Risk Factors Summary
Our business is subject to a number of risks, a summary of which is set forth below. These risks are discussed more fully in Part I, Item 1A, Risk Factors herein.
Credit Risks
Changes and instability in economic conditions, geopolitical matters and financial markets could adversely impact our business, results of operations and financial condition.
Changes in U.S. trade policies may adversely impact our business, financial condition, and results of operations.
Our allowance for credit losses on loans may be insufficient.
We are subject to lending concentration risks.
CRE lending may expose us to increased lending risks.
We depend on the accuracy and completeness of information in connection with our customers and counterparties.
Lack of system integrity or credit quality related to funds settlement could result in a financial loss.
We are subject to environmental liability risk associated with lending activities.
Liquidity and Interest Rate Risks
Impairment of our access to liquidity could affect our ability to meet our obligations.
The proportion of our uninsured deposits may expose the Bank to enhanced liquidity risk in times of financial distress.
Adverse changes to our credit ratings could limit our access to funding and increase our borrowing costs.
We are subject to interest rate risk.
The impact of interest rates on our mortgage banking business can have a significant impact on revenues.
Changes in interest rates could reduce the value of our investment securities holdings.
Changes in interest rates could reduce the value of our residential mortgage-related securities and MSRs.
We rely on dividends from our subsidiaries for most of our cash flow.
Operational Risks
We face significant operational risks due to the high volume and the high dollar value nature of transactions we process.
Unauthorized disclosure of sensitive or confidential client or customer information could severely harm our business.
Information security risks for financial institutions like us continue to increase because of various factors.
The integration of core systems and processes after acquisitions may create elevated risk of cyber incidents.
Any failures or disruptions to our third parties’ communications and information systems and networks could materially and adversely affect our business.
Failure to meet industry standards regarding credit card-related services may significantly impact our ability to offer these services.
Compliance with the evolving laws related to the handling of information about individuals involves significant expenditure and resources, and any failure to comply may result in significant liability, negative publicity, and/or an erosion of trust.
The use of AI in connection with our business and operations contains inherent risks that may expose us to material harm and any actual or perceived failure to comply with evolving regulatory frameworks around the development and use of AI could adversely affect our business, results of operations, and financial condition.
We are dependent upon third parties for certain information system, data management and processing services, and to provide key components of our business infrastructure.
The potential for business interruption exists throughout our organization.
Changes in the federal, state, or local tax laws may negatively impact our financial performance.
Impairment of investment securities, goodwill, other intangible assets, or DTAs could require charges to earnings, which could result in a negative impact on our results of operations.
Failure to appropriately administer or manage our investment management and asset servicing businesses properly could put the related earnings at risk.
Climate-related risks could adversely affect our business and performance.
Severe weather, natural disasters, public health issues, civil unrest, acts of war or terrorism, and other external events could significantly impact our ability to conduct business.
Strategic and External Risks
Significant changes to the size, structure, powers and operations of the federal government may cause economic disruptions that could, in turn, adversely impact our business, results of operations and financial condition.
Our financial condition and results of operations could be negatively affected if we fail to grow or fail to manage our growth effectively.
We operate in a highly competitive industry and market area.
Fiscal challenges facing the U.S. government could negatively impact financial markets which in turn could have an adverse effect on our financial position or results of operations.
Consumers may decide not to use banks to complete their financial transactions.
Our profitability depends significantly on economic conditions in the states within which we do business.
The earnings of financial services companies are significantly affected by general business and economic conditions.
New lines of business or new products and services may subject us to additional risk.
Failure to keep pace with technological change could adversely affect our business.
We may be adversely affected by risks associated with potential and completed acquisitions.
Acquisitions may be delayed, impeded, or prohibited due to regulatory issues.
We may not be able to successfully integrate American National or to realize the anticipated benefits of the acquisition.
Legal, Regulatory, Compliance and Reputational Risks
We are subject to extensive government regulation and supervision.
The Bank faces risks related to the adoption of future legislation and potential changes in federal regulatory agencies.
Non-compliance with the USA PATRIOT Act, BSA or other laws and regulations could result in fines or sanctions.
The failures of several banks in 2023 resulted in agency rulemaking activities and changes in agency policies and priorities that have subjected certain financial institutions to enhanced government regulation and supervision.
Changes in requirements relating to the standard of conduct for broker-dealers under applicable federal and state law may adversely affect our business.
Compliance with CFPB initiatives may impact the business operations for offering consumer financial products or services.
The Bank is periodically examined for mortgage-related issues.
We may experience unanticipated losses as a result of residential mortgage loan repurchase or reimbursement obligations under agreements with secondary market purchasers.
Fee revenues from overdraft protection programs constitute a significant portion of our noninterest income and may become subject to increased supervisory scrutiny.
We are subject to examinations and challenges by tax authorities.
We are subject to claims and litigation pertaining to fiduciary responsibility.
We may be a defendant in a variety of litigation and other actions.
Negative publicity could damage our reputation.
Ethics or conflict of interest issues could damage our reputation.
Risks Related to an Investment in Our Securities
The price of our securities can be volatile.
There may be future sales or other dilution of our equity, which may adversely affect the market price of our securities.
We may reduce or eliminate dividends on our common stock.
Common stock is equity and is subordinate to our existing and future indebtedness and preferred stock and effectively subordinated to all the indebtedness and other non-common equity claims against our subsidiaries.
Our articles of incorporation, bylaws, and certain banking laws may have an anti-takeover effect.
An investment in our common stock is not an insured deposit.
General Risk Factors
Changes in our accounting policies or in accounting standards could materially affect how we report our financial results.
Our internal controls may be ineffective.
We may not be able to attract and retain skilled people.
Loss of key colleagues may disrupt relationships with certain customers.
PART I
ITEM 1.
Business
General
Associated Banc-Corp is a bank holding company registered pursuant to the BHC Act. Our bank subsidiary, Associated Bank, traces its history back to the founding of the Bank of Neenah in 1861. We were incorporated in Wisconsin in 1964 and were inactive until 1969 when permission was received from the Federal Reserve to acquire three banks. At December 31, 2025, we owned one nationally chartered commercial bank headquartered in Green Bay, Wisconsin, which serves local communities across the upper Midwest, one nationally chartered trust company headquartered in Milwaukee, Wisconsin, and 12 limited purpose banking and nonbanking subsidiaries either located in or conducting business primarily in our four-state branch footprint (Wisconsin, Illinois, Minnesota, and Missouri) that are closely related or incidental to the business of banking or financial in nature. Measured by total assets reported at December 31, 2025, we are the largest bank holding company headquartered in Wisconsin.
