This document is a free translation of the Polish original. Terminology current

in Anglo-Saxon countries has been used where practicable for the purposes

of this translation in order to aid understanding. The binding Polish original

should be referred to in matters of interpretation.

Independent Auditor's Report

To the General Shareholders’ Meeting and Supervisory Board

of mBank S.A.

Report on the Audit of the Annual Consolidated Financial Statements

Opinion

We have audited the accompanying annual consolidated financial statements of mBank S.A. Group (the “Group”), whose parent entity is mBank S.A. (the „Parent Entity”), which comprise:

•      the consolidated statement of financial position as at 31 December 2023;

and, for the period from 1 January to 31 December 2023:

•      the consolidated statement of profit or loss;

•      the consolidated statement of comprehensive income;

•      the consolidated statement of changes in equity;

•      the consolidated statement of cash flows;

and

•      explanatory notes to the consolidated financial statements comprising a summary of significant accounting policies and other explanatory information;

(the “consolidated financial statements”).

In our opinion, the accompanying consolidated financial statements of the Group:

•      give a true and fair view of the consolidated financial position of the Group as at 31 December 2023 and of its consolidated financial performance and its consolidated cash flows for the financial year then ended in accordance with International Financial Reporting Standards, as adopted by the European Union (“IFRS EU”) and the adopted accounting policy;

•      comply, in all material respects, with regard to form and content, with applicable laws and the provisions of the Parent Entity's articles of association.

Our audit opinion on the consolidated financial statements is consistent with our report to the Audit Committee dated 27 February 2024.

Basis for Opinion

We conducted our audit in accordance with:

•      International Standards on Auditing as adopted by the National Council of Statutory Auditors and the Council of Polish Agency for Audit Oversight as National Standards on Auditing (the “NSA”); and

•      the act on statutory auditors, audit firms and public oversight dated 11 May 2017 (the “Act on statutory auditors”); and

•      regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities and repealing Commission Decision 2005/909/EC (the “EU Regulation”); and

•      other applicable laws.

Our responsibilities under those standards and regulations are further described in the Auditor’s Responsibility for the Audit of the Consolidated Financial Statements section of our report.

We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion.

Independence and Ethics

We are independent of the Group in accordance with International Ethics Standards Board for Accountants International Code of Ethics for Professional Accountants (including International Independence Standards) (“IESBA Code”) as adopted by the resolution of the National Council of Statutory Auditors („NCSA”), together with the ethical requirements that are relevant to our audit of the consolidated financial statements in Poland and we have fulfilled our other ethical responsibilities in accordance with these requirements and the IESBA Code. During our audit the key statutory auditor and the audit firm remained independent of the Group in accordance with requirements of the Act on statutory auditors and the EU Regulation.

Key Audit Matters

Key audit matters are those matters that, in our professional judgment, were of most significance in our audit of the consolidated financial statements of the current period. They are the most significant assessed risks of material misstatements, including those due to fraud. Key audit matters were addressed in the context of our audit of the consolidated financial statements as a whole, and in forming our opinion thereon we have summarised our response to those risks. We do not provide a separate opinion on these matters. We have determined the following key audit matters:

