Committees

Audit Committee, on behalf of the Board of Directors, is responsible for monitoring the effectiveness, efficiency and adequacy of the internal systems of the Bank, the functioning of these systems together with accounting and reporting systems in accordance with the Law with no.5411 and applicable regulations and the integrity and reliability of information generated by such systems, carrying out necessary preliminary evaluations required for the selection of the independent external audit companies and rating, valuation and support service companies by the Board of Directors, regularly monitoring the activities of the companies selected and contracted and ensuring that the internal audit activities of subsidiaries subject to consolidation are carried out on a consolidated basis and in coordination with internal audit activities of the Bank.

Members: Saleh Nofal (Chairperson), Noor Mohd J. A. Al-Naimi, Yeşim Güra, Najla Al-Mutawa

Meeting Frequency: Quarterly at minimum

The Risk Committee is responsible for determining the Bank’s risk management policies and strategies, reviewing all types of risks to which the Bank is exposed, monitoring the implementation of risk management strategies, and bringing significant risk issues to the attention of the Board of Directors.

Members: Mehmet Ömer Arif Aras (Chairperson), Fatma Abdulla S.S. Al-Suwaidi, Adel Ali M. A. Al-Malki, Ramzi Mari, Saleh Nofal

Meeting Frequency: Monthly

The Corporate Governance Committee was established to ensure that our Bank reaches the best practice standards regarding corporate governance, to monitor its compliance with the corporate governance principles set forth in the Banking Law and capital markets legislation, and to ensure that the composition, structure, working procedures, and principles of the Board of Directors comply with legal regulations. Within the scope of Article 4.5.1 of the Corporate Governance Communiqué, a separate Nomination Committee was not established, and the Corporate Governance Committee also fulfills the duties of this Committee.

Members: Ramzi T.A. Mari (Chairperson), Saleh Nofal, Najla Al-Mutawa, Burcu Günhar (Investor Relations Manager)

Meeting Frequency: Four times at minimum

The duty of the Credit Committee is to evaluate and approve loans and to ensure effective and efficient credit risk management in accordance with the current legal regulations within the framework of the authority granted to it by the Board of Directors in accordance with the Banking Law No. 5411.

Members: Fatma Abdulla S.S. Al-Suwaidi (Chairperson), Mehmet Ömer Arif Aras, Yousef Mahmoud H.N. Al-Neama, Temel Güzeloğlu, Osman Ömür Tan

Alternate Members: Ramzi T.A. Mari ve Noor Mohd J. A. Al- Naimi

Meeting Frequency: When deemed necessary

Established to define the remuneration and rewarding policies of all employees, including Board members and senior management, and to make recommendations to the Board of Directors to ensure that these policies are in line with the Bank’s ethical values, internal practices, and objectives.

Members: Yousef Mahmoud H.N. Al-Neama (Chairperson), Temel Güzeloğlu

Meeting Frequency: Three times in a year at least

The main purpose of the Asset-Liability Committee (ALCO) is to monitor and manage the Bank's balance sheet structure and structural asset-liability follow-up, as well as to ensure the monitoring, control and management of liquidity risk with the authorization given by the Board of Directors. The Committee evaluates the monthly reports submitted by Risk Management and identifies critical issues in terms of risk.

Members: Chairperson of the Board of Directors (Chairperson), General Manager, Executive Vice President of Financial Control, Planning and Investor Relations, Executive Vice President of Treasury

Meeting Frequency: Monthly

The Committee is established to approve and implement new regulations required under the IFRS 9 framework due to changes in the regulations of the Banking Regulation and Supervision Agency (BRSA) or needs arising from the Bank's business strategy. Among the Committee’s main duties are ensuring the accurate and consistent application of the IFRS 9 Impairment model and specified classification rules within the scope of certain credit calculations; reviewing and monitoring related figures; and ensuring the adequacy and effectiveness of credit risk management, provision allocation, financial reporting, internal controls, and management information systems under IFRS 9 implementation.