Services
Through Associated Bank and various nonbanking subsidiaries, we provide a broad array of banking and nonbanking products and services to individuals and businesses through 184 banking branches as of December 31, 2025, serving more than 100 communities, primarily within our four-state branch footprint. Our business is primarily relationship-driven and is organized into three reportable segments: Corporate and Commercial Specialty; Community, Consumer, and Business; and Risk Management and Shared Services.
See Note 20 Segment Reporting of the notes to consolidated financial statements in Part II, Item 8, Financial Statements and Supplementary Data, for additional information concerning our reportable segments.
We are not dependent upon a single or a few customers, the loss of which would have a material adverse effect on us.
Human Capital Matters
We are very fortunate to have a team of approximately 4,000 colleagues at December 31, 2025 who are capable, determined and empowered to drive our company forward. None of our colleagues are represented by unions.
We believe attracting and retaining talent in a highly competitive candidate market fuels our ability to serve our customers and support our communities. We are focused on sourcing talent from all backgrounds through engagement with workforce development programs, partnerships with various organizations, and active campus recruitment. As a result, we were able to hire 675 external candidates in 2025. At the same time, in 2025, we had low voluntary turnover of 12% while 21% of colleagues advanced their careers at the Corporation through nearly 853 internal promotions or lateral moves. At December 31, 2025, the average tenure of our workforce was 8.8 years while the average tenure of our executive leadership team was 11.0 years.
Through internal and external training and development programs, we aim to help our colleagues improve their skills so they can achieve their career goals and transition to more challenging roles.
• Beginning in 2024, the Corporation initiated quarterly progress reviews for all colleagues designed to enhance colleague development, growth, and performance through consistent coaching and feedback.
• In 2024, we introduced significant training and resources for development and career planning to include new leadership development programs and workshops for both leaders and colleagues.
• During 2025, we completed over 280 individual career coaching sessions and offered nearly 70 hours of training to assist colleagues in creating meaningful performance and development objectives.
By strengthening our workforce and providing opportunities for colleagues to apply their talent and grow as professionals, we strive to foster pride in working for Associated and to be recognized as the employer of choice among Midwestern financial services firms.
Colleague engagement is a focus for our company. During 2025, 90% of our colleagues provided feedback through an annual workplace survey conducted by a third-party on key topics related to the overall health and culture of the organization. The survey respondent percentage is well above the average response rate for commercial banks. For the ninth year in a row, we received more than 8,000 colleague comments, including 9,500 in 2025, which we believe demonstrates that colleagues are interested in, and comfortable with, sharing candid feedback.
We are pleased to support total health and well-being through a variety of benefits, programs, activities, and educational opportunities throughout the year. Our dedicated Total Well-being team provides free and confidential health coaching while a 24/7/365 Employee Assistance Program (EAP) provides access to complimentary counseling services, financial coaching, and a variety of additional resources to support the unique needs of our colleagues and their families (e.g. elder, adult, child, family support and legal services). Additionally, our comprehensive Total Well-being platform provides all colleagues with an opportunity to earn incentives throughout the year for participating in activities, challenges, and educational opportunities. As of December 31, 2025:
• Nearly 2,700 colleagues and spouses participated in an annual wellness visit with a primary care provider.
• Nearly 1,884 colleagues received a well-being reimbursement for the purchase of items such as gym memberships, home fitness equipment, and/or fitness tracking devices. The total value for well-being reimbursements was over $340,000.
• Over 1,454 colleagues earned incentives through our Total Well-being program totaling over $180,000.
We regularly review our Total Rewards programs so that we are offering a total rewards package (including salary, incentives, benefits, and well-being opportunities) that we believe is fair, equitable, and competitive in our marketplace.
We believe our success begins and ends with people. For this reason, fostering a culture where people feel valued, respected, and comfortable sharing ideas and perspectives is a core focus of the Corporation. Our culture is anchored in the belief that we are better together, and great ideas can come from anywhere in the Corporation.
We are committed to nurturing an inclusive culture that is centered around providing equal opportunity to our colleagues (regardless of background), responding to community and customer needs, and producing exceptional value for our shareholders. Business lines are focused on fostering a culture of belonging and inclusion among our colleagues in support of equal opportunity. Our efforts are supported by the work of our seven CRGs. These groups, which are open to all employees,
are centered on development, colleague growth, and community involvement. Our CRG members contribute to discussions around workforce development, workplace culture, policies and programs, and marketplace practices.
• During 2025, CRGs hosted more than 100 events that focused on support of our business strategy, professional development, talent recruitment, and community involvement.
Our commitment to our communities goes beyond providing banking services. We use our expertise and financial resources to support communities in accordance with the CRA requirements. These initiatives and investments create opportunities for individuals, families, and businesses to fully participate in and share the rewards of building economic stability in our communities.
Competition
The financial services industry is highly competitive. We compete for loans, deposits, and financial services in all of our principal markets. We compete directly with other bank and nonbank institutions located within our markets, internet-based banks, out-of-market banks and bank holding companies that advertise or otherwise serve our markets, money market funds and other mutual funds, brokerage houses, and various other financial institutions. Additionally, we compete with insurance companies, leasing companies, regulated small loan companies, credit unions, governmental agencies, and commercial entities offering financial services products, including nonbank lenders and financial technology companies, including those related to cryptocurrencies (including stablecoins). Competition involves, among other things, efforts to retain current customers and to obtain new loans and deposits, the scope and types of services offered, interest rates paid on deposits and charged on loans, as well as other aspects of banking. We also face direct competition from subsidiaries of bank holding companies that have far greater assets and resources than ours.
Strategic Transactions
On November 30, 2025, the Corporation entered into a definitive agreement under which American National will merge into Associated Banc-Corp. Under the terms of the merger agreement, American National shareholders will receive 36.250 shares of Associated stock for each share of American National stock. The all-stock, fixed exchange ratio transaction is valued at approximately $604 million based on Associated's closing stock price of $26.29 as of November 28, 2025. The Board of Directors of both Associated and American National have unanimously approved the transaction. American National's two primary shareholders, who together own 99% of American National, have voted to approve the transaction and have entered into transfer, voting and registration rights agreements. The transaction is expected to close in the second quarter of 2026 subject to customary closing conditions including the receipt of regulatory approvals.
