Bank Millennium S.A.

Audit Report / Information • Feb 15, 2023

This is a translation of the Independent Auditor’s Report originally issued in Polish INDEPENDENT AUDITOR’S REPORT To the General Meeting and the Supervisory Board of Bank Millennium S.A. Report on the Audit of the Annual Consolidated Financial Statements Opinion We have audited the annual consolidated financial statements of the group (the “Group”) with Bank Millennium S.A. as the parent (the “Parent”, “Bank”), which comprise the consolidated statement of financial position as at December 31, 2022, and the consolidated income statement, consolidated statement of total comprehensive income, consolidated statement of changes in equity and consolidated cash flow statement for the year then ended, and notes to the consolidated financial statements, including a summary of significant accounting policies and other explanatory information (the “consolidated financial statements”). In our opinion, the accompanying consolidated financial statements: − give a true and fair view of the economic and financial position of the Group as at December 31, 2022, and of its financial performance and its cash flows for the year then ended in accordance with the applicable International Financial Reporting Standards, as endorsed by the European Union, and the adopted accounting policies; − comply, as regards their form and content, with the applicable laws and the articles of association of the Parent. Our opinion is consistent with the Additional Report to the Audit Committee which we issued on date of this report. Basis for Opinion We conducted our audit in accordance with the Polish Standards on Auditing (“PSAs”) in the wording of the International Standards on Auditing adopted by the National Council of Statutory Auditors and in compliance with the Act on Statutory Auditors, Audit Firms and Public Oversight of 11 May 2017 (the “Act on Statutory Auditors”, Journal of Laws of 2022, item 1302, as amended) as well as Regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities (“EU Regulation”, Official Journal of the European Union L158, as amended). Our responsibilities under those standards are further described in the Auditor’s Responsibilities for the Audit of the Consolidated Financial Statements section of our report. We are independent of the Group in accordance with the principles of professional ethics specified in the International Code of Ethics for Professional Accountants (including International Independence Standards) (“Code of ethics”) developed and issued by the International Ethics Standards Board for Accountants and adopted by the National Council of Statutory Auditors, together with the ethical requirements that are relevant to the audit of the financial statements in Poland, and we have fulfilled our other ethical responsibilities in accordance with these requirements and the Code of ethics. Throughout the audit, both the key statutory auditor and the audit firm remained independent of the Group in accordance with the independence requirements set out in the Act on Statutory Auditors and in the EU Regulation. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion. 2 Emphasis of Matter Please note the disclosure in section 13.2 of the consolidated financial statements, in which the Management Board of the Bank provided relevant information on the pending decision of the Civil Chamber of the Supreme Court and the Court of Justice of the European Union, which may have an impact on the current status of disputes concerning mortgage loans indexed to Swiss franc (CHF) and the alternative settlement solution currently being applied to the above-mentioned loans. Our opinion is not qualified in respect of this matter. Key Audit Matters Key audit matters are those matters that, in our professional judgment, were of most significance in our audit of the consolidated financial statements of the current period. They encompass the most significant assessed risks of material misstatement, including assessed risks of material misstatement due to fraud. These matters were addressed in the context of our audit of the consolidated financial statements as a whole, and in forming our opinion thereon. We summarized our response to those risks and, where appropriate, we presented the key findings related to those risks. We do not provide a separate opinion on these matters. Key audit matter How we addressed the matter Provisions for litigations concerning the portfolio of mortgage loans indexed to Swiss franc (CHF) The Parent has granted foreign currency mortgage loans indexed to CHF ("CHF loans"). As it is presented in the Note 14.22j of the consolidated financial statement Loans and advances to customers the gross value of CHF loans deducted by the change of expected cash flows resulting from legal risk, amounted to approx. 7 billion as of 31 December 2022. As it is described in the Note 13.1 of the consolidated financial statements Court claims and current provisions on legal risk, the Parent is a defendant in numerous legal cases which include claims regarding the partial invalidity of the credit agreements, i.e. in terms of indexation provisions or a ruling that the agreements are fully invalid. Management's judgments regarding the recognition and measurement of provisions for legal cases are inherently burdened with risk and may change in the future due to the fact that the estimated results of the current cases depend on future resolutions. It should be noted that the judgement of the European Union Court of Justice from 3 October 2019 regarding CHF loans increases the uncertainty of estimates of the essential provisions. In addition, further expected decisions of the European Union Court of Justice (regarding the