Legal risk related to mortgage and housing loans granted to individual customers in CHF
The carrying amount of mortgage and housing loans granted to individual customers indexed to CHF as at 31 December 2023 amounted to PLN 1.9 billion (as at 31 December 2022: PLN 6.1 billion). The total amount of adjustment decreasing gross carrying amount of loans and advances to customers indexed to CHF and provisions for legal claims related to indexation clauses included in mortgage and housing loans in CHF as at 31 December 2023 amounted to PLN 8,125.0 million (as at 31 December 2022: PLN 6,461.9 million). The costs of legal risk related to CHF loans recognised in the income statement in 2023 amounted to PLN 4,775.0 million (in 2022: PLN 3,112.3 million). Reference to the consolidated financial statements: note 34 " Legal risk related to mortgage and housing loans granted to individual customers indexed to CHF and other foreign currencies”.
Key audit matter	Our response
Historically, the Group granted mortgage loans indexed to and denominated in Swiss franc ("CHF loans"). As at 31 December 2023 there is a significant risk resulting from the effects of the judgment of the Court of Justice of the European Union ("CJEU") of 3 October 2019 in case C-260/18 and subsequent judgments of the CJEU. (see Note 34). As a result of the above judgment, the number of lawsuits brought against the Group by borrowers who took CHF-indexed housing and mortgage loans in the past increased significantly. The Group assessed that this increase may continue for some time in the future, which, given the prevailing jurisprudence in this regard, may result in lower expected cash flows from CHF loans than those resulting from the loan agreements. In order to determine the estimate of new expected cash flows from the CHF loan portfolio, the Group assessed the probability of various scenarios in terms of possible future events, taking into account both litigation and the possibility of concluding settlements with customers and making significant judgements regarding the expected number of lawsuits, the likelihood of possible verdicts by the courts, as well as the estimated scale and conditions of possible settlements with clients. Estimates of the impact of legal risk are subject to significant uncertainty and a relatively small change in key assumptions may have a significant impact on the level of losses of the Group. For the above reasons, we considered the assessment of the Group's estimate of the amount of legal risk and related disclosures in the consolidated financial statements to be a	Our audit procedures included, among others: assessing the Group's methodology for estimating the financial effects of the legal risk related to CHF loans, as well as the accounting policy in this area; •         evaluating the design and implementation of key internal controls over identification, monitoring and assessing the risk arising from disputes with clients; •         assessing the accuracy of significant inputs used to estimate the amount of legal risk by reconciling them with relevant data from the Group's IT systems and source documentation; •         obtaining confirmations from external legal counsels of legal claims regarding CHF loans in order to assess their completeness; •         assessing the appropriateness of significant assumptions adopted by the Group in the estimate of the impact of legal risk related to CHF loans, such as the probability of adopted scenarios, including those regarding future settlements with customers, the number of expected lawsuits from customers, the probability of possible courts verdicts based on the jurisprudence observed so far in this regard. This procedure included, among others: -    assessment of the validity of assumptions regarding the number of legal claims expected in the future based on historical observations and analysis of the characteristics of the CHF loan population taking also into consideration the impact of subsequent

key audit matter.

CJEU rulings; -    analysis of historical court verdicts in the context of the probabilities assigned to specific scenarios; -    analysis of external legal opinions including i.a. an assessment of impact of available CJEU and Supreme Court judgments and expected jurisprudence of general courts; -    recalculation, on sample basis, of the estimated financial effects of specific scenarios: resolution of a court case and signing settlement agreement with the client; -    assessing sensitivity of the estimated impact of legal risk related to CHF loans to changes in key assumptions and assessment whether the adopted level of these assumptions indicates bias of the Management Board of the Parent Entity; •         testing the arithmetical accuracy of the estimate of impact of legal risk related to CHF loans for the entire population of CHF mortgage loan agreements; •         analyzing the completeness and accuracy of accounting for the final court verdicts related to CHF loans; •         assessing the completeness and accuracy of the disclosures required by the relevant financial reporting standards regarding the estimate of the impact of legal risk related to CHF loans.

