The Bank's Organizational Model

The General Meeting of Shareholders is the most important corporate body of the company, representing all shareholders. All its resolutions are binding to all when adopted in accordance with the law and the articles of association.

The functioning of the General Meeting of Shareholders of Banco Comercial Português, S.A., issuer of shares listed in a regulated market, is ruled by the company's articles of association and by specific provisos of the Companies Code (CC) and of the Securities Code (SC).

The General Meeting of Shareholders has the power to:

• elect and dismiss its own Board as well as the members of the administration and supervision bodies and of the Remunerations and Welfare Board;
• approve the alterations to introduce in the company's articles of association;
• resolve on the management report, on the financial statements and on the proposal for the appropriation of profits;
• resolve on all matters submitted by the administration and supervision bodies; and, in general
• resolve on all issues especially committed to it by law and by the articles of association or on those that are not comprehended within the attributions committed to other company's bodies.

The General Meeting of Shareholders shall meet whenenver legally convoked and all shareholders may attend it and may participate therein in accordance with the law and the articles of association. Each share shall correspond to one vote.

Board of the General Meeting (Term-of-office 2020/2023):

Chairman:
Pedro Rebelo de Sousa

Vice-Chairman:
Octávio Castelo Paulo

Board Secretary: Company Secretary (Ana Patrícia Moniz Macedo)

The Board of Directors is the corporate management body of the Bank and is responsible for ensuring all operational activity not attributed to other bodies, in compliance with the strictest rules of good banking practice.

The Board of Directors of the Bank is composed of a minimum of fifteen and a maximum of nineteen members, elected by the General Meeting of Shareholders for a four -year term-of-office. Their re-election is permitted.

The Board of Directors has a wide set of powers established by law and by the company's articles of association. The following competences are to be exclusively performed by the Board of Directors:

a) Chose its Chairperson and Vice-Chairpersons when these are not appointed by the General Meeting;
b) Appoint directors to fill in eventual vacancies;
c) Ask the Chairperson of the Board of the General Meeting to call the General Meeting;
d) Resolve on the change of head office and share capital increases, under the terms of the law and of the articles of association;
e) Approve mergers, demergers and other changes to the company;
f) Resolve, under the terms of the law and of the articles of association, on the issue of shares and other securities that imply or may imply a share capital increase by the Bank, establishing the conditions and carrying out, with them, all operations permitted by law, abiding by any limits set by the General Meeting;
g) Approve the Annual Reports and Financial Statements and the proposals that the management body is responsible for submitting to the General Meeting, namely the proposal for the appropriation of profits;
h) Define the general policies and strategy for the Bank and for the group;
i) Approve the annual budgets and longer-term budgets and monitor their execution;
j) Through its Audit Committee, ensure the issue of an opinion on loans, regardless of the form, or on the engagement of services to (i) members of corporate bodies, (ii) holders of stakes above 2% of the Bank's share capital, computed according to Article 20 of the Securities Code, as well as (iii) individuals or companies related to them;
k) Approve the Group Codes and ratify the Service Orders approved or amended by the Executive Committee;
l) Ratify any acts undertaken on its behalf by the Chairperson or by his/her alternate in case of emergency;
m) Hire and replace, under proposal of the Audit Committee, the external auditor appointed pursuant to article 23 (e) of these Articles of Association;
n) Delegate on an Executive Committee composed of a minimum of six and a maximum of nine of its members the day-to-day management of the Bank, under the terms and with the scope of the resolution that delegates such powers, whether this scope is increased or reduced;
o) Appoint the company secretary and the respective alternate;
p) Resolve on the granting or termination of functions of all the employees who are managers and report directly to the Board of Directors or to any of its committees or commissions, including the Executive Committee, as well as of any members of corporate bodies appointed by the Bank, approve their salaries, social benefits and other payments, as well as approve the conditions for terminating their contracts. This power shall be delegated to the Commission for Nominations and Evaluations;
q) Appoint, among other heads, a Head of Investors Relations, a Risk Officer, a Compliance Officer, a Head of Audit Department and a Group Treasurer, who must have the adequate expertise and profile to undertake such functions and to whom the BoD must give the autonomy and all the necessary means to carry out their functions. This power shall be delegated to the Commission for Nominations and Evaluations;
r) Appoint a Client Ombudsman, who must necessarily be an individual with a recognized ability, honesty and experience in banking, without employment ties to the Bank and to whom the BoD must ensure all the necessary means to carry out his/her functions freely and independently;
s) Approve the respective internal regulations, as well as the regulations of the Executive Committee and of the other commissions it decides to create;
t) Define and resolve on eventual changes to the group's corporate structure;
u) Resolve on significant extensions or reductions of the group's activity;
v) Annually assess the Bank's governance model, supported, if necessary, by the prior appraisal of the Commission for Corporate Governance, and disclose such assessment in the Annual Corporate Governance Report, identifying eventual constraints to its functioning and proposing measures to overcome them within the law;
w) Ensure that the Bank has efficient systems for internal control, risk management and internal audit;
x) Appoint the members of the Board for International Strategy;
y) Delegate to one or more of its members, as far as it is allowed by law, representation and management powers for isolated acts or categories of acts.