legitimacy of including by banks the remuneration for cost of capital) may affect amount of necessary provisions. Our procedures included, among the others: − understanding of the process and controls of the Parent towards creation of individual provisions on CHF loans legal cases and review of the mentioned process and controls with regard to the model applied for the estimation of the provision for CHF loans portfolio; − verification of the methodology of estimating provisions with regard to the legal proceedings and proposed settlements related to loans indexed to CHF and the analysis of the rationality and validity of the adopted assumptions as well as the correctness of the input data and the calculation of the provisions estimates, including especially: - the probability of assumed scenarios and the occurrence of the particular types of verdicts for pending and future legal cases; - the estimated amount of losses in the event of the each type of verdict and the proposed settlements; - the estimated inflow of new individual claims and estimated number of settlements and their distribution over the time; − verification of the list of claims in which the Parent is a defendant and verification of the opinions of the external lawyers including verification of independent confirmations from external law firms; − assessment of the adequacy and the completeness of provisions for the legal cases identified by the Parent with regard to the existing legal documentation, and analysis of the provision sensitivity to the changes in the most important assumptions; − we performed review of the current and expected jurisdiction in case of CHF loans claims; 3 Key audit matter How we addressed the matter Due to the materiality of the CHF loan portfolio, as well as the significant role and complexity of the Management Board's judgments and estimates regarding provisions for the current and potential claims and the proposed settlements, the recognition and the valuation of the mentioned provision was considered as the key audit matter. − analysis of the significant data after the balance sheet date in relation to the assumptions adopted by the Parent as at the balance sheet date; − analysis of the accuracy and completeness of disclosures in the consolidated financial statements in this respect. Impairment of loans and borrowings granted to customers Detailed information on the methods and models applied by the Group and the level of impairment losses on loans and advances to customers is presented in point 7.3 Adopted accounting principles, point 8.3 Credit risk and Note 14.22 Loans and advances to customers in the consolidated financial statements. This matter was considered by Deloitte to be the key audit matter due to the significant impact of impairment allowances on valuation of credit receivables as well as due to the fact that they require a significant judgement of the Parent's Management Board and adoption of significant assumptions in the process of their estimation, including the adopted macroeconomic estimates, especially with regard to the estimation of credit risk parameters in models of expected credit losses calculation in accordance with the requirements of the International Financial Reporting Standard 9 "Financial Instruments" (IFRS 9). We have critically analyzed the design and implementation of the process and policy of calculation of the impairment allowances on credit exposures and we have assessed the control system in this process, including automated controls in the Group's IT systems, considering also possible omission of controls. Our audit procedures included reconciliation of the loan database with the general ledger of the Group to confirm the completeness of the recognition of credit receivables that are the basis for impairment losses calculation, as well as the value of these impairment allowances on loans. With regard to the verification of the correct application of the requirements of IFRS 9, our procedures included, among the others: − evaluation of the methodology applied by the Group with respect to the classification and valuation of financial assets in terms of their compliance with the requirements of IFRS 9 and with the market practice; − evaluation of the Group's impairment methodology from the perspective of compliance with the requirements of IFRS 9, in particular as regards the application of SICR criteria, which means a significant increase in credit risk from the moment of granting a loan, for a selected sample of loan exposures, definition of default, adopted PD and LGD parameters and taking into account prospective information in the calculation of expected credit losses; − assessment of the completeness and correctness of the disclosures, especially as regards the credit risk of financial assets. For the collectively assessed loans, we have performed, among the others, the following procedures: − analysis of the applied methodology of estimating allowances for expected credit losses, including adequacy of risk parameters used by the Group; − independent recalculation of the expected loss allowances for randomly selected exposures and chosen parameters in the portfolio approach; − evaluation of changes in the assumptions made for 4 Key audit matter How we addressed the matter the construction of models used for the measurement of credit risk and the applied approach to the verification of models based on historical data (so-called "back- tests"). With regard to the impairment estimated on the basis of the individual method we have performed the following procedures: − analysis of the correctness of the process of identifying the triggers for impairment; − assessment of the correctness of the estimation of write- offs for the