Members: General Manager (Chairperson), Executive Vice President of Financial Control, Planning and Investor Relations, Chief Risk Officer, Executive Vice President of Loan Monitoring and Follow-up, Financial Legal Reporting and Treasury Control Director, Loan Analytics and Retail Monitoring Director, Credit Risk Management Division Manager, Financial Reporting and Treasury Control Division Manager

Meeting Frequency: Once in every three months

The primary purpose of establishing the Retail Loans Management Risk Committee is to effectively manage the Bank's operations, monitor and direct risks, and review strategies and activity proposals for all individual loan products. Within this scope, the Committee's duties include but not limited to approving the acceptance criteria for retail credit products in accordance with the risk appetite determined by the Risk Committee; approving the processes and policies of retail credit units in line with the Bank's risk strategy approved by the Risk Committee, as well as defining the rules for new retail credit products; deciding on management-level actions for the credit portfolio and processes, and taking risk mitigation actions when deemed necessary, and identifying issues to be forwarded to the Risk Committee.

Members: General Manager (Chairperson), Executive Vice President of Consumer and Small Banking, Executive Vice President of Payment Systems, Executive Vice President of Loans Allocation, Executive Vice President of Loan Monitoring and NPL

Meeting Frequency: Monthly

Corporate Loans Management Risk Committee is established to be responsible for the effective management of the Bank's operations, risk monitoring and direction, and the review of strategy and activity proposals for all corporate loans (Corporate, Commercial, SME, Business, Agricultural). Within this scope, the Committee's duties include but not limited to approving and amending the approval criteria for corporate loan products in accordance with the risk appetite determined by the Board of Directors Risk Committee, reviewing modelling systems, probability of default calibrations, and monitoring results.

Members: General Manager (Chairperson), Executive Vice President of Loans Allocation, Executive Vice President of Loan Monitoring and NPL, Executive Vice President of Corporate Banking and Project Financing, Executive Vice President of Medium Enterprise and Commercial Banking, Executive Vice President of Consumer and Small Banking, Executive Vice President of Payment Systems

Meeting Frequency: Monthly

Information Sharing Committee is established to coordinate the sharing of confidential customer and internal information, considering the principle of proportionality, and to assess the suitability of incoming sharing requests, and to record these assessments. The Committee's main duties include but not limited to evaluating information sharing requests, ensuring that the processes for sharing information are adequately and effectively designed and managed in accordance with relevant legislation, ensuring that such information is shared in Compliance with the principle of proportionality, and establishing processes to prevent the unauthorized sharing of personal data.

Members: Executive Vice President of Legal Department (Chairperson), Internal Control and Compliance Officer, Executive Vice President of relevant asset owner business line, Executive Vice President of related business line

Meeting Frequency: Monthly

Disciplinary Committee is authorized to determine the disciplinary penalties to be applied to employees of QNB BANK A.Ş. who act in violation of instructions, general banking conduct and practices, internal regulations of the Bank, and laws, and to determine the circumstances under which these penalties shall be applied. The Committee is also responsible for carrying out the procedures outlined under relevant procedures when such situations occur

Members: Executive Vice President of Legal Department (Chairperson), Chief Audit Officer, Deputy Head of Internal Audit Department, Internal Control and Compliance Officer, Chief Risk Officer, Executive Vice President of Human Resources, Executive Vice President of IT, Operations, Channels and Business Development, Executive Vice President of Financial Control, Planning and Investor Relations, Executive Vice President of Consumer and Small Banking, Executive Vice President of Medium Enterprise and Commercial Banking

Meeting Frequency: When deemed necessary

Sustainability Committee is responsible for ensuring that the Bank's overall sustainability efforts are managed adequately, effectively, and strategically, for monitoring the Bank’s sustainability performance, and for providing direction and support to ensure sustainability projects progress as planned. Its main duties include but not limited to determining the Bank's sustainability vision, mission, and strategy in alignment with the QNB Group sustainability strategy and framework; establishing Sustainability Sub-Groups responsible for conducting studies and developing projects in the areas determined in line with the Bank’s sustainability strategy and emerging needs; and evaluating the results of sustainability-related projects carried out by the Sub- Groups, making recommendations, and supporting the implementation processes.