Supervision and Regulation
Overview
The Corporation and its banking and nonbanking subsidiaries are subject to extensive regulation and oversight both at the federal and state levels. The second Trump Administration has implemented significantly different policies from the Biden Administration, including new proposed regulations and rescissions or withdrawals of previous guidance, and sharply reduced the workforce at the federal banking agencies. The cumulative impact of these changes, and whether they will last over time, is unclear. The following is an overview of the statutory and regulatory framework that affects the business of the Corporation and our subsidiaries.
BHC Act Requirements
As a registered bank holding company under the BHC Act, we are regulated, supervised, and examined by the Federal Reserve. In connection with applicable requirements, bank holding companies file periodic reports and other information with the Federal Reserve. The BHC Act governs the activities that are permissible for bank holding companies and their affiliates and permits the Federal Reserve, in certain circumstances, to issue cease and desist orders and other enforcement actions against bank holding companies and their nonbanking affiliates to correct and curtail unsafe or unsound banking practices. Under the Dodd-Frank Act and longstanding Federal Reserve policy, bank holding companies are required to act as a source of financial strength to each of their banking subsidiaries pursuant to which such holding company may be required to commit financial resources to support such subsidiaries in circumstances when, absent such requirements, they might not otherwise do so. The BHC Act further regulates holding company activities, including requirements and limitations relating to capital, transactions with officers, directors and affiliates, securities issuances, dividend payments, inter-affiliate liabilities, extensions of credit, and expansion through mergers and acquisitions.
The BHC Act allows certain qualifying bank holding companies that elect treatment as “financial holding companies” to engage in activities that are financial in nature and that explicitly include the underwriting and sale of insurance. The Parent Company thus far has not elected to be treated as a financial holding company. Bank holding companies that have not elected such treatment generally must limit their activities to banking activities and activities that are closely related to banking.
Regulation of Associated Bank and Trust Company Subsidiaries
Associated Bank and our nationally-chartered trust company subsidiary are regulated, supervised and examined by the OCC. The OCC has primary supervisory and regulatory authority over the operations of Associated Bank and the Corporation's trust company subsidiary. As part of this authority, Associated Bank and our trust company subsidiary are required to file periodic reports with the OCC and are subject to regulation, supervision and examination by the OCC. To support its supervisory function, the OCC has the authority to assess and charge fees on all national banks according to a set fee schedule. For the assessment collection on September 30, 2025, the OCC reduced the marginal rates in the general assessment fee schedule for banks with assets above $40 billion, such as Associated Bank, by 22 percent. On December 1, 2025, the OCC announced that it is maintaining the assessment rates adopted on September 30, 2025, for the 2026 calendar year.
Associated Bank, our only subsidiary that accepts insured deposits, is also subject to examination by the FDIC under certain conditions. Under the Dodd-Frank Act, the FDIC has backup enforcement authority over a depository institution holding company, such as the Parent Company, if the conduct or threatened conduct of such holding company poses a risk to the DIF, although such authority may not be used if the holding company is generally in sound condition and does not pose a foreseeable and material risk to the DIF.
We are subject to the enforcement and rule-making authority of the CFPB regarding consumer financial products. The CFPB has the authority to create and enforce consumer protection rules and regulations and has the power to examine us for compliance with such rules and regulations. The CFPB has the authority to prohibit “unfair, deceptive or abusive” acts and practices. The CFPB has examination and enforcement authority over all banks with more than $10 billion in assets. For additional information, please refer to Item 1— Business — Supervision and Regulation — Consumer Financial Services Regulations.
Standards for Safety and Soundness
The federal banking agencies have adopted the Interagency Guidelines for Establishing Standards for Safety and Soundness (the “Guidelines”). The Guidelines establish certain safety and soundness standards for all depository institutions. The operational and managerial standards in the Guidelines relate to the following: (1) internal controls and information systems; (2) internal audit systems; (3) loan documentation; (4) credit underwriting; (5) interest rate exposure; (6) asset growth; (7) compensation, fees and benefits; (8) asset quality; and (9) earnings. Rather than providing specific rules, the Guidelines set forth basic compliance considerations and guidance with respect to a depository institution. Failure to meet the standards in the Guidelines, however, could result in a request by the OCC for a written compliance plan to demonstrate efforts to come into compliance with such Guidelines. Failure to provide and implement a plan requires the appropriate federal banking agency to issue an order to the institution requiring compliance.
Corporate and Risk Governance
Corporate and risk governance oversight is a core supervisory function of the federal banking agencies, including the OCC. We are required, as a supervisory matter, to implement an effective corporate and risk governance framework commensurate with our size, complexity and risk profile. Fundamental components of this framework include the authorities and responsibilities of directors and senior managers to govern the operations and structure of the Corporation and the Bank, as well as the implementation and management of systems and processes designed to identify, measure, monitor and control the risks to the organization, including strategic, compliance and operational risks.
National banks with at least $50 billion in total assets are currently subject to heightened standards for, among other things, the implementation of risk governance frameworks addressing credit risk, interest rate risk, liquidity risk, price risk, operational risk, compliance risk, strategic risk, and reputation risks.
The heightened standards require those national banks to establish and adhere to a written governance framework in order to manage and control their risk-taking activities and to incorporate their risk appetite statement and concentration risk limits into capital and liquidity stress. On December 23, 2025, the OCC issued a notice of proposed rulemaking that would increase the threshold at which the heightened standards apply from $50 billion to $700 billion in total assets. The Bank is not presently subject to the OCC's heightened standards but, if our proposed acquisition of American National closes and causes the Bank's average total consolidated assets to exceed $50 billion, would become subject to the OCC's heightened standards until the OCC's proposal to increase the threshold becomes effective.
Further, the federal banking agencies have in previous years increased their focus on banks’ third-party risk management controls and practices. The federal banking agencies, including the OCC, adopted interagency guidance on risk management of third-party relationships. The guidance applies broadly to any business agreement between a banking organization and another entity, by contract or otherwise (including affiliated entities), and it requires banking organizations to analyze the risks associated with each third-party relationship and establish effective governance and risk management processes for all stages of a third-party relationship, including planning, due diligence and third-party selection, contract negotiation, ongoing monitoring, and termination.
On July 25, 2024, the federal banking agencies, including the OCC, issued a joint statement on banks’ arrangements with third parties to deliver bank deposit products and services. The joint statement identifies potential risks related to arrangements between banks and third parties to deliver bank deposit products and services to customers and provides examples of risk management practices to manage such risks.
