structures and performance management and leadership communication, amongst others). Response Links and references Deutsche Bank expects its employees to conduct themselves ethically at all times, to adhere Non-Financial Report 2022: to company policies and procedures, and to comply with all applicable laws and regulations. Culture, integrity, and conduct The bank’s core values—integrity, sustainable performance, client centricity, innovation, Non-Financial Report 2022: discipline, and partnership—are articulated in the bank’s Code of Conduct. Its purpose is to Sustainable finance/Training guide employees’ interactions with each other as well as the bank’s dealings with its clients, and awareness competitors, shareholders, business partners, government and regulatory authorities, and society at large. The Code is also designed to foster an open, diverse, and inclusive environment in which the bank’s employees understand what the bank expects of them. It also serves as the foundation for company policies, provides guidance on legal and regulatory compliance, and helps the bank achieve its corporate purpose. Deutsche Bank actively encourages employees to report, without fear of retaliation, any potential 168