Allowances for expected credit losses for loans and advances to customers and provisions for loan commitments and guarantees issued
The carrying amount of loans and advances to customers measured at amortised cost as at 31 December 2023 amounted to PLN 112,876.58 million (as at 31 December 2022: PLN 119,330.0 million). Net result on impairment or reversal of impairment on loans and advances to customers not measured at fair value through profit and loss and loan commitments and guarantees issued in 2023 amounted to PLN – 1,073.6 million (in 2022: PLN -817.3 million). Reference to consolidated financial statements: note 15 “Impairment or reversal of impairment on financial assets not measured at fair value through profit or loss” and note 23 “Financial assets at amortised cost”
Key audit matter	Our response
The process of estimation of expected credit losses on loans and advances to customers measured at amortised cost comprises two major phases – identification of impairment triggers or significant increase in credit risk and measurement of expected credit losses. The impairment triggers and triggers indicating significant increase in credit risk are identified mainly on the basis of payment delinquencies, economic and financial standing of the debtor and current probability of default as compared to the date of initial recognition of a given exposure, while allowances for expected credit losses are estimated individually for specific loans and advances to customers and collectively for homogenous loan portfolios using statistical methods on the basis of risk parameters. Risk parameters such as probability of default (PD), loss given default (LGD) or exposure at default (EAD), as well as thresholds for allocation to stages (SICR) are determined for homogenous groups of loan exposures based on historical data taking into account forward looking information on expected macroeconomic conditions. Allowances for expected credit losses are the best estimate of expected credit losses on loans and advances as at the balance sheet date to be incurred within the next 12 month period or within the lifetime of the exposure. In accordance with the requirements of the relevant accounting standard, the measurement of expected credit losses takes into account projections of future economic conditions. The main risk area comprises the failure to identify existing impairment triggers and significant increase in credit risk as well as the application of inappropriate data to calculate the parameters of statistical model, including	Our audit procedures conducted with the support of our internal financial risk management and IT specialists included: •      assessment of the Group’s methodology used for estimating expected credit losses in terms of its compliance with the requirements of applicable financial reporting standards; •      assessment of the design and implementation and testing of relevant internal controls, including general IT system controls, applied in the process of identification of impairment triggers or significant increase in credit risk and estimation of expected credit losses; •      analytical procedures on the structure and dynamics of the loan portfolio and loan quality and impairment allowances parameters (i.e. share of overdue loans, allowance coverage ratio) in order to identify groups of loans with underestimated allowances on expected credit losses; •      analysis of appropriateness of the Group’s identification of impairment triggers and significant increase in credit risk and allocation to stages, taking into account qualitative and quantitative criteria; •      critical assessment of assumptions and input data used for key credit risk parameters, such as SICR, PD, LGD and EAD; •      independent recalculation of selected risk parameters for a selected sample of loan sub-portfolios;

forward looking information, which may not adequately reflect the expected credit losses existing as at a given balance sheet date. For loans that are assessed on an individual basis there is a risk of applying inappropriate assumptions regarding recovery scenarios, valuation of collateral or assumed timing of expected cash flows. Moreover, there is a risk of errors occurring during the impairment allowances calculation process. A relatively small change in these assumptions and other relevant model parameters could have a significant impact on the Group's estimate of allowances for expected credit losses. We considered this area to be a key audit matter since estimation of allowances for expected credit losses involves significant inherent risk of error and uncertainty and requires the Management Board to apply significant judgement, as well as, considering the size of the loan portfolio, has a material impact on the consolidated financial statements.

•      assessment of adequacy of allowances for expected credit losses through comparison with losses incurred historically on a given homogenous portfolio; •      for loans and advances to customers assessed individually on the basis of a selected sample – assessment of the appropriateness of identification of significant increase in credit risk and impairment triggers and for impaired assets – critical assessment of relevant assumptions adopted by the Group and independent recalculation of impairment allowances; •      assessment of completeness  and appropriateness of disclosures required by the applicable financial reporting standards in the consolidated financial statements regarding significant judgments and estimates of expected credit losses, including uncertainty related to expected macroeconomic scenarios, as well as sensitivity analysis of the level of expected credit losses relative to key assumptions applied in the model.

Responsibility of the Management Board and Supervisory Board of the Parent Entity for the Consolidated Financial Statements

The Management Board of the Parent Entity is responsible for the preparation of consolidated financial statements that give a true and fair view in accordance with IFRS EU, the adopted accounting policy, the applicable laws and the provisions of the Parent Entity's articles of association and for such internal control as the Management Board of the Parent Entity determines is necessary to enable the preparation of consolidated financial statements that are free from material misstatement, whether due to fraud or error.

In preparing the consolidated financial statements, the Management Board of the Parent Entity is responsible for assessing the Group's ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the Management Board of the Parent Entity either intends to liquidate the Group or to cease operations, or has no realistic alternative but to do so.