Banking Acquisitions
We are required to obtain prior Federal Reserve approval before acquiring more than 5 percent of the voting shares, or substantially all of the assets, of a bank holding company, bank or savings association. In addition, the prior approval of the OCC is required for a national bank to merge with another bank or purchase the assets or assume the deposits of another bank. In determining whether to approve a proposed bank acquisition, federal bank regulators will consider, among other factors, the effect of the acquisition on competition, the public benefits expected to be received from the acquisition, the projected capital ratios and levels on a post-acquisition basis, and the acquiring institution’s record of addressing the credit needs of the communities it serves, including the needs of LMI neighborhoods, consistent with the safe and sound operation of the bank, under the CRA.
The standards by which bank and financial institution acquisitions are evaluated may be subject to change. In September 2024, the OCC adopted a final rule and policy statement regarding its review of BMA applications for OCC-supervised institutions, including the Bank. In May 2025, the OCC adopted a final rule that restored the ability for BMA applicants to file a streamlined application form for certain types of acquisitions and the expedited review process for BMA applications, which had been removed by the 2024 final rule, and rescinded the 2024 policy statement. The FDIC similarly adopted a final statement of policy in September 2024 but rescinded the 2024 statement of policy in May 2025. Concurrent with the FDIC and OCC issuances of revised policy statements in 2024, the DOJ withdrew from its 1995 Bank Merger Guidelines and announced that it would consider bank mergers under its 2023 Merger Guidelines, which are not industry specific, as well as under a separate, recently adopted bank merger addendum. Unlike the FDIC and OCC, the DOJ has not reinstated the guidance that was in effect prior to 2024.
Banking Subsidiary Dividends
The Parent Company is a legal entity separate and distinct from the Bank and other nonbanking subsidiaries. A substantial portion of our cash flow comes from dividends paid to us by Associated Bank. The OCC’s prior approval of the payment of dividends by Associated Bank to the Parent Company is required only if the total of all dividends declared by the Bank in any calendar year exceeds the sum of the Bank’s retained net income for that year and its retained net income for the preceding two calendar years, less any required transfers to surplus. Federal law prohibits national banks from paying dividends that would be greater than the bank’s undivided profits after deducting statutory bad debt in excess of the bank’s allowance for loan losses. In addition, under the FDICIA, an IDI, such as the Bank, is prohibited from making capital distributions, including the payment of dividends, if, after making such distribution, the institution would become “undercapitalized” as such term is used in the FDICIA.
Holding Company Dividends
In addition, the Corporation and the Bank are subject to various general regulatory policies and requirements relating to the payment of dividends, including requirements to maintain adequate capital above regulatory minimums. The appropriate federal regulatory authority is authorized to determine under certain circumstances relating to the financial condition of a bank or bank holding company that the payment of dividends would be an unsafe or unsound practice and to prohibit payment thereof. Under the Dodd-Frank Act and the requirements of the Federal Reserve, the Parent Company, as a bank holding company, is required to serve as a source of financial strength to the Bank and to commit resources to support the Bank. Consistent with its source of strength policy, the Federal Reserve has stated that, as a matter of prudent banking, a bank holding company should not maintain a level of cash dividends to its shareholders that places undue pressure on the capital of its bank subsidiaries, or that can be funded only through additional borrowings or other arrangements that may undermine the bank holding company’s ability to serve as a source of strength. The appropriate federal regulatory authorities have indicated that paying dividends that
deplete a bank’s capital base to an inadequate level would be an unsafe and unsound banking practice and that banking organizations should generally pay dividends only out of current operating earnings.
Capital Requirements
We are subject to various regulatory capital requirements both at the Parent Company and at the Bank level administered by the Federal Reserve and the OCC, respectively. Failure to meet minimum capital requirements could result in certain mandatory and possible additional discretionary actions by regulators that, if undertaken, could have an adverse material effect on our financial condition and results of operations. Under capital adequacy guidelines and the regulatory framework for prompt corrective action (described below), we must meet specific capital guidelines that involve quantitative measures of our assets, liabilities, and certain off-balance sheet items as calculated under regulatory accounting policies. Our capital amounts and classification are subject to judgments by the regulators regarding qualitative components, risk weightings, and other factors.
The Federal Reserve, the OCC and the FDIC have adopted risk-based capital regulations implementing certain provisions of the Dodd-Frank Act and Basel III. In general, subject to certain exceptions as discussed further below, minimum capital standards established under the risk-based capital regulations include a CET1 capital to risk-weighted assets ratio of 4.5 percent, a Tier 1 capital to risk-weighted assets ratio of 6.0 percent, a total capital to risk-weighted assets ratio of 8.0 percent, and a Tier 1 capital to adjusted average total assets leverage ratio of 4.0 percent. In determining the amount of risk-weighted assets for purposes of calculating risk-based capital ratios, all assets, including certain off-balance sheet assets (for example, recourse obligations, direct credit substitutes and residual interests) are multiplied by a risk-weight factor assigned by the regulations based on the risks believed inherent in the type of asset. Higher levels of capital are required for asset categories believed to present greater risk. CET1 capital is generally defined as common shareholders’ equity and retained earnings. Tier 1 capital is generally defined as CET1 and additional Tier 1 capital. Additional Tier 1 capital includes certain noncumulative perpetual preferred stock and related surplus and minority interests in equity accounts of consolidated subsidiaries. Total capital includes Tier 1 capital (CET1 capital plus additional Tier 1 capital) and Tier 2 capital. Tier 2 capital is comprised of capital instruments and related surplus, meeting specified requirements, and may include cumulative preferred stock and long-term perpetual preferred stock, mandatory convertible securities, intermediate preferred stock and subordinated debt. Also included in Tier 2 capital is the ACL limited to a maximum of 1.25 percent of risk-weighted assets.
Calculation of all types of regulatory capital is subject to deductions and adjustments specified in the regulations. In assessing an institution’s capital adequacy, the OCC takes into consideration not only these numeric factors, but qualitative factors as well, and has the authority to establish higher capital requirements for individual institutions where deemed necessary.
In addition to establishing the minimum regulatory capital requirements, the capital regulations limit capital distributions and certain discretionary bonus payments to management if the institution does not hold a capital conservation buffer consisting of 2.5 percent of CET1 capital to risk-weighted assets above the amount necessary to meet its minimum risk-based capital requirements.