Members: General Manager (Co-Chair, Treasury Sales and International Banking Director (Co-Chair), Chief Risk Officer, Executive Vice President of Financial Control, Planning and Investor Relations, Internal Control and Compliance Officer, Executive Vice President of Legal Department, Executive Vice President of Corporate Banking and Project Financing, Executive Vice President of Medium Enterprise and Commercial Banking, Executive Vice President of Consumer and Small Banking, Executive Vice President of Payment Systems, Executive Vice President of Loans Allocation, Executive Vice President of Human Resources, Executive Vice President of IT, Operations, Channels and Business Development, Corporate Digital Banking and Digital Transformation, Public Relations and Customer Experience Office Director, Purchasing Director, Investor Relations Manager

Meeting Frequency: Twice in year

Information Security and Cybersecurity Committee is mainly responsible for determining the Bank’s information security strategy, setting and monitoring the risk appetite in information security matters, monitoring information security risks and the measures taken in this regard, evaluating legal requirements and compliance, and regularly reviewing information security policies and standards to ensure their effectiveness in line with the Bank’s needs.

Members: General Manager (Chairperson), Executive Vice President of IT, Operations, Channels and Business Development, Executive Vice President of Consumer and Small, Executive Vice President of Payment Systems, Chief Audit Officer, İç Kontrol ve Yasal Uyum Başkanlığı, Chief Risk Officer, Executive Vice President of Human Resources, Executive Vice President of Legal Department, Chief Information Security Officer

Meeting Frequency: Quarterly

Information Systems Strategy and Steering Committee is established to operate the activities related to the management processes of information systems projects determined in line with the Bank's strategies, within the scope of the “Regulations Regarding Banks' Information Systems and Electronic Banking Services” arranged in accordance with Article 93 of Law No. 5411 on Banking, and to fulfil responsibilities regarding the Bank’s strategic management process in this context. Within this scope, the Committee’s duties include but not limited to evaluating significant investment decisions regarding information systems, evaluating and prioritizing project proposals, ensuring compliance with legislation, and monitoring project progress.

Members: General Manager,    Information Systems Operations, Channels and Business Development Executive Vice President, Human Resources Executive Vice President, Chief Internal Control and Compliance Officer, Legal Department Executive Vice President, Information Systems Representative(s), Representative(s) from Relevant Units

Meeting Frequency: Twice in a year at minimum

Information Systems Continuity Committee is responsible for ensuring the continuity of Information Systems Services in place to carry out banking operations. Within this scope, it is responsible for making relevant announcements on crisis considering all factors related to incidents, deciding to activate the Information Systems Continuity Plan, coordinating with other recovery, continuity, and intervention teams, approving the Information Systems Continuity Plan, and making investment decisions in accordance with the continuity plan.

Members: Information Systems Continuity Management Officer, Operational Risk and Business Continuity Division Manager, Executive Vice President of Information Technologies, Operations, Channels and Business Development, HR Recruitment, Organization, Performance, and Talent Management Director, Purchasing Director, Information Security and Management Consulting Designer/Department Manager, Deputy Head of Internal Control and Compliance (Internal Control), Operational Risk and Business Continuity Division, Legal Division Head of Retail Banking and Payment Systems, Legal Division Head of Retail Banking and Payment Systems, Chief Information Security Officer, IT Infrastructure Director, IT Operations Division Manager, IT Software and Applications Director

Meeting Frequency: Twice in a year at minimum

Support and External Services Committee is established to manage all support and outsourcing matters that the Bank intends to acquire and which are deemed by the Compliance subject to the Regulations Procurement of Support Services by Banks and the Regulations on Banks' Information Systems and Electronic Banking Services by the Banking Regulation and Supervision Agency (BRSA). The Committee’s main duties include but not limited to evaluating support and outsourcing requests within the scope of prepared reports, providing recommendations for necessary developments and improvements, requesting additional information and documentation from the requesting units or units providing opinions in the report within their expertise when necessary, and reporting to the Audit Committee.

Members: Chief Risk Officer (Chairperson), Operational Risk Management Division Manager, Internal Control and Compliance Officer, Deputy Head of Internal Control and Compliance (Compliance), Executive Vice President of IT Operations Channels and Business Development, Chief Information Officer, Relevant Information Technologies Director, Executive Vice President of Legal Department, Relevant Legal Department Counselor, Executive Vice President, Purchasing Director