According to the accounting act dated 29 September 1994 (the “Accounting Act”), the Management Board and members of the Supervisory Board of the Parent Entity are required to ensure that the consolidated financial statements are in compliance with the requirements set forth in the Accounting Act. Members of the Supervisory Board of the Parent Entity are responsible for overseeing the Group’s financial reporting process.

Auditor’s Responsibility for the Audit of the Consolidated Financial Statements

Our objectives are to obtain reasonable assurance about whether the consolidated financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditors’ report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with NSAs will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material

if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these consolidated financial statements.

The scope of audit does not include assurance on the future viability of the Group or on the efficiency or effectiveness with which the Management Board of the Parent Entity has conducted or will conduct the affairs of the Group.

As part of an audit in accordance with NSAs, we exercise professional judgment and maintain professional scepticism throughout the audit. We also:

•      identify and assess the risks of material misstatement of the consolidated financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control;

•      obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the Group's internal control;

•      evaluate the appropriateness of accounting policies used and the reasonableness of accounting estimates and related disclosures made by the Management Board of the Parent Entity;

•      conclude on the appropriateness of the Management Board of the Parent Entity’s use of the going concern basis of accounting and, based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the Group’s ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in our auditors’ report on the audit of the consolidated financial statements to the related disclosures in the consolidated financial statements or, if such disclosures are inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up to the date of our auditors’ report on the audit of the consolidated financial statements. However, future events or conditions may cause the Group to cease to continue as a going concern;

•      evaluate the overall presentation, structure and content of the consolidated financial statements, including the disclosures, and whether the consolidated financial statements represent the underlying transactions and events in a manner that achieves fair presentation;

•      obtain sufficient appropriate audit evidence regarding the financial information of the entities or business activities within the Group to express an opinion on the consolidated financial statements. We are responsible for the direction, supervision and performance of the group audit. We remain solely responsible for our audit opinion.

We communicate with the Audit Committee of the Parent Entity regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.

We provide the Audit Committee of the Parent Entity with a statement that we have complied with relevant ethical requirements regarding independence, and communicate with them all relationships and other matters that may reasonably be thought to bear on our independence, and where applicable, actions taken to eliminate threats or safeguards applied.

From the matters communicated with the Audit Committee of the Parent Entity, we determine those matters that were of most significance in the audit of the consolidated financial statements of the current reporting period and are therefore the key audit matters. We describe these matters in our auditors’ report on the audit of the consolidated financial statements unless law or regulation precludes public disclosure about the matter or when, in extremely rare circumstances, we determine that a matter should not be communicated in our report because the adverse consequences of doing so would reasonably be expected to outweigh the public interest benefits of such communication.

Other Information

The other information comprises:

•      the Letter of the President of the Management Board of mBank S.A. to the Shareholders;

•      the Letter from the Chairwoman of the Supervisory Board of mBank S.A. to the Shareholders;

•      the Management Board Report on Performance of mBank S.A. Group in 2023 (including Management Board Report on Performance of mBank S.A.) (“report on activities”) including the corporate governance statement and the statement on non-financial information referred to in art. 55 paragraph 2b of the Accounting Act, which are separate parts of the report on activities and the statement of the Management Board regarding the preparation of the consolidated financial statements, the separate financial statements and report on activities;

•      the Management Board’s information on the selection of an audit firm to carry out the audit of stand-alone and consolidated annual financial statements in line with the applicable provisions, including the provisions on the audit firm selection and on the audit firm selection procedure;

•      the Statement of the Supervisory Board with respect to the Audit Committee;

•      the Supervisory Board’s assessment, together with justification, of the management report and financial statements in terms of their compliance with books, documents and facts; and

•      the Assessment of the Supervisory Board of mBank S.A. on the situation of the company on a consolidated basis, including the adequacy and effectiveness of the company’s systems of internal control, risk management, compliance with standards or applicable practices and internal audit,

(together the “other information”).

Responsibility of the Management Board and Supervisory Board

The Management Board of the Parent Entity is responsible for the other information in accordance with applicable laws.

