PASHA BANK ANNUAL REPOT 2024

ASSESSMENTS OF THE AUDIT COMMITTEE ON THE ACTIVITIES OF INTERNAL SYSTEMS Compliance Department Compliance Department performs its activities with the objective of conducting and developing control and monitoring activities which are designed within the scope of a risk‑based approach. Activities performed in 2024 in accordance with Laws 5549, 6415, 7262 and related legislation are presented below: Through Combat Against Laundering of Crime Proceeds and Financing of Terrorism Unit; conducting monitoring and control activities within the framework of recommendations issued by prestigious institutions at international platforms in the areas of prevention of laundering and financing of terrorism with a risk-based approach in accordance with Laws 5549, 6415, 7262 and related legislation. Development of monitoring and control activities designed for the Bank’s areas of operations with a risk-based approach, Start of the activities to implement the project which is based on a risk-based scenario to provide for full compliance of the Bank’s activities with MASAK (Financial Crimes Investigation Board) regulations and all other related legislation, Conducting activities for internal regulations, codes and procedures to comply with MASAK, BRSA, domestic and international legislation, Providing an effective, efficient and strong internal control environment to conduct the operations of the Bank in accordance with recommendations developed by FATF and similar international authorities, Review of new products and services with a risk-based approach within the scope of MASAK and BRSA regulations and providing an opinion before implementation, Coordination of support service procurement process based on BRSA regulations. Within the scope of compliance with ethical principles; management of the internal communication system, Ethics Hotline, which was established within the scope of Ethical Principles of PASHA Yatırım Bankası A.Ş. and monitoring of measures taken to prevent conflicts of interest under ethical principles discipline. Customer complaint resolution process within the scope of protection of the interests of customers. Development and organization of training programs intended for the prevention of laundering of proceeds of crime and combatting the financing of terrorism and conducting activities for improving the compliance culture and awareness. Development and improvement of existing embargo and sanction list controls under the scope of financial security and monitoring and controlling activities under the scope of prevention of laundering of proceeds of crime and combatting the financing of terrorism. Application of controls via banned/ sanction lists at customer acceptance stage, before and after establishing SWIFT, account etc. relations with banks within the scope of prevention of laundering of proceeds of crime and combatting the financing of terrorism. Monitoring of suppliers within the scope of the prevention of laundering of proceeds of crime and combatting the financing of terrorism. Application of controls both within this scope and in terms of conflicts of interest under the ethical principles sub‑discipline before establishing relations. Preparing reports in accordance with the legislation within the scope of FATCA and CRS. Monitoring of Support Services processes and reporting to the Audit Committee and the Board of Directors, Ensuring coordination in the execution of processes with the independent external audit firm. Risk Management Department The Risk Management Department continued to monitor at regular intervals credit risk concentrations, quality of assets, the risk level in the financial asset portfolio, and the operational risks that were exposed to in accordance with the internal policies and rules and risk limits approved by the Board of Directors. The Risk Management Department carried out the following activities in 2024: The Bank’s Enterprise Risk Management Framework has been revised, taking into account the standards of PASHA Holding as well. Risk maps regarding the risks the Bank is exposed to, key risk indicators, risk reducing actions were monitored within the frame of Operational Risks. The areas in need of improvement regarding the Bank’s operational risks are identified and the necessary measures were taken together with the relevant teams within the Bank. 114 PASHA Bank 2024 Annual Report