selected sample of the credit exposures with identified evidence of the impairment in terms of the correctness of the assumed values of collaterals and assumptions concerning other cash flows. Revenue recognition of interest income and fee and commission income Interest income and fee and commission income are presented in detail in Note 14.1 Interest income and other of similar nature and Note 14.3 Fee and commission income and expenses in the consolidated financial statements. We assess this as key audit matter due to the share of interest and commission income in the Group's total income and the fact that they are the key elements of the Group's profitability assessment. Our procedures included, among the others: − analysis of the internal control environment in terms of the recognition and presentation of the interest income and the fee and commission income; − review of the accounting policy of the Group with regard to the revenue recognition and assessment of the rules for determining the effective interest rate on interest income on loans, including automatic controls in the IT systems of the Group; − analysis of trends in interest and commission income recognition, including explanation of unusual events and one-off transactions; − detailed verification of revenues recognized as one-off; − evaluation of the existence and valuation of revenues based on a sample of transactions. Assessment of the going concern assumption In accordance with International Standard on Auditing 570, the auditor shall evaluate management’s assessment of the entity’s ability to continue as a going concern. As it is described in point 7.1 Statement of compliance with International Financial Reporting Standards of the consolidated financial statements, the financial statements were prepared with going concern assumption which assumes continuation of the Parent’s operations for at least 12 months from the date of financial statements. Due to the introduction of so-called credit holidays for 2022 and 2023 years the Group has incurred a financial loss. The recognition International Standard on Auditing 570 requires a number of audit procedures that we performed in response to the Parent's implementation of the Recovery Plan and the Capital Protection Plan: − review of the Parent's Recovery Plan and Capital Protection Plan; − discussion with the Parent’s Management Board regarding plans and actions to be taken to secure the continuation of the Parents's and Group’s operations and realization of the Parent's Recovery Plan and Capital Protection Plan; − assessment of the feasibility of realization of the above- mentioned plans by the Parent; − discussion with management and analysis of potential impact of the future materialization of uncertainties including risks related to possible extension of so-called 5 Key audit matter How we addressed the matter of the costs of so-called credit holidays resulted in a temporary deterioration of capital ratios which caused a necessity of launching of the Recovery Plan (which together with the Capital Protection Plan is currently being realized by the Parent). After execution of plans approved by the Polish Financial Supervision Authority the capital ratios as at 31 December 2022 are above the minimal requirements. However, as presented in point 8.2 Capital management of the consolidated financial statements the Parent is required to comply with additional capital requirements. Lack of meeting capital requirements by the Parent may trigger regulatory actions and impact continuance of the Parent’s and Group’s operations. credit holidays and an unfavorable development of jurisdiction line in relation FX mortgage loans; − review of the capital adequacy ratios together with a sensitivity analysis in the event of negative scenarios; − review of the Parent’s liquidity position; − review of relevant minutes and correspondence with regulator in this regard; − analysis of the disclosure in the consolidated financial statements regarding the adoption of the going concern principle. Responsibilities of the Management Board and the Supervisory Board of the Parent for the Consolidated Financial Statements The Parent’s Management Board is responsible for the preparation of consolidated financial statements which give a true and fair view of the economic and financial position of the Group and of its financial performance in accordance with the applicable International Financial Reporting Standards, as endorsed by the European Union, the adopted accounting policies as well as the applicable laws and articles of association of the Parent, and for such internal control as the Parent’s Management Board determines is necessary to enable the preparation of consolidated financial statements that are free from material misstatement, whether due to fraud or error. In preparing the consolidated financial statements, the Parent’s Management Board is responsible for assessing the Group’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the Parent’s Management Board either intends to liquidate the Group or to cease operations, or has no realistic alternative but to do so. The Management Board and members of the Supervisory Board of the Parent are obliged to ensure that the consolidated financial statements meet the requirements of the Accounting Act of 29 September 1994 (the “Accounting Act”, Journal of Laws of 2023, item 120). Members of the Parent’s Supervisory Board are responsible for overseeing the financial reporting process. Auditor’s Responsibilities for the Audit of the Consolidated Financial Statements Our objectives are to obtain reasonable assurance about whether the consolidated financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with PSAs will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these consolidated financial statements. The scope of an audit does not include an assurance about the future profitability of the Group or the effectiveness or efficiency of the Parent’s Management Board in managing the Group’s affairs at present or in the future. 