PASHA_BANK ANNUAL REPORT 2021

General Information Financial Information and Risk Management Review Information on Management and Corporate Governance Principles Disclosures Concerning Administrative or Judicial Sanctions Imposed on the Bank and its Management due to Practices in Violation of Regulations There were no administrative or judicial sanctions imposed on the members of the Board of Directors due to regulatory violations in accordance with Banking Law and related legislation. In 2021, the obligations regarding the administrative and irregularity fines practiced by the regulatory and supervisory authorities for the legislative discords were met by means of benefiting from the discount permitted by the legislation and a total amount of TL 245,497.50 was paid. Lawsuits Against the Bank and any Probable Outcomes That Could Impact the Bank’s Financial Situation and Operations There are no lawsuits filed against the Bank in 2021 significant enough to have a material impact on its financial situation or operations. Information on regulatory changes that may have a material impact on the operations of the Bank 1. Regulation on Remote Identification Methods to be Used by Banks and Establishment of Contractual Relations in Electronic Environment was published in the Official Gazette dated 1 April 2021 and became effective on 1 May 2021 which regulate the procedures and principles of establishing contractual relations with customers through an IT system or an electronic communication device, replacing a written format whether remotely or not, or a remote contract relation. These rules relate to remote identification methods which can be used when acquiring new / potential customers and banking services to be provided upon customer identification. Changes that came with this regulation are to be applied when acquiring new customers, along with the requirements of Law No: 5549 on Prevention of Laundering Proceeds of Crime dated 1 October 2006, Law No: 6698 on Protection of Personal Data dated 24 March 2016 and related legislation. Additionally, technical infrastructure and security measures will be taken which are required by the Regulation on Banks’ Information Systems and Electronic Banking Services which was published on the Official Gazette No: 31069 dated 15 March 2020 and became effective with all its articles on 1 January 2021. Upon taking technical measures required by the related legislation, the Bank will be able to establish remote identification and contractual relations in electronic environment with potential customers. This regulation allows establishing customer relations with electronic methods from the start, rather than depending on an original signed contract. 2. Rules to be followed when providing payment services to the Bank’s customers as a Payment Service Provider were listed at the Regulation on Payment Services and Electronic Money Issuance, Payment Service Providers which was published at the Official Gazette dated 1 December 2021 and became effective on the same date. This regulation was issued based on Law No: 6493 Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions. There are significant regulations which require foreign institutions that we collaborate with in providing these services to apply to the Central Bank of Turkey which is the regulatory authority of our country in this respect. In addition to this special regulation, rules and requirements are established with this legislation for outside service providers of our Bank and/or payment institutions we collaborate with while providing payment services to our customers. Minimum principles in establishing customer relations are also regulated with this legislation. Information on Significant Developments Related with the Bank’s Operations and Legal Disclosures