The federal banking agencies have provided certain forms of relief to banking organizations that are not subject to the capital regulation's advanced approaches, such as the Corporation. For instance, non-advanced approaches institutions are subject to simpler regulatory capital requirements for MSAs, certain DTAs arising from temporary differences, investments in the capital of unconsolidated financial institutions, and requirements for the amount of capital issued by a consolidated subsidiary of a banking organization and held by third parties (sometimes referred to as a minority interest) that is includable in regulatory capital.
Such institutions may deduct from CET1 capital any amount of MSAs, temporary difference DTAs, and investments in the capital of unconsolidated financial institutions that individually exceeds 25 percent of CET1 capital.
On July 27, 2023, the federal banking agencies issued a proposed rule to implement the final components of the Basel III standards set by the Basel Committee on Banking Supervision in 2017. In light of the adverse reaction to the proposal, the Federal Reserve announced that it would publish a re-proposal of its regulations finalizing the Basel III standards. That re-proposal is expected in early 2026. The extent to which the re-proposal would impact institutions of the Corporation's size is unknown since the original proposal applied to bank holding companies of $100 billion or more.
We continue to exceed all capital requirements necessary to be deemed “well-capitalized” for all regulatory purposes under the capital regulations. For further detail on capital and capital ratios, see discussion under the Liquidity and Capital sections under Part II, Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations, and under Part II, Item 8, Financial Statements and Supplementary Data, Note 18 Regulatory Matters of the notes to consolidated financial statements.
Current Expected Credit Loss Treatment
Under the CECL model, we are required to present certain financial assets carried at amortized cost, such as loans held for investment and HTM securities, at the net amount expected to be collected. The measurement of expected credit losses is to be based on information about past events, including historical experience, current conditions, and reasonable and supportable forecasts that affect the collectability of the reported amount. The federal banking regulators have issued final rules providing financial institutions with the option to delay the estimated impact on regulatory capital stemming from the CECL model. As permitted under applicable regulations, the Corporation elected to delay the estimated impact of adopting CECL on its regulatory capital through December 31, 2021 and then phase in the estimated cumulative impact from January 1, 2022 through December 31, 2024. The deferral impacts began to phase in at 25% per year from January 1, 2022, were phased-in at 75% from January 1, 2024 and were fully phased-in from January 1, 2025.
Capital Planning and Stress Testing Requirements
As a result of the Economic Growth Act and related OCC rulemaking, the asset threshold for IDIs to conduct and report to their primary federal bank regulators company-run stress tests, as well as to comply with leverage limits, liquidity requirements, and resolution planning requirements, was raised from $10 billion to $250 billion in total consolidated assets and the Bank is no longer subject to Dodd-Frank Act stress testing requirements. The Economic Growth Act provided that bank holding companies under $100 billion in assets were no longer subject to stress testing requirements. Moreover, Section 214 of the Economic Growth Act and its implementing regulation prohibit the federal banking agencies from requiring the Bank to assign a heightened risk weight to certain HVCRE ADC loans as previously required under the Basel III capital rules. Notwithstanding these regulatory amendments, the federal banking agencies indicated through interagency guidance that the capital planning and risk management practices of institutions with total assets less than $100 billion would continue to be reviewed through the regular supervisory process. Although the Corporation will continue to monitor and stress test its capital consistent with the safety and soundness expectations of the federal regulators, the Corporation no longer publishes stress testing results as a result of the legislative and regulatory amendments.
Enforcement Powers of the Federal Banking Agencies; Prompt Corrective Action
The Federal Reserve, the OCC, and the CFPB have extensive supervisory authority over their regulated institutions, including, among other things, the power to compel higher reserves, the ability to assess civil money penalties, the ability to issue non-public memorandums of understanding, the ability to issue cease-and-desist or removal orders and the ability to initiate injunctive actions. In general, these enforcement actions may be initiated for violations of laws and regulations or for unsafe or unsound banking practices. Other actions or inactions by the Parent Company may provide the basis for enforcement action, including misleading or untimely reports.
Federal banking regulators are authorized and, under certain circumstances, required to take certain actions against banks that fail to meet their capital requirements. The federal banking agencies have additional enforcement authority with respect to undercapitalized depository institutions.
“Well-capitalized” institutions may generally operate without supervisory restriction. “Adequately capitalized” institutions cannot normally pay dividends or make any capital contributions that would leave them undercapitalized; they cannot pay a management fee to a controlling person if, after paying the fee, they would be undercapitalized; and they cannot accept, renew or roll over any brokered deposit unless the bank has applied for and been granted a waiver by the FDIC.
The federal banking agencies are required to take action to restrict the activities of an “undercapitalized,” “significantly undercapitalized,” or “critically undercapitalized” IDI. Any such bank must submit a capital restoration plan that is guaranteed by the parent holding company. Until such plan is approved, it may not increase its assets, acquire another institution, establish a branch or engage in any new activities, and generally may not make capital distributions. In certain situations, a federal banking agency may reclassify a well-capitalized institution as adequately capitalized and may require an adequately capitalized or undercapitalized institution to comply with supervisory actions as if the institution were in the next lower category.
Institutions must file a capital restoration plan with the OCC within 45 days of the date it receives a notice from the OCC that it is “undercapitalized,” “significantly undercapitalized,” or “critically undercapitalized.” Compliance with a capital restoration plan must be guaranteed by a parent holding company. In addition, the OCC is permitted to take any one of a number of discretionary supervisory actions, including but not limited to the issuance of a capital directive and the replacement of senior executive officers and directors.
Finally, bank regulatory agencies have the ability to impose higher than normal capital requirements known as individual minimum capital requirements for institutions with a high-risk profile.
At December 31, 2025, the Bank satisfied the capital requirements necessary to be deemed “well-capitalized.” In the event of a change to this status, the imposition of any of the measures described above could have a material adverse effect on the
Corporation and on its profitability and operations. The Corporation’s shareholders do not have preemptive rights and, therefore, if the Corporation is directed by the OCC or the FDIC to issue additional shares of common stock, such issuance may result in dilution in shareholders’ percentage of ownership of the Corporation.
Deposit Insurance Premiums
Associated Bank pays an insurance premium to the FDIC based upon its assessment rates on a quarterly basis. Deposits are insured up to applicable limits by the FDIC and such insurance is backed by the full faith and credit of the United States Government.
Under the Dodd-Frank Act, a permanent increase in deposit insurance was authorized to $250,000 per depositor, per IDI for each account ownership category.