At meeting held on 06.09.2018, the BoD delegated to an Executive Committee, composed of 6 of its members, the management of the Bank, exception made to the competences indicated above.

Term-of-office 2022/2025:

Chairman:
Nuno Manuel da Silva Amado

Vice-Chairmen
Jorge Manuel Baptista Magalhães Correia
Valter Rui Dias de Barros
Miguel Maya Dias Pinheiro

Members:
Altina de Fátima Sebastian Gonzalez Villamarin
Ana Paula Alcobia Gray
Cidália Maria Mota Lopes
Fernando da Costa Lima
João Nuno de Oliveira Jorge Palma
José Miguel Bensliman Schorcht da Silva Pessanha
Lingjiang Xu
Lingzi Yuan (Smilla Yuan)
Maria José Henriques Barreto de Matos de Campos
Miguel de Campos Pereira de Bragança
José Pedro Rivera Ferreira Malaquias
Rui Manuel da Silva Teixeira

The supervision of the company will be carried out by an Audit Committee, elected by the General Meeting and composed by a minimum of three and a maximum of five members, appointed together with the remaining directors. The proposals for the election of the members of the Board of Directors must point out which members will be part of the Audit Committee and indicate the respective Chairperson.
Beyond the remaining competences attributed to it by law, the Audit Committee will be specifically in charge of:

a) Monitoring the Bank's management;
b) Verifying the compliance with the law and with the articles of association;
c) Verifying the regularity of the books, accounting records and documents supporting them;
d) Verifying the accuracy of the financial statements;
e) Supervising the efficiency of the risk management system, of the internal control system and of the internal audit system;
f) Proposing to the General Meeting the election of the Chartered accountant and of the external auditor;
g) Engaging the provision of services by experts to assist one or several of its members in the exercise of his/her/their functions. This engagement and the remuneration of the experts must take into account the importance of the issues committed to them and the Bank's economic situation.

Term-of-office 2022/2025

Chairwoman:
Cidália Maria Mota Lopes

Members:
Fernando da Costa Lima
Valter Rui Dias de Barros

Alternate member
Altina de Fátima Sebastian Gonzalez Villamarin

The Board of Directors has created specialized committees to follow certain specific matters on an ongoing basis, which are:

Committee for Corporate Governance, Ethics and Sustainability

Chairman:
Nuno Manuel da Silva Amado

Members:
Lingjiang Xu
José Pedro Rivera Ferreira Malaquias

Functions:

In addition to other duties attributed by the Board of Directors, the Committee for Corporate Governance, Ethics and Sustainability is responsible for, namely, recommending the adoption by the Board of Directors of policies in accordance with ethical and social responsibility principles and best practices in matters of corporate governance and sustainability principles, and assisting the Board of Directors in evaluating the systems for identification and resolution of conflicts of interests, as well as assessing the compliance function, by reviewing the procedures instituted and any non-compliance verified.
This Committee is also responsible for issuing an opinion on the corporate governance report and the sustainability report.

Committee for Nominations and Remunerations

Chairwoman:
Lingzi Yuan (Smilla Yuan)

Members:
Lingjiang Xu
Valter Rui Dias de Barros

Functions:

Its main goal is to contribute for the development of the talent management in Group Millennium bcp, being responsible for making and conveying to the Board of Directors recommendations or opinions on the appointment of new members of the Executive Committee (EC) and of Employees with a managing category reporting directly to the BoD or to the EC and for monitoring the Bank's policies on management of human resources and staff.

Committee for Risk Assessment

Chairman:
Fernando da Costa Lima

Members:
Ana Paula Alcobia Gray
Altina de Fátima Sebastian Gonzalez Villamarin

Functions:
This Committee is responsible for advising the Board of Directors on issues related with the definition of the risk strategy, capital and liquidity management and management of market risks.