6 As part of an audit in accordance with PSAs, we exercise professional judgment and maintain professional skepticism throughout the audit. We also: − identify and assess the risks of material misstatement of the consolidated financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control; − obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the Group’s internal control; − evaluate the appropriateness of accounting policies used and the reasonableness of accounting estimates and related disclosures made by the Parent’s Management Board; − conclude on the appropriateness of the Parent’s Management Board’s use of the going concern basis of accounting and, based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the Group’s ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in our auditor’s report to the related disclosures in the consolidated financial statements or, if such disclosures are inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up to the date of our auditor’s report. However, future events or conditions may cause the Group to cease to continue as a going concern; − evaluate the overall presentation, structure and content of the consolidated financial statements, including the disclosures, and whether the consolidated financial statements represent the underlying transactions and events in a manner that achieves fair presentation; − obtain sufficient appropriate audit evidence regarding the financial information of the entities or business activities within the Group to express an opinion on the consolidated financial statements. We are responsible for the direction, supervision and performance of the Group audit. We remain solely responsible for our audit opinion. We communicate with the Parent’s Supervisory Board regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit. We also provide the Parent’s Supervisory Board with a statement that we have complied with relevant ethical requirements regarding independence, and that we will communicate with it all relationships and other matters that may reasonably be thought to bear on our independence, and where applicable, related safeguards. From the matters communicated with the Parent’s Supervisory Board, we determined those matters that were of most significance in the audit of the consolidated financial statements of the current period and are therefore the key audit matters. We describe these matters in our auditor’s report unless law or regulation precludes public disclosure about the matter or when, in extremely rare circumstances, we determine that a matter should not be communicated in our report because the adverse consequences of doing so would reasonably be expected to outweigh the public interest benefits of such communication. Other Information, Including the Report on the Activities Other information includes a report on the Group’s activities in the financial year ended December 31, 2022 (the “Report on the Activities”), together with a statement of compliance with corporate governance principles and a non-financial information statement, as referred to in Article 49b.1 of the Accounting Act, which constitute separate parts of the Report (together: the “Other Information”). The Report on the activities of the Bank Millennium Group and the Bank for 2022, in accordance with Article 55(2a) of the Accounting Act, has been prepared jointly. 7 Responsibilities of the Management Board and the Supervisory Board The Parent’s Management Board is responsible for the preparation of the Other Information in accordance with the applicable laws. The Management Board and members of the Supervisory Board of the Parent are obliged to ensure that the Report on the Activities, along with the separate parts, meet the requirements of the Accounting Act. Auditor’s Responsibilities Our opinion on the consolidated financial statements does not cover the Other Information. In connection with our audit of the consolidated financial statements, our responsibility is to read the Other Information and, in doing so, consider whether the Other Information is materially inconsistent with the consolidated financial statements or our knowledge obtained in the audit or otherwise appears to be materially misstated. If, based on the work we have performed, we conclude that there is a material misstatement of this Other Information, we are required to report that fact in our auditor’s report. Additionally, under the Act on Statutory Auditors we are obliged to express an opinion on whether the Report on the Activities has been prepared in accordance with the applicable laws and whether it is consistent with the information contained in the consolidated financial statements. Furthermore, we are obliged to state whether a non-financial information statement has been prepared by the Group and to express an opinion on whether the Group has included the necessary information in the statement of compliance with corporate governance principles. Opinion on the Report on the Activities Based on our work performed during the audit, we are of the opinion that the Report on the Activities: − has been prepared in accordance with Article 49 of the Accounting Act and par. 71 of the Regulation of the Minister of Finance of 29 March 2018 on current and periodic information published by issuers of securities and the rules of equal treatment of the information required by the laws of non-member states (the “Current Information Regulation”, Journal