This insurance is funded through assessments on the Bank and other IDIs. Each bank's assessment base is determined based on its average consolidated total assets less average tangible equity, and there is a scorecard method for calculating assessments that combines CAMELS (an acronym that refers to the five components of a bank's condition that are addressed: capital adequacy, asset quality, management, earnings, and liquidity) ratings and specified forward-looking financial measures to determine each institution's risk to the DIF.
The FDIC has the flexibility to adopt actual rates that are higher or lower than the total base assessment rates adopted without notice and comment, if certain conditions are met.
In 2022, the FDIC adopted a final rule, applicable to all IDIs, to increase base deposit insurance assessment rate schedules uniformly by 2 bp beginning in the first quarterly assessment period of 2023. The increase was instituted to account for extraordinary growth in insured deposits during the first and second quarters of 2020, which caused a substantial decrease in the DIF reserve ratio. The new assessment rate schedules are expected to remain in effect until the DIF reserve ratio meets or exceeds 2 percent.
In 2023, the FDIC issued a final rule to implement a special assessment to recover the loss to the DIF associated with protecting uninsured depositors following the closure of SVB and SBNY. Under the final rule, the assessment base for an IDI is equal to the institution’s estimated uninsured deposits as of December 31, 2022, adjusted to exclude the first $5 billion in estimated uninsured deposits. The FDIC started collecting the special assessment at an annual rate of 13.4 bp beginning with the first quarterly assessment period of 2024. The FDIC anticipates collecting special assessments for a total of eight quarterly assessment periods. On December 16, 2025, the FDIC issued an interim final rule that would reduce the special assessment rate for the eighth collection quarter from 3.36 bp to 2.97 bp. Under the interim final rule, upon termination of the receiverships, the FDIC will either provide an offset to regular quarterly deposit insurance assessments for IDIs subject to the special assessment if the amount collected exceeds losses or collect from IDIs subject to the special assessment a one-time final shortfall special assessment if at the of the receiverships exceed the amount collected.
The FDIC is authorized to conduct examinations of and require reporting by FDIC-insured institutions. It is authorized to terminate a depository bank’s deposit insurance upon a finding by the FDIC that the bank’s financial condition is unsafe or unsound or that the institution has engaged in unsafe or unsound practices or has violated any applicable rule, regulation, order or condition enacted or imposed by the bank’s regulatory agency. The termination of deposit insurance for the Bank would have a material adverse effect on our earnings, operations and financial condition.
Historically, deposit insurance premiums we have paid to the FDIC have been deductible for federal income tax purposes; however, the Tax Act disallows the deduction of such premium payments for banking organizations with total consolidated assets of $50 billion or more. For banks with less than $50 billion in total consolidated assets, such as ours, the premium deduction is phased out based on the proportion of a bank’s assets exceeding $10 billion. The Corporation anticipates that the Bank's total consolidated assets will exceed $50 billion upon the completion of its proposed acquisition of American National.
Brokered Deposits
The FDI Act and FDIC regulations limit the ability of an IDI, such as the Bank, to accept, renew or roll over brokered deposits unless the bank is well-capitalized under the prompt corrective action framework described above, or unless it is adequately capitalized and obtains a waiver from the FDIC. In addition, less than well-capitalized banks are subject to restrictions on the interest rates they may pay on deposits. The characterization of deposits as brokered may result in the imposition of higher deposit assessments on such deposits. The FDIC's regulations include a limited exception for reciprocal deposits for IDIs that have a composite condition of outstanding or good in the IDI's most recent examination and well-capitalized (or adequately capitalized and have obtained a waiver from the FDIC as mentioned above). Under the limited exception, IDIs that qualify, like the Bank, are able to exclude from treatment as "brokered" deposits up to the lesser of $5 billion or 20 percent of the bank's
total liabilities in reciprocal deposits (which is defined as deposits received by a bank through a deposit placement network with the same maturity (if any) and in the same aggregate amount as deposits placed by the bank in other network member banks).
Transactions with Affiliates and Insiders
Transactions between the Bank and its related parties or any affiliate are governed by Sections 23A and 23B of the Federal Reserve Act. An affiliate is any company or entity, which controls, is controlled by or is under common control with the bank. In a holding company context, at a minimum, the parent holding company of a national bank, and any companies that are controlled by such parent holding company, are affiliates of the bank. Generally, Sections 23A and 23B (i) limit the extent to which an institution or its subsidiaries may engage in “covered transactions” with any one affiliate to an amount equal to 10 percent of such institution’s capital stock and surplus, and contain an aggregate limit on all such transactions with all affiliates to an amount equal to 20 percent of such capital stock and surplus, and (ii) require that all such transactions be on terms substantially the same, or at least as favorable, to the institution or subsidiary as those provided to a nonaffiliate. The term “covered transaction” includes the making of loans, purchase of assets, issuance of a guarantee and similar types of transactions. Certain types of covered transactions must be collateralized according to a schedule set forth in the statute based on the type of collateral.
Certain transactions with our directors, officers or controlling persons are subject to conflicts of interest regulations. Among other things, these regulations require that loans to such persons and their related interests be made on terms substantially the same as for loans to unaffiliated individuals and must not create an abnormal risk of repayment or other unfavorable features for the financial institution. See Note 3 Loans of the notes to consolidated financial statements in Part II, Item 8, Financial Statements and Supplementary Data, for additional information on loans to related parties.
Community Reinvestment Act Requirements
The Bank is subject to periodic CRA reviews by the OCC. The CRA does not establish specific lending requirements or programs for banks and does not limit the ability of such banks to develop products and services believed best-suited for a particular community. An institution’s CRA assessment may be used by its regulators in their evaluation of certain applications, including a merger, acquisition or the establishment of a branch office. An unsatisfactory rating may be used as the basis for denial of such an application. The Bank received an “Outstanding” CRA rating in its most recent evaluation.
On October 24, 2023, the federal banking agencies jointly issued a final rule to revise the existing CRA regulations. In July 2025, the federal banking agencies issued a joint notice of proposed rulemaking to rescind the October 2023 final rule and restore the CRA framework that existed previously, which has remained in effect due to a preliminary injunction that stayed implementation of the October 2023 rule.