The Management Board and members of the Supervisory Board of the Parent Entity are required to ensure that the report on activities, including each of its separate parts, is in compliance with the requirements set forth in the Accounting Act.

Auditor’s Responsibility

Our opinion on the consolidated financial statements does not cover the other information.

In connection with our audit of the consolidated financial statements, our responsibility was to read the other information and, in doing so, consider whether the other information is materially inconsistent with the consolidated financial statements or our knowledge obtained in the audit, or otherwise appears to be materially misstated. If, based on the work we have performed, we conclude that there is a material misstatement in the other information, we are required to report that fact.

In accordance with the Act on statutory auditors our responsibility was to report if the report on activities was prepared in accordance with applicable laws and the information given in the report on activities is consistent with the consolidated financial statements.

Moreover, in accordance with the requirements of the Act on statutory auditors our responsibility was to report whether the Group included in the statement on corporate governance the information required by the applicable laws and regulations, and in relation to specific information indicated in those laws or regulations, to determine whether it complies with the applicable laws and is consistent with the consolidated financial statements and to inform whether the Group prepared a statement on non-financial information.

The letter of the President of the Management Board of mBank S.A. to the Shareholders and the Management Board Report on Performance of mBank S.A. Group in 2023 (including Management Board Report on Performance of mBank S.A.) were made available for us before the date of this auditor’s report and the Letter from the Chairwoman of the Supervisory Board of mBank S.A. to the

Shareholders, the Management Board’s information on the selection of an audit firm to carry out the audit of stand-alone and consolidated annual financial statements in line with the applicable provisions, including the provisions on the audit firm selection and on the audit firm selection procedure, the Statement of the Supervisory Board with respect to the Audit Committee, the Supervisory Board’s assessment, together with justification, of the management report and financial statements in terms of their compliance with books, documents and facts and the Assessment of the Supervisory Board of mBank S.A. on the situation of the company on a consolidated basis, including the adequacy and effectiveness of the company’s systems of internal control, risk management, compliance with standards or applicable practices and internal audit are expected to be made available for us after this date. If we conclude that there is a material misstatement therein, we are required to communicate this matter to the Supervisory Board of the Parent Entity.

Opinion on the Report on Activities

Based on the work undertaken in the course of our audit of the consolidated financial statements, in our opinion, the accompanying report on activities, in all material respects:

•      has been prepared in accordance with applicable laws, and

•      is consistent with the consolidated financial statements.

Opinion on the Statement on Corporate Governance

In our opinion, the corporate governance statement, which is a separate part of the report on activities, includes the information required by paragraph 70 subparagraph 6 point 5 of the Decree of the Ministry of Finance dated 29 March 2018 on current and periodic information provided by issuers of securities and the conditions for recognition as equivalent of information required by the laws of a non-member state (the “decree”).

Furthermore, in our opinion, the information identified in paragraph 70 subparagraph 6 point 5 letter c-f, h and letter i of the decree, included in the corporate governance statement, in all material respects:

•      has been prepared in accordance with applicable laws; and

•      is consistent with the consolidated financial statements.

Information about the Statement on Non-financial Information

In accordance with the requirements of the Act on statutory auditors, we report that the Group has prepared a statement on non-financial information referred to in art. 55 paragraph 2b of the Accounting Act as a separate part of the report on activities.

As part of the consolidated financial statements audit we have not performed any assurance procedures in relation to the statement on non-financial information and, accordingly, we do not express any assurance conclusion thereon.

Statement on Other Information

Furthermore, based on our knowledge about the Group and its environment obtained in the audit of the consolidated financial statements, we have not identified material misstatements in the report on activities and the other information.

Report on Other Legal and Regulatory Requirements

Information on Compliance with Prudential Regulations

The Management Board of the Parent Entity is responsible for the Group’s compliance with the applicable prudential regulations defined in separate laws, in particular for the appropriate determination of the capital ratios.

