Ethics in Finance
We have adopted a number of policies and procedures related to the ethical conduct of our business as a bank holding company and the business of our banks as financial institutions. A sample list of policies and procedures in this area are linked or described below. The Board reviews and approves each policy on an annual basis and receives periodic training from members of management on select areas as appropriate. Company employees participate annually in a combination of live and virtual trainings. The scope of employee training is dependent on job function, however, all employees receive annual training on the Code of Business Conduct and Ethics, select Compliance regulations, and Information Security.
Code of Business Conduct and Ethics (including our whistleblower policy)
– The Board of Directors receives reports of any violations of the Company’s Code of Business Conduct and Ethics or relevant whistleblower reports. The Internal Audit Manager provides reports to the individual banks of any violations or whistleblower reports.
Code of Ethics for Senior Financial Officers
Insider Trading Policy - The Board and impacted employees are trained annually on the Company’s Insider Trading Policy which is designed to adhere to insider trading laws and regulations. Trades by Company insiders must be approved by the Company’s Insider Trading Compliance Officer and may only be made in open windows unless subject to a preapproved Rule 10b5-1 program.
Compliance Policies - The Company has a comprehensive compliance program that is designed to adhere to the requirements of compliance laws and regulations applicable to the Company and its banks. These include:
- Fair Lending Policy and testing program
- Fair Banking/UDAPP Policy
- Complaint Policy
- Community Reinvestment Act Policy
- Privacy Policy
Information Security Policies - Our information security policies are designed to adhere to current industry standards for the prevention, detection, and mitigation of information security risks. The teams responsible for these areas review and update these polices on an as needed basis as-new and emerging trends or threats are identified. The Risk Committee of the Board
receives quarterly reports on information security and the Board of Directors receives periodic reports. The Board also receives biannual reports on cybersecurity risks from an independent consultant engaged directly by the Board.
Anti-Money Laundering and Office of Foreign Assets Control Policy and Program - The Company has a comprehensive AML/OFAC policy that sets forth the responsibility of each director, executive officer, and employee for compliance with its requirements. This includes:
-
The appointment of a Bank Secrecy Act/Anti-Money Laundering Officer responsible for providing program oversight.
-
Applying reasonable measures under its Customer Identification Program (“CIP”) to identify and verify the identities of its customers consistent with the requirements of the USA PATRIOT Act.
-
Obtaining and verifying the identities of beneficial owners of its covered legal entity customers.
-
Developing and maintaining customer risk profiles designed to understand the nature and purpose of customer relationships.
-
Maintaining and updating, on a risk basis, customer due diligence information.
-
Conducting ongoing monitoring of customers and their activities to uncover and report to the appropriate regulatory and law enforcement agencies unusual and suspicious behaviors indicative of money laundering, terrorist financing, and other serious financial crimes.
-
Filing additional reports and maintaining and retaining required records as required under the Bank Secrecy Act.
-
Monitoring for, and as applicable, blocking, freezing, rejecting, and reporting restricted and prohibited financial transactions and other dealings with named parties subject to the Office of Foreign Assets Control economic sanctions programs and other required U.S. government watch lists.
-
Mandated appropriate and adequate training of bank personnel.