PRINCIPLES FOR RISK AND CAPITAL MANAGEMENT

Our risk and capital management approach builds on the following principles:

– The Management Board bears overall responsibility for monitoring risk and capital management within the Group. The Supervisory Board reviews our risk and capital profile at regular intervals.

– We manage credit, market, liquidity, operational, business and reputation risks and our capital in a coordinated process at all relevant levels of the bank. This also applies to complex products that we usually control within our trading engagement framework.

– The structure of our risk and capital management is closely aligned with the structure of the Group Divisions.

Risk and capital management is independent of the divisions.

ORGANIZATION OF RISK AND CAPITAL MANAGEMENT

The Chief Risk Officer, a member of our Executive Board, is responsible for risk management in relation to our credit, market, liquidity, operational and business risks as well as the Group’s capital management activities. In 2006, we merged Risk Management and Treasury & Capital Management (formerly Group Treasury) to form an integrated risk and capital management function. In addition, the Capital and Risk Committee was formed as a functional committee of Deutsche Bank for the further integration of our risk and capital management activities. The Chief Risk Officer is Chairman and the Chief Financial Officer is Deputy Chairman of this Committee. The tasks of the Capital and Risk Committee include the planning of the risk profile and the capital base, the ongoing monitoring of capital capacity and the optimization of refinancing. Furthermore, the Chief Risk Officer chairs the Risk Executive Committee, which is responsible for the Group-wide management and control of the aforementioned risks. The two Deputy Chief Risk Officers, who report directly to the Chief Risk Officer, ie the Chief Credit Officer and the manager responsible for Market Risk Management, Investment Risk Management and Treasury & Capital Management, are eligible to vote Members of the Risk Executive Committee.

The Risk Executive Committee has delegated some of its duties to sub-committees. The most significant of these is the Group Credit Policy Committee, which deals, among other things, with Group-wide credit principles, industry reports and country risk limit mandates.

There are dedicated risk and capital management units with the following tasks:

– the management of the business activities of the divisions in accordance with the risk appetite defined by the Capital and Risk Committee;

– the formulation and implementation of appropriate risk and capital management policies, procedures and methods for the various business activities of the Divisions;

– the approval of credit risk, market risk and liquidity risk limits;

The periodic review of portfolios to ensure that risks are within acceptable parameters, and

– the development and introduction of suitable risk and capital management systems for the respective Group Divisions.

The Group Reputational Risk Committee (GRRC) is an official subcommittee of both the Risk Executive Committee and the Group Compliance Committee and is chaired jointly by the chairs of these committees. The GRRC reviews and resolves all issues related to reputational risk whose escalation is deemed necessary by senior management and regional management or required by other group policies and procedures.

Support is given to the risk and capital management of Finance, the Audit department and the Legal department. These units are independent of the divisions and risk and capital management. Finance helps to quantify and verify the risks taken and is also responsible for the quality and correctness of the risk-related data. The audit verifies that our internal controls comply with internal and regulatory standards. The legal department advises and assists with a wide variety of tasks, such as collateral agreements or netting.

On January 31, 2007, the Supervisory Board announced that the Chief Risk Officer will assume the leadership of the Legal Department and Compliance following the departure of the current Chief Administrative Officer from the Board of Directors at the close of the Annual General Meeting on May 24, 2007.

TYPES OF RISKS

The most significant risks to which our business is exposed are banking risks, reputational risks and general business risks.

BANKING RISKS

Our risk management processes distinguish four types of banking risks: credit, market, liquidity and operational risk.

– CREDIT RISK arises in connection with transactions that result in actual, potential or future claims against a counterparty, borrower or debtor (hereafter referred to as “counterparty”). Credit risk is the biggest single risk for us. We distinguish three types of credit risks:

– DEFAULT RISK is the risk that our business partners will not meet contractual payment obligations.

– COUNTRY RISK is the risk of loss in any country for any of the following reasons: possible deterioration in economic conditions, political and social unrest, nationalization and expropriation, state non-recognition of foreign debt, foreign exchange controls and depreciation or devaluation of the national currency. The country risk includes the transfer risk. This arises when debtors, due to direct government intervention, are unable to transfer assets to non-residents for the fulfillment of their due obligations.

– TRANSACTION RISK is the risk that settlement or settlement of transactions will fail. A settlement risk arises whenever liquid assets, securities and / or other assets are not exchanged at the same time.

– MARKET RISK results from uncertainty about changes in market prices and prices (including interest rates, stock prices, foreign exchange rates and commodity prices), the correlations between them and their volatilities.

– LIQUIDITY RISK is the risk that we may not be able to meet our payment obligations when due.

OPERATIONAL RISK refers to the potential for employee-related losses, contractual arrangements and documentation, technology, failure or breakdown of infrastructure, projects, external influences, and customer relationships. This definition includes both legal and regulatory risks, but not general business risk and reputational risk.

REPUTATION RISK

For our risk management processes, we define reputation risk as the risk that public reporting of a transaction, business partner, or business practice involving a client may adversely affect public confidence in our organization.

GENERAL BUSINESS RISK

General business risk is the risk that arises as a result of changing framework conditions; These include, for example, the market environment, customer behavior and technical progress. If we do not adjust to changing conditions in good time, these risks may affect our earnings.

INSURANCE TECHNICAL RISK

We do not conduct any business that gives rise to underwriting risks of material importance to the Group.