Privacy, Data Protection, and Cybersecurity
The Corporation collects, shares, uses, stores and otherwise processes information that relates to individuals and/or constitutes “personal data,” “personal information,” “nonpublic personal information,” or similar terms under applicable data privacy laws. The Corporation and its service providers are subject to a number of U.S. federal, state, local and foreign laws and regulations, industry standards and other requirements relating to consumer privacy and data protection, including those that apply generally to the handling of personal information. Under privacy protection provisions of the GLBA and its implementing regulations and guidance, financial institutions, such as the Bank, are limited in their ability to disclose certain non-public information about consumers to nonaffiliated third parties. Such financial institutions are required by statute and regulation to notify consumers of their privacy policies and practices and, in some circumstances, allow consumers to prevent disclosure of certain personal information to a nonaffiliated third party. In addition, such financial institutions must appropriately safeguard their customers’ nonpublic, personal information. Consumers and, in some instances, state and federal regulators, must be notified in the event of a data breach under applicable state laws and federal regulations. The Corporation had no material data breaches in 2025 .
The changing privacy laws and regulations in the United States and elsewhere create new individual privacy rights and impose increased obligations on companies handling personal information, including the CCPA, as amended by the CPRA. While the CCPA does not apply to personal information collected, processed, sold or disclosed subject to the GLBA, the CCPA and other state laws apply to other personal information processed by the Corporation.
In addition, multiple states, Congress and regulators within and outside of the United States have adopted or are considering adopting similar laws or regulations which could create new individual privacy rights and impose additional obligations on the Corporation.
The federal banking agencies, including the OCC, have issued a rule imposing cybersecurity notification requirements for banking organizations and their service providers. Specifically, the rule requires banking organizations to notify their primary
federal regulator as soon as possible and no later than 36 hours after the discovery of a “ computer-security incident ” that rises to the level of a “ notification incident, ” as those terms are defined under the final rule.
The federal banking agencies have adopted guidelines for establishing information security standards and cybersecurity programs for implementing safeguards under the supervision of the board of directors. These guidelines, along with related regulatory materials, increasingly focus on risk management and processes related to information technology and the use of third parties in the provision of financial services. A financial institution should have a business continuity program to recover from a cyberattack and procedures for monitoring the security of third-party service providers that may have access to nonpublic data at the institution.
Further regulatory developments may impact the Corporation's data security- and privacy-related internal controls and risk profile. On October 22, 2024, the CFPB adopted a final rule regarding personal financial data rights that is designed to promote “open banking.” The final rule requires, among other things, that data providers, including any financial institution, make available to consumers and certain authorized third parties upon request certain covered transaction, account and payment information. However, in August 2025, the CFPB issued an advanced notice of proposed rulemaking to reconsider its final rule and, in October 2025, a district court issued a preliminary injunction preventing the CFPB from enforcing the final rule until the CFPB has completed its reconsideration of the rule.
The Corporation may be subject to rules and regulations promulgated under the authority of the Federal Trade Commission, which has the authority to regulate and enforce against unfair or deceptive acts or practices in or affecting commerce, including acts and practices with respect to data privacy and cybersecurity.
The Corporation is, or may become, subject to laws, regulations, and standards covering marketing, advertising and other activities conducted by telephone, email, mobile devices, and the internet, such as the TCPA, the CAN-SPAM Act, and similar state consumer protection and communication privacy laws, such as California's Invasion of Privacy Act.
The Corporation is subject to the FCRA, under which it is considered both a “ furnisher ” of consumer report information and a “ user ” of consumer reports provided by consumer reporting agencies. The FCRA regulates and protects consumer information collected by consumer reporting agencies and imposes specific obligations on “ furnishers ” and “ users ” of consumer report information. Such obligations include, among others, taking steps to ensure that consumer report information furnished to consumer reporting agencies is accurate and, as required, inaccurate or incomplete information is corrected or updated, restricting the sharing of information contained in a consumer report, notifying consumers when such reports are used to make an adverse decision or to close a consumer's account, and, in the context of completing employee background checks, providing a notice containing certain disclosures to the consumer and obtaining their consent. Under the regulations implementing the FCRA, “ furnishers ” of consumer report information are required to establish, implement and follow reasonable policies and procedures regarding the accuracy and integrity of information furnished to consumer reporting agencies.
Artificial Intelligence
CFPB and other federal regulatory guidance reiterates that creditors are not excused from the adverse action notice requirements under ECOA if they rely on complex algorithmic underwriting models. States have started to regulate the use of AI technologies. Of note, the California Privacy Protection Agency has finalized regulations under the CCPA regarding the use of automated decision making. California also enacted new laws that further regulate use of AI technologies and provide consumers with additional protections around companies’ use of AI technologies, such as requiring companies to disclose certain uses of generative AI, and other states have also passed AI-focused legislation. In addition, the New York State Department of Financial Services issued an industry letter on combating cybersecurity risks associated with AI.
In July 2024, the federal banking agencies, including the OCC, the Federal Reserve, and the FDIC, issued a final rule that requires, among other things, financial institutions to ensure that their automated valuation models for property valuation follow certain quality control standards, including a requirement that such valuation models comply with nondiscrimination laws.
On January 23, 2025, President Trump issued an Executive Order aimed at reducing barriers to AI innovation in the U.S. economy. The Order requires relevant persons and bodies within the federal government to develop an AI action plan to carry out this objective and revokes an AI-related Executive Order issued in 2023 by President Biden, as well as all corresponding policies, regulations, orders, directives and other actions taken in response to such Order.
Bank Secrecy Act / Anti-Money Laundering
The BSA, as amended by the Patriot Act and the Anti-Money Laundering Act of 2020, requires financial institutions to develop policies, procedures, and practices to prevent and deter money laundering, mandates that every national bank have a written, board-approved program that is reasonably designed to assure and monitor compliance with the BSA. The program must, at a
minimum: (1) provide for a system of internal controls to assure ongoing compliance; (2) provide for independent testing for compliance; (3) designate an individual responsible for coordinating and monitoring day-to-day compliance; (4) provide training for appropriate personnel; and (5) provide for appropriate risk-based procedures for conducting customer due diligence. In addition, national banks are required to adopt a customer identification program as part of their BSA compliance program. National banks are required to file SARs when they detect certain known or suspected violations of federal law or suspicious transactions related to money laundering activity or a violation of the BSA, to file reports on cash transactions exceeding specified thresholds, and to respond to certain requests for information by regulatory authorities and law enforcement agencies. The regulations implementing the BSA require financial institutions to establish risk-based procedures for conducting ongoing customer due diligence and procedures for understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile. In addition, FinCEN has promulgated customer due diligence and customer identification rules that require banks to identify and verify the identity of the beneficial owners of all legal entity customers (other than those that are excluded) at the time a new account is opened (other than accounts that are exempted).