Our responsibility was to inform in our auditor’s report whether the Group complies with the applicable prudential regulations defined in separate laws, in particular whether the Group appropriately determined the capital ratios presented in note 47 “Capital adequacy”.

The audit objective was not to express an opinion on the Group’s compliance with the applicable prudential regulations and therefore we do not express such an opinion.

Based on our audit of the consolidated financial statements of the Group, we inform that we have not identified any instances of non-compliance, in the period from 1 January to 31 December 2023, of the Group with the applicable prudential regulations, defined in separate laws, in particular with respect to the determination of the capital ratios as at 31 December 2023, that could have a material impact on the consolidated financial statements.

Statement on Services Other than Audit of the Financial Statements

To the best of our knowledge and belief, we did not provide prohibited non-audit services referred to in Art. 5 paragraph 1 second subparagraph of the EU Regulation and Art. 136 of the act on statutory auditors.

Services other than audit of the financial statements, which were provided to the Group and entities under the control of the Parent Entity in the audited period are listed in point 13.2 of the report on activities.

Appointment of the Audit Firm

We have been appointed for the first time to audit the annual consolidated financial statements of the Group by resolution of the General Shareholders’ Meeting dated 31 March 2022. Our period of total uninterrupted engagement is 2 years, covering the periods ended 31 December 2022 to 31 December 2023.

Opinion on Compliance of the Consolidated Financial Statements Prepared in the Single Electronic Reporting Format with the Requirements of the Regulatory Technical Standards on the Specification of a Single Electronic Reporting Format

As part of our audit of the consolidated financial statements we were engaged to perform a reasonable assurance engagement in order to express an opinion on whether the consolidated financial statements of the Group as at 31 December 2023 and for the year then ended prepared in the single electronic reporting format included in the reporting package named mBank-SSF-2023-12-31-pl.zip (the “consolidated financial statements in the ESEF format”) were tagged in accordance with the requirements specified in the Commission Delegated Regulation (EU) of 17 December 2018 supplementing Directive 2004/109/EC of the European Parliament and of the Council with regard to regulatory technical standards on the specification of a single electronic reporting format (the “ESEF Regulation”).

Defining the Criteria and Description of the Subject Matter of the Service

The consolidated financial statements in the ESEF format have been prepared by the Management Board of the Parent Entity to meet the tagging requirements and technical requirements for the specification of a single electronic reporting format, which are defined in the ESEF Regulation. The subject of our assurance service is the compliance of the tagging of the consolidated financial statements in the ESEF format with the requirements of the ESEF Regulation, and the requirements set out in these regulations are, in our opinion, appropriate criteria for our opinion.

Responsibility of the Management Board and Supervisory Board of the Parent Entity

The Management Board of the Parent Entity is responsible for the preparation of consolidated financial statements in the ESEF format in accordance with the tagging requirements and technical conditions of a single electronic reporting format, which are specified in the ESEF Regulation. Such responsibility includes the selection and application of appropriate XBRL tags using the taxonomy specified in the that regulation.

This responsibility of the Management Board of the Parent Entity includes designing, implementing and maintaining internal control relevant to the preparation of the consolidated financial statements in the ESEF format that is free from material non-compliance with requirements specified in the ESEF Regulation, whether due to fraud or error.

The members of the Parent Entity’s Supervisory Board are responsible for overseeing the financial reporting process, including the preparation of financial statements in the format required by applicable law.

Auditor’s Responsibility

Our objective is to issue an opinion about whether the consolidated financial statements in the ESEF format were tagged in accordance with the requirements specified in the ESEF Regulation.

We conducted our engagement in accordance with the National Standard on Assurance Services Other than Audit or Review 3001PL “Audit of financial statements prepared in a single electronic reporting format” as adopted by the NCSA (“NSAE 3001PL”) and where applicable, in accordance with the International Standard on Assurance Engagements 3000 (Revised) “Assurance Engagements Other than Audits or Reviews of Historical Financial Information” as adopted by the NCSA as the National Standard on Assurance Engagement 3000 (Revised) (“NSAE 3000 (R)”). These standards require that the auditor plans and performs procedures to obtain reasonable assurance about whether the consolidated financial statements in the ESEF format were prepared in accordance with specified criteria.

