Early Detection and Management of Risk Committee Operating Principles

1. PURPOSE

In accordance with the Turkish Commercial Code and the Capital Market Board's Corporate Governance Principles Communiqué, it has been decided to establish a Risk Management Committee.

Previously, the functions related to risk management, which were carried out by the Corporate Governance Committee, will be carried out by a separate committee as per the decision taken at the Board of Directors meeting dated March 8, 2013.

The purpose of the Early Detection and Management of Risk Committee, which will operate under the Board of Directors, is to monitor the risks that the Company may be exposed to and to develop the necessary policies for the execution of risk management processes.

2. GROUNDS

This document has been created within the framework of the regulations, provisions and principles contained in the Turkish Commercial Code, Capital Market Legislation, the Company's Articles of Association and the Capital Market Board's Corporate Governance Principles.

3. AUTHORITY and SCOPE

Risk Management is established to identify strategic, operational, external environmental and financial risks that may affect the company, to manage these risks in accordance with the company's corporate risk-taking profile, and to provide a reasonable degree of assurance regarding the company's achievement of its objectives; it is a systematic process applied throughout the organization, used by the company's board of directors, senior management, and all other employees in determining strategies.

The Committee acts within its authority and responsibility and makes recommendations to the Board of Directors; the final decision-making responsibility always rests with the Board of Directors. Its responsibilities include:

• Establishing effective control systems to identify, evaluate, monitor, and manage risk factors that may affect the achievement of company objectives, based on their impact and probability;
• Integrating risk management and internal control systems into the company's corporate structure and monitoring their effectiveness;
• Measuring, reporting and using risk factors in decision-making processes by the company's risk management and internal control systems, while ensuring appropriate controls;
• Establishing and reviewing risk management policies, understanding, and standards throughout the company;
• Taking and implementing all necessary action decisions regarding identified risks.

4. STRUCTURE OF THE COMMITTEE

• The Early Detection of Risk Committee consists of at least two members of the Board of Directors. If the committee consists of two members, both must be members of the Board of Directors who do not directly hold executive functions, such as the general manager or a member of the executive committee, and who do not hold executive authority in management matters. If the committee consists of more than two members, the majority of the members must be members of the Board of Directors.
• The members of the Early Detection of Risk Committee elect a chairman from among themselves. The chairman of the committee is selected from among the independent members of the Board of Directors.
• The members of the Board of Directors appoint the members of the Early Detection of Risk Committee at the first Board meeting following the General Assembly meeting at which they were elected.
• The Early Detection of Risk Committee serves until the next election of The Board of Directors.
• The Board of Directors has the discretion to terminate the term of any member of the Early Detection of Risk Committee.
• In the event of the termination, resignation, or death of any committee member, the Board of Directors appoints a new member to complete the term.

 5. DUTIES AND RESPONSIBILITIES

• It works to identify early any strategic, operational, financial, legal and other risks that may jeopardize the company's existence, development and continuity, to implement the necessary measures regarding the identified risks and to manage the risk,
• It meets as often as deemed necessary for the effectiveness of its work,
• It evaluates the situation in a report to the Board of Directors every two months, points out any dangers and suggests solutions. The committee also sends the report it prepares to the auditor,
• It may invite any manager it deems necessary to its meetings and obtain their opinions.
• The Committee prepares and submits an annual activity report to the Board of Directors, which will include the committee members, meeting frequency, activities carried out, working principles, and the effectiveness of the committee, to serve as a basis for the Board of Directors' assessment.
• The Early Detection of Risk Committee provides its opinion to the Board of Directors on establishing internal control systems, including risk management and information systems and processes, that can minimize the impact of risks that may affect the company's stakeholders, primarily shareholders.
• It participates in the design, selection, implementation, and pre-approval process of risk measurement models, which are a fundamental tool in the risk management process, regularly reviews the models, conducts scenario analyses, and makes necessary changes.
• It requests information, opinions, and reports from relevant units when deemed necessary to ensure the effective performance of the risk monitoring function.
• It monitors and evaluates the effectiveness and results of risk management activities throughout the company.
• It regularly monitors critical risks and developments related to these risks.
• It measures, reports, and uses risk elements in decision-making mechanisms by the company's risk management and internal control systems, while ensuring appropriate controls.
• The Committee reviews its risk management systems at least once a year.

6. BUDGET

In order to ensure that it can carry out its activities effectively and efficiently, the Committee has an annual budget approved by the Board of Directors.

7. ENFORCEMENT

The Committee's duties and operating principles and any changes thereto come into effect with a decision of the Board of Directors.