The Board of Directors (BoD) appointed an Executive Committee (EC) on 06.09.2022 which performs all the Bank's management functions that are not to be solely exercised by the Board of Directors.

Term-of-office 2022/2025

Chairman:
Miguel Maya Dias Pinheiro

Vice-Chairmen:
Miguel de Campos Pereira de Bragança
João Nuno de Oliveira Jorge Palma

Members:
Rui Manuel da Silva Teixeira
José Miguel Bensliman Schorcht da Silva Pessanha
Maria José Henriques Barreto de Matos de Campos

The Chief Executive Officer must:
a) Ensure that all information is provided to the remaining members of the BoD relating to the activity developed by the EC and the resolutions adopted by it;
b) Ensure the compliance with the delegation limits and the Bank's strategy;
c) Coordinate the activities of the EC, chairing its meetings and monitoring the execution of its resolutions.

The Executive Committee is organized by Areas of Responsibility.

With the purpose of promoting a better articulation of current management decisions, involving the top management of the units part of each Business area in order to align perspectives and support management decision-making, the Executive Committee appointed the following Commissions and Sub - Commissions:

• Costs and Investments
  • Cost and Investments Sub - Commission
• Corporate
• Human Resources
• Retail
• Private Banking and Investment Products & Services
• Compliance and Operational Risks
• Credit
• Capital Assets and Liabilities Management (CALCO)
• Risk
  • Validation and Monitoring of Models Sub-Commission
• Credit and Non-Performing Assets Monitoring
• Pensions Funds Risk Monitoring
• Operational Resilience
• Sustainability
• Corporate Risk Monitoring

The Statutory Auditor of the Bank and its substitute are elected by the General Meeting of Shareholders, pursuant to a proposal presented by the Audit Committee, for a 3-year term-of-office.

The Statutory Auditor exercises the functions foreseen by law and in the articles of association, namely:

• Verifying the regularity of the accounting books and records;
• Verifying if the accounting policies and the worth measurement procedures adopted conduct to a correct evaluation of assets and earnings;
• Verifying the accuracy of the financial statements;
• Auditing the financial statements and other relevant services;
• Making a monthly report on its supervising activities;
• Participating in the meetings held by the administration bodies whenever its presence is deemed as relevant, namely when the financial statements of the company are approved.

The Statutory Auditor may also advise on other subjects, pursuant to a request made by the Chairperson of the Board of Directors or of the Audit Committee.

2021/2023 Term-of-office

Effective Statutory Auditor - Deloitte & Associados – Sociedade de Revisores Oficiais de Contas, S.A: represented by or João Carlos Henriques Gomes Ferreira
Alternate Statutory Auditor - Carlos Batalha Duarte Catulo

The Remunerations and Welfare Board is composed of three to five members, appointed by the General Meeting. The majority of the members of the Remunerations and Welfare Board shall be independent.

2022/2025 Term-of-office

Chairman:
José António Figueiredo Almaça

Members:
Jorge Manuel Baptista Magalhães Correia
Valter Rui Dias de Barros

The Strategic Board is an advisory and non-permanent body of the Bank, that is responsible for assessing, reflect upon and issue recommendations submitted to it by the Board of Directors.

Members due to their functions:
Nuno Manuel da Silva Amado
Jorge Manuel Baptista Magalhães Correia
Valter Rui Dias de Barros
Miguel Maya Dias Pinheiro

The Board of Directors may, on a case-by-case basis, appoint up to five ad-hoc members, to choose from among representatives of shareholders with qualified holdings and other personalities of recognized merit linked to the themes that, at any given moment, are the object of analysis by the of the Strategic Board, and whose functions will cease at the same time as the end of the term of office of the Board of Directors.

The Company Secretary and the Alternate Company Secretary are appointed by the Board of Directors, and their term-of-office matches that of the Board of Directors that appointed them.

The Company Secretary is responsible for:

• supporting the Bank's corporate bodies and respective committees and commissions in all legal, administrative and logistic matters, ensuring that they work efficiently;
• providing legal advisory services to the Bank and to the Group companies, in terms of company law and corporate governance, being responsible for arranging the registry of all acts with the Supervision Authorities and Commercial Registry Offices;
• the arrangement and setup of the General Meetings of Shareholders of the Bank and of Group companies, as well as answering requests from shareholders and drawing up the Corporate Governance Report;
• giving her/his contribution and cooperation to all areas of the Bank, whether by executing or validating actions and documents;
• ensuring the disclosure of internal institutional communications.