Reasonable assurance is a high level of assurance, but it is not guaranteed that the assurance engagement conducted in accordance with NSAE 3001PL and where applicable, in accordance with NSAE 3000 (R) will always detect material misstatement.

The procedures selected depend on the auditor’s judgment, including the assessment of the risks of material misstatements, whether due to fraud or error. In making those risk assessments, the auditor has considered internal controls relevant to the preparation of the consolidated financial statements in the ESEF format in accordance with the specified criteria in order to design procedures that are appropriate, which provide the auditor with sufficient and appropriate evidence under the circumstances. The assessment of internal controls was not performed for the purpose of expressing an opinion thereon.

Summary of the Work Performed

Our procedures planned and performed included, among others:

•      obtaining an understanding of the process of preparing the consolidated financial statements in the ESEF format, including selection and application of XBRL tags by the Parent Entity and ensuring compliance with the ESEF Regulation, including an understanding of the mechanisms of internal control relevant to this process,

•      reconciling on a selected sample the tagged information included in the consolidated financial statements in the ESEF format to the audited consolidated financial statements,

•      assessing by using a specialized IT tool compliance with the regulatory technical standards regarding the specification of a single electronic reporting format,

•      assessing the completeness of tagging with respect to:

-         all numbers in a declared currency disclosed in the consolidated statement of financial position, the consolidated statement of profit or loss, the consolidated statement of comprehensive income, the consolidated statement of changes in equity and the consolidated statement of cash flows in the consolidated financial statements in the ESEF format, and

-         notes comprising a summary of significant accounting policies and other explanatory information on a sample of XBRL tags, in particular block tags, in accordance with the mandatory elements of the core taxonomy contained in Annex II of ESEF Regulation,

•      inspecting the block tagging to assess whether the regulatory technical standards‘ requirement has been correctly applied to include the relevant data within the scope of the digital tag, on a sample basis,

•      assessing whether the XBRL tags from the core taxonomy specified in the ESEF Regulation were properly applied, and whether the taxonomy extensions were used in situations where the closest core taxonomy element could misrepresent the accounting meaning of the disclosure, on a sample basis,

•      assessing the correctness of anchoring of the applied taxonomy extensions in the core taxonomy specified in the ESEF Regulation, on a sample basis,

•      inspecting how the data is presented within the digital tag to assess whether the presentation is reasonable within the boundaries of the technical capabilities connected with block tagging, on a sample basis.

Requirements of the Quality Control and Ethical Requirements, including Independence

The firm applies International Standard on Quality Management (PL) 1 “Quality Management for Firms that Perform Audits or Reviews of Financial Statements, or Other Assurance or Related Services Engagement” as adopted by the Council of Polish Agency for Audit Oversight as National Standard on Quality Control 1, which requires us to design, implement and operate a system of quality management including policies or procedures regarding compliance with ethical requirements, professional standards and applicable legal and regulatory requirements.

We have complied with the independence and other ethical requirements of the IESBA Code as adopted by the resolution of the NCSA, which is founded on fundamental principles of integrity, objectivity, professional competence and due care, confidentiality and professional behaviour as well as other independence and ethical requirements, applicable to this assurance engagement in Poland.

Opinion on Compliance with the Requirements of ESEF Regulation

Our opinion has been formed on the basis of, and is subject to, the matters outlined above.

We believe that the evidence we have obtained is sufficient and appropriate to provide a basis for our opinion on compliance with the requirements of the ESEF Regulation.

In our opinion, the consolidated financial statements in the ESEF format as at 31 December 2023 and for the year then ended was tagged, in all material respects, in accordance with the requirements of the ESEF Regulation.

On behalf of audit firm

KPMG Audyt Spółka z ograniczoną odpowiedzialnością sp.k.

Registration No. 3546

Signed on the Polish original

Marcin Podsiadły

Key Statutory Auditor

Registration No. 12774

Proxy

Warsaw, 27 February 2024