Meeting Frequency: When deemed necessary

Reputational Risk Committee is established to manage reputational risk within the scope of BRSA regulations, to identify, assess, and monitor the reputational risks to which the Bank is exposed, and to ensure that the necessary actions are taken to prevent these risks. Within this scope, the Committee’s duties and responsibilities include but not limited to establishing and developing policies, methodologies, processes, and procedures within the framework of the Reputational Risk Management Framework; determining the metrics to be followed for the management of reputational risk, establishing the processes for collecting these metrics, and monitoring the metric results

Members: Chief Risk Officer (Chairperson), Human Resources Executive Vice President, Legal Department Executive Vice President, Internal Control and Compliance Officer, Human Resources Recruitment, Organization, Performance and Talent Management Director, Communications and Customer Experience Director, Deputy Head of Internal Control and Compliance (Compliance), Customer Experience Office Division Manager, Customer Solutions Center Division Manager, Investor Relations Manager, Personal Data Protection and Management Division Manager, Operational Risk and Business Continuity Division Manager

Meeting Frequency: Quarterly

The Operational Risk Management Committee is established to review/assess and monitor the operational risks to which the QNB Türkiye Group is exposed, and to provide recommendations to business units to prevent or transfer these risks. Within this scope, the Committee’s duties include but not limited to establishing and developing the Operational Risk Management Framework and related policies, methodologies, systems, processes, and procedures, and monitoring and reviewing all operational risks and material losses across the Bank, focusing on material operational risk issues that may affect business strategies.

Members: Chief Risk Officer (Chairperson), IT, Operations, Channels and Business Development Executive Vice President, Internal Control and Compliance Officer, Corporate Banking and Project Financing Executive Vice President, Medium Enterprise and Commercial Banking Executive Vice President, IT Security Director, Mass Banking Director, Operational Risk and Business Continuity Division Manager, Loans Policy and Projects Management Division Manager

Meeting Frequency: Quarterly

AML-CFT Committee is responsible for evaluating and deciding on whether or not to establish business relationships with customers, or to terminate existing relationships, in cases of hesitation or a high-risk profile. It also evaluates and decides in cases where there is a strong belief that actions have been taken in violation of national and international sanctions regulations and that continuing transactions or existing business relationships poses a high risk. Furthermore, it ensures prioritization of projects needed to comply with regulations aiming to prevent money laundering, terrorism, and the proliferation of weapons of mass destruction.

Members: Internal Control and Compliance Officer (Chairperson), Executive Vice President of Consumer and Small Banking, Executive Vice President of Medium Enterprise and Commercial Banking, Cash Management and Foreign Trade, Executive Vice President of Corporate Banking and Project Financing, Executive Vice President of Treasury, Executive Vice President of Legal Department, Information Technologies Operation Channels and Business Development, Executive Vice President of Payment Systems, Executive Vice President of Information Security, Governance and Operation

Meeting Frequency: When deemed necessary

Central Purchasing Committee is established for ensuring the more enhanced control over the management of expenditures and purchasing policies. Within this scope, the Committee’s main duties include but not limited to determining the operating principles of the Central Purchasing Committee in line with the Bank's strategic goals and needs; creating and reviewing purchasing policies in line with the Bank’s objectives; and ensuring compliance with expenditure approval instructions and purchasing policies.

Members: Board Member (Temel Güzeloğlu - Chairperson), General Manager, IT, Operations, Channels and Business Development Executive Vice President, Financial Control Planning and Investor Relations Executive Vice President

Meeting Frequency: When deemed necessary

The purpose of the Competition Committee is to avoid any action that may pose a risk in terms of Competition Law, to ensure that all processes and practices, commercial activities, and relationships with competitors, customers, and suppliers are in compliance with Competition Law, and to raise awareness and promote compliance with Competition Law among all Bank managers and employees. Within this scope, the Committee's responsibilities include but not limited to implementing and monitoring the Competition Compliance Program, and establishing and monitoring the necessary processes to prevent, detect, and manage compliance violations; and evaluating and approving the annual action plan submitted by the Competition Officer.

Members: General Manager (Chairperson), Executive Vice President of Legal Department, Executive Vice President of Medium Enterprises and Commercial Banking, Executive Vice President of Consumer and Corporate Banking, Executive Vice President of Corporate Banking and Project Finance, − Executive Vice President of Human Resources, Executive Vice President of Treasury, Executive Vice President of Payment Systems, Managing Director of Digital Bridge and Service Banking, Competition Officer

Meeting Frequency: Three times in a year