of Laws of 2018, item 757, as amended); − is consistent with the information contained in the consolidated financial statements. Furthermore, in the light of the knowledge and understanding of the Group and its environment obtained in the course of the audit, we have not identified any material misstatements of the Report on the Activities. Opinion on the Statement of Compliance with Corporate Governance Principles In our opinion, the statement of compliance with corporate governance principles contains the information referred to in par. 70.6.5 of the Current Information Regulation. We are also of the opinion that the information referred to in par. 70.6.5(c)-(f), (h) and (i) of the Regulation, as contained in the statement of compliance with corporate governance principles, is in accordance with the applicable laws and consistent with the information included in the consolidated financial statements. Information on Non-Financial Information In accordance with the requirements of the Act on Statutory Auditors, we would like to inform you that the Group prepared a separate report on non-financial information and included this information in the Report on the Activities, and also attached this report to the annual consolidated financial statements of the Group. By the date of this audit report, the Group had published report on non-financial information on its website. We have not performed any assurance services relating to the separate non-financial information statement and we do not express any form of assurance conclusion thereon. 8 Report on Other Legal and Regulatory Requirements Opinion of an independent auditor on the performance of an attestation service for verifying the conformity of consolidated financial statements drawn up in a single electronic reporting format with the requirements of the Technical Standards Regulation concerning the specifications of the single electronic reporting format Subject matter of the service In connection with the audit of the consolidated financial statements, we conducted an attestation service providing reasonable assurance as to the assessment, whether the Group's consolidated accounts for the year ended 31 December 2022 prepared in a single electronic reporting format contained in a file named groupamillennium-2022-12-31-pl.zip ('consolidated financial statements in ESEF format') have been drawn up in accordance with the requirements set out in Commission Delegated Regulation (EU) 2019/815 of 17 December 2018 supplementing Directive 2004/109/EC of the European Parliament and of the Council with regard to regulatory technical standards for the specification of the single electronic reporting format ("ESEF Regulation"). Identification of criteria The consolidated financial statements in ESEF format have been prepared by the parent company's management to comply with the labeling and technical requirements for the specifications of the uniform electronic reporting format that are set out in the ESEF Regulation. The object of our assurance service is the compliance of the labeling of the consolidated financial statements in ESEF format with the requirements of the ESEF Regulation, and the requirements set forth in those regulations are, in our opinion, appropriate criteria for forming our opinion. Responsibility of the Management Board and the Supervisory Board of the Parent The Management Board is responsible for the preparation of the consolidated financial statements in ESEF format in accordance with the labeling requirements and technical requirements for the Uniform Electronic Reporting Format specifications set forth in the ESEF Regulation. This responsibility includes the selection and application of appropriate XBRL tags, using the taxonomy specified in the ESEF Regulation. The responsibility of the Management Board shall also include the design, implementation and maintenance of an internal control system ensuring that consolidated financial statements are drawn up in an ESEF format free from material non-compliance with the requirements of the ESEF Regulation. The members of the Parent Company's Supervisory Board are responsible for overseeing the financial reporting process, which includes the preparation of consolidated financial statements in accordance with the format prescribed by applicable laws. Auditor's responsibilities Our objective was to express an opinion, on the basis of the assurance service performed, that provides reasonable assurance whether the consolidated financial statements of the Group for the year ended 31 December 2022 have been labelled in accordance with the requirements of the ESEF Regulation. We conducted this service in accordance with the National Standard on Assurance Engagements Other than Audit and Review 3001PL - "Audit of Financial Statements Prepared in Uniform Electronic Reporting Format" adopted by the National Council of Statutory Auditors (hereinafter: "KSUA 3001PL") and, where applicable, in accordance with the National Standard on Assurance Engagements Other than Audit and Review 3000 (Z) as set forth in International Standard on Assurance Engagements 3000 (Revised) - "Assurance Engagements Other than Audits or Reviews of Historical Financial Information" (hereinafter: "KSUA 3000 (Z)"). This standard requires the auditor to plan and perform procedures to obtain reasonable assurance that the consolidated financial statements in ESEF format have been prepared in accordance with specified criteria. 