In the absence or impediment of the Company Secretary, the Alternate Company Secretary undertakes these duties.

These positions are presently undertaken by:
Company Secretary: Ana Patrícia Moniz Macedo
Alternate Company Secretary: António Augusto Amaral de Medeiros

The Client Ombudsman's Office of Millennium bcp ensures that the Bank's Customers receive an independent service relative to the institution's governance and hierarchical structures, so as to guarantee impartiality in the analysis and settlement of any claims submitted by them, related to the banking and financial services provided by Millennium bcp.

The Client Ombudsman's Office acts in conformity with specific Regulations, basing its conduct on the applicable imperative legal provisions, the Bank's Code of Conduct and other binding internal procedures, and may adopt judgements of fairness with a view to obtaining the most suitable solutions.

The position of Ombudsman is held by Miguel Pedro Lourenço Magalhães Duarte, a person of recognised competence and very considerable experience in the banking business, with no employment ties with Banco Comercial Português, S.A. or any company or institution controlled by the Bank.

The Compliance Office's primary mission is to verify that all the Group's institutions adopt the internal and external regulations that frame its activities so as to help mitigate the risk of such institutions incurring in sanctions or significant asset or reputation losses.

• Exercising the functions attributed to it by the Portuguese Law or another source of law. While exercising the powers that fall to it within this context, the Compliance Office shall issue decisions that are binding for the addressees ("determinations");
• Exercising the functions attributed to it by the Bank's corporate bodies. The act whereby such powers are granted shall define how binding the decisions issued pursuant to this paragraph shall be;
• Drawing up opinions and studies, at the request of the Bank's various areas and divisions, regarding matters not encompassed by the previous paragraphs. The drawing up of opinions and studies within this scope shall depend upon the prior appraisal of the subject's relevance from a compliance standpoint. While exercising this advisory function, the Compliance Office aims to identify and assess the various risks present, approving non-binding proposals addressed to the target areas ("recommendations").

The determinations issued by the Compliance Office, within the scope of the functions attributed by the Portuguese law or by another law source, shall be binding and can only be breached by means of an authorization in writing issued by the Director in charge of the area addressed by the determinations. The determinations issued by the Compliance Office under the scope of the powers granted to it by the corporate bodies shall also be binding, unless otherwise decided by the internal decision-making bodies duly empowered for the act.

While exercising the respective functions and within its powers, the Compliance Office is empowered to suspend any and all transactions or processes it deems to be against the rules in effect.

The Compliance Office is responsible for reporting to the management body all non-compliant situations found while exercising its functions that may cause the institution to undertake an administrative offence or any other illicit action and incur in significant asset or reputation losses, and for drawing up and presenting a report to the management body, at least once a year, identifying all the non-compliant situations found and the recommendations issued to correct the nonconformities or defects recorded.

The Compliance Office shall actively intervene in the employee training policy, namely by providing training sessions on compliance to the entire Group, by maintaining a high level of intelligence on compliance-related matters [namely on anti-money laundering and counter terrorism financing - AML/CTF] and by fostering a culture of internal control within the Group.

This Office must have a cooperative relation with other divisions, without prejudice to the regulations regarding the separation of functions, always based on mutual respect and abiding by the Bank's ethics code.

Compliance Officer: Pedro Manuel Francisco da Silva Dias.

The Risk Office is the unit in the organizational structure through which the Bank ensures the coordination of the activities inherent to risk management. Therefore it pertains to the Risk Office to put in place or promote the application of the Group's risk management and control policies defined, at each moment, by the Board of Directors (BoD) of Banco Comercial Português, S.A..

Hence, the Risk Office focuses its actions on the constant promotion of a strong and effective infrastructure for risk management and control, the execution of a set of permanent processes that enable the Group to gain an adequate understanding of the nature and size of the underlying risks of the business (and business support) activities undertaken, thus allowing for an adequate execution of the strategy and to meet the company's goals in a sustainable way.

On the other hand, the risk management and control activities and processes are bound by a set of internal rulings - some applicable to the entire Group and other applicable to each Group entity - that specifically address various issues and procedures pertaining to the assessment and control of several risks, such as credit risk, market risk, operating risk or liquidity risk among others. It also falls to the Risk Office to keep these rulings permanently up-to-date and to propose new internal rulings that become necessary over time.