9 Reasonable assurance is a high level of assurance but does not guarantee that a service performed in accordance with KSUA 3001PL and, where applicable, in accordance with KSUA 3000 (Z), will always detect an existing material misstatement. The selection of procedures depends on the auditor's judgment, including his or her assessment of the risks of material misstatement due to fraud or error. In making those risk assessments, the auditor considers internal control relevant to the preparation of the consolidated financial statements in ESEF format to design appropriate procedures to provide the auditor with sufficient and appropriate evidence in the circumstances. An assessment of the operation of the internal control system has not been made for the purpose of expressing an opinion on its effectiveness. Quality control requirements We apply the National Quality Control Standards adopted by the National Board of Auditors in the version of the International Standard on Quality Control 1 – "Quality Control of companies conducting audits and reviews of financial statements and other attestation and related services" and in accordance with it we maintain a comprehensive quality control system including documented policies and procedures regarding compliance with ethical requirements, professional standards and applicable legal and regulatory requirements. Ethical requirements and independence In performing our services, both as an audit firm and as a statutory auditor, we comply with the independence and other ethical requirements set out in the Code of Ethics. The Code of Ethics is based on the fundamental principles of integrity, objectivity, professional competence and due care, confidentiality and professional conduct. We have also complied with other independence and ethical requirements that are applicable to this assurance service in Poland. Summary of the work performed The procedures we planned and carried out included, among others: − understanding of the process for preparing consolidated financial statements in ESEF format, including the Company's process for selecting and applying XBRL tags and ensuring compliance with the ESEF Regulation, including an understanding of the internal control system mechanisms related to this process; − reconciliation of the labeled (on a selected sample) information contained in the consolidated financial statements in ESEF format to the audited consolidated financial statements; − using a specialized IT tool to assess compliance with the technical standards for the Single Electronic Reporting Format specification, to assess the completeness of tagging the information in the consolidated financial statements in ESEF format with XBRL tags; − assessing whether the applied XBRL tags from the taxonomy defined in the ESEF Regulation have been applied appropriately and whether taxonomy extensions have been used in situations where relevant elements have not been identified in the basic taxonomy defined in the ESEF Regulation; − an assessment of the correct anchoring of the applied taxonomy extensions to the core taxonomy defined in the ESEF Regulation. We believe that the evidence we have obtained provides a sufficient and appropriate basis for our opinion on the label's compliance with the requirements of the ESEF Regulation. Opinion on compliance with the requirements of the ESEF Regulation The basis for the formulation of the auditor's opinion is the matters described above, and the opinion should therefore be read with these matters in mind. In our opinion, the accompanying consolidated financial statements in ESEF format have been labelled, in all material respects, in accordance with the requirements of the ESEF Regulation 10 Information on compliance with prudential regulations The Management Board of the Parent Company is responsible for ensuring compliance of the Group's activities with the prudential regulations resulting from the provisions of Banking Law, resolutions of the Management Board of the National Bank of Poland and resolutions of the Financial Supervision Commission. Our task was, on the basis of the conducted study, to provide information on whether the Group complied with its prudential regulations. Our aim was not to express an opinion on the Group's compliance with these regulations. Based on the work conducted during the audit we would like to inform you that we did not identify any breach other than described in point 8.2 of the consolidated financial statements of the prudent principles and we did not identify discrepancies that might have significant influence on the financial statement of the Bank, especially in the area of correctness of calculation of capital ratio. Statement Concerning Provision of Non-Audit Services To the best of our knowledge and belief, we represent that non-audit services which we have provided to the Parent and to its subsidiaries are not prohibited under Article 5.1 of the EU Regulation and Article 136 of the Act on Statutory Auditors. The non-audit services which we provided to the Parent and to its subsidiaries in the audited period have been listed in point 13.5 in the Report on the Activities. Appointment of the Auditor We were appointed as the auditor of the Group’s consolidated financial statements by resolution 10/2021 the Parent’s Supervisory Board of the Bank of 22 February 2021. Our total uninterrupted period of engagement to audit the Group’s consolidated financial statements is four consecutive financial years, i.e. starting from the financial year ended 31 December 2019. The key statutory auditor on the audit resulting in this independent auditor’s report is Dorota Snarska-Kuman. Acting on behalf of Deloitte Audyt Spółka z ograniczoną odpowiedzialnością Sp. k. with its registered seat in Warsaw, entered under number 73 on the list of audit firms, in the name of which the consolidated financial statements have been audited by the key statutory auditor: Dorota Snarska-Kuman Registered under number 9667 Warsaw, 15 February 2023