Hence, the risk management function - which, together with the Internal Audit and the Compliance functions, makes up the Group's Internal Control System - identifies, assesses monitors and controls all internal and external material risks faced by the Group entities.

In terms of organization, the Group Risk Office and its Head report directly to the BoD of Banco Comercial Português, reporting in functional terms to the bank's Commission for Risk Assessment.

The role of the Risk Commission (RC) – that stems from the BoD's Executive Committee - should also be highlighted. All of the Executive Directors are members of this Commission, as well as the Heads of the areas that have a direct intervention in risks' management. The RC is responsible, at an executive level, for the Group's risk management and control framework, establishing its respective principles, rules, limits and procedures for the Group's entities, in accordance with the defined risk limits.

The Risk Commission (that stems from the BoD's Executive Committee and seats all of the committee's members, as well as the Heads of the areas that have a direct intervention in risks' management) and the Risk Office of Banco Comercial Português are represented in the main subsidiary companies by equivalent bodies, thus ensuring the consistency and strength of the risk management and control policy in the entire Group, applying, as much as possible, the same metrics and management instruments

Risk Officer: Luís Miguel Manso Correia dos Santos

Since its incorporation, Banco Comercial Português, S.A. assumed the commitment of establishing a complete, accurate, available and efficient relationship with Portuguese and foreign investors, and with the supervision entities and with the market in general.

The main function of the Investors Relations Department (IRD) is to provide to the market all the information relating to events, facts that, in legal and regulatory terns, are considered, "relevant facts", announce the quarterly financial statements and disclose news related with the activities carried out by the Bank and the Group and, at the same time, reply to questions and information requests made by investors or the public in general, on financial issues and on public issues related with the development of the Group's activities.

Contacts of the Investors Relations Department
Telephone: + 351 21 113 10 84
Facsimile: + 351 21 113 69 82
e-mails:
investors@millenniumbcp.pt
bernardo.collaco@millenniumbcp.pt

Representative for the relations with the market: Bernardo Roquette de Aragão de Portugal Collaço.

The Audit Division is the body responsible for the internal audit function of Banco Comercial Português. The Head of the Audit Division is also the Head of Group Internal Audit, being responsible for the general supervision and coordination of the internal audit activities of the entire Group.

This Department carries out its mission by adopting principles of internal auditing which are internationally recognised and accepted, issuing recommendations based on the outcome of the assessments made, aimed at adding value to the organisation and improving the control and quality of the Bank's operations, contributing to the achievement of its strategic interests and ensuring that:

• The risks are duly identified and managed, and the controls are correct and proportional to the risks;
• The Bank's capital assessment system is adequate in relation to its level of risk exposure;
• The different governing bodies interact in an adequate, effective and efficient manner;
• The operations are recorded correctly and the operational, financial and management information is rigorous, reliable and timely;
• The safeguarding and security of the interests and assets of the Bank and Group or of those which were entrusted to them are duly ensured;
• The Employees perform their duties in conformity with the internal policies, codes of conduct, rules and procedures and with the legislation and other applicable regulations;
• The resources are economically acquired, efficiently used and adequately protected;
• The programmes, plans and objectives defined by the management are followed through;
• The legal and regulatory matters of impact on the organisation are recognised, clearly understood and duly addressed.

The Audit Department's mission also includes the prevention, detection and control of fraud.

Head of the Audit Division: Rui Manuel Pereira Pedro

The company Deloitte & Associados, SROC, S.A. (Deloitte) is the audit company presently working as External Auditor of the Bank and of the Group, reelected at the Annual General Meeting of Shareholders held on 20.05.2021 pursuant to a proposal made by the Audit Committee.

The Audit Committee is responsible for the internal supervision of the independence of the External Auditor, namely in what regards the provision of additional services, as well as for the pertaining performance assessment.

For the purpose of safeguarding the Auditor's independence and bearing in mind the Portuguese and international good practices and standards, namely the Sarbanes-Oxley Act, both the Bank's Audit Committee and Deloitte approved the set of guidelines described below:

• The Deloitte and the companies or legal persons belonging to it ("Network") cannot render the services considered forbidden, under the terms of paragraph 201 of the Sarbanes-Oxley Act, to the Bank or to the Group;
• The engagement of the remaining services not forbidden, when made by any of the bank's organic unit or one of its holdings, requires prior approval by the Bank's Audit Committee.

Within the scope of the Quality Control all the above mentioned procedures are also subject to the compliance tests periodically made by Deloitte.