Interstate Branching
National and state-chartered banks may open an initial branch in a state other than its home state (e.g., a host state) by establishing a de novo branch at any location in such host state at which a bank chartered in such host state could establish a branch. Applications to establish such branches must still be filed with the appropriate primary federal regulator.
Volcker Rule
Banks and their affiliates are prohibited from engaging in proprietary trading and investing in, sponsoring and having certain relationships with private funds such as hedge funds or private equity funds that would be considered an investment company for purposes of the Volcker Rule. The compliance requirements under regulations implementing the Volcker Rule are tailored based on the size and scope of trading activities. Because total trading assets and liabilities are maintained under $20 billion, the Corporation benefit from significantly reduced compliance obligations even though it remains subject to the modified rules and requirements related to covered funds.
Incentive Compensation Policies and Restrictions
The federal banking agencies have issued guidance on sound incentive compensation policies that applies to all banking organizations supervised by the agencies (thereby including both the Parent Company and the Bank). Pursuant to the guidance, to be consistent with safety and soundness principles, a banking organization’s incentive compensation arrangements should: (1) provide employees with incentives that appropriately balance risk and reward; (2) be compatible with effective controls and risk management; and (3) be supported by strong corporate governance including active and effective oversight by the banking organization’s board of directors. Monitoring methods and processes used by a banking organization should be commensurate with the size and complexity of the organization and its use of incentive compensation.
The Dodd-Frank Act required the federal banking agencies and the SEC to establish joint regulations or guidelines for financial institutions, such as the Bank, to prohibit incentive-based payment arrangements that encourage inappropriate risk taking by providing an executive officer, employee, director or principal shareholder with excessive compensation, fees, or benefits or that could lead to material financial loss to the entity. Despite numerous proposals, no regulation has been finalized.
Pursuant to SEC regulations, we adopted a “clawback” policy with respect to the recovery of incentive-based compensation paid to current or former executive officers in the event of material noncompliance with any financial reporting requirement under the securities laws. A copy of our clawback policy is attached as Exhibit 97 to this Annual Report on 10-K.
The Federal Reserve will review, as part of its standard, risk-focused examination process, the incentive compensation arrangements of financial institutions, such as the Corporation. These reviews will be tailored to each organization based on the scope and complexity of the organization’s activities and the prevalence of incentive compensation arrangements. Deficiencies will be incorporated into the organization’s supervisory ratings, which can affect the organization’s ability to make acquisitions and take other actions. Enforcement actions may be taken against a banking organization if its incentive compensation arrangements, or related risk-management control or governance processes, pose a risk to the organization’s safety and soundness and the organization is not taking prompt and effective measures to correct the deficiencies.
Consumer Financial Services Regulations
Federal and applicable state banking laws require us to take steps to protect consumers.
The CFPB is responsible for interpreting and enforcing federal consumer financial laws, as defined by the Dodd-Frank Act, that, among other things, govern the provision of deposit accounts along with mortgage origination and servicing. Some federal
consumer financial laws enforced by the CFPB include the ECOA, TILA, the Truth in Savings Act, the Home Mortgage Disclosure Act, RESPA, the Fair Debt Collection Practices Act, and the FCRA. The CFPB is authorized to prevent any institution under its authority from engaging in an unfair, deceptive, or abusive act or practice in connection with consumer financial products and services.
Under TILA as implemented by Regulation Z, mortgage lenders are required to make a reasonable and good faith determination based on verified and documented information that a consumer applying for a mortgage loan has a reasonable ability to repay the loan according to its terms. Mortgage lenders are required to determine consumers’ ATR in one of two ways. The first alternative requires the mortgage lender to consider the following eight underwriting factors when making the credit decision: (1) current or reasonably expected income or assets; (2) current employment status; (3) the monthly payment on the covered transaction; (4) the monthly payment on any simultaneous loan; (5) the monthly payment for mortgage-related obligations; (6) current debt obligations, alimony, and child support; (7) the monthly DTI ratio or residual income; and (8) credit history. Alternatively, the mortgage lender can originate QMs, which generally are mortgage loans without negative amortization, interest-only payments, balloon payments, or terms exceeding 30 years. QMs are entitled by rule to a presumption that the creditor making the loan satisfied the ATR requirements provided certain requirements are met. The Corporation is predominantly an originator of compliant QMs. The CFPB has implemented the TILA-RESPA Integrated Disclosure rules, which harmonize disclosure and certain regulatory compliance requirements required under those two statutes with respect to residential mortgage loans.
The CFPB has the authority to take supervisory and enforcement action against banks under its jurisdiction that fail to comply with federal consumer financial laws. The Bank is subject to the CFPB’s supervisory and enforcement authorities. The Dodd-Frank Act permits states to adopt stricter consumer protection laws and state attorneys general to enforce consumer protection rules issued by the CFPB. The Bank operates in a stringent consumer compliance environment and could incur additional costs related to consumer protection compliance, including but not limited to potential costs associated with CFPB examinations, regulatory and enforcement actions and consumer-oriented litigation. In previous years, the CFPB has been active in bringing enforcement actions to enforce consumer financial laws. The federal financial regulatory agencies, including the OCC, and states attorneys general also have been active in this area with respect to institutions over which they have jurisdiction. We have incurred and may in the future incur additional costs in complying with these requirements.
Other Regulations
The Bank is subject to a variety of other regulations with respect to the operation of its businesses, including but not limited to the Dodd-Frank Act, which among other restrictions placed limitations on the interchange fees charged for debit card transactions, TILA, Truth in Savings Act, ECOA, EFTA, Fair Housing Act, Home Mortgage Disclosure Act, Fair Debt Collection Practices Act, Expedited Funds Availability (Regulation CC), Reserve Requirements (Regulation D), Insider Transactions (Regulation O), Privacy of Consumer Information (Regulation P), Privacy of Consumer Financial Information and Safeguarding Personal Information (Regulation S-P), Margin Stock Loans (Regulation U), Right To Financial Privacy Act, Flood Disaster Protection Act, Homeowners Protection Act, Servicemembers Civil Relief Act, RESPA, Children’s Online Privacy Protection Act, and the John Warner NDAA.
The laws and regulations to which we are subject are constantly under review by Congress, the federal regulatory agencies, and the state authorities. These laws and regulations could be changed in the future, which could affect our profitability, our ability to compete effectively, or the composition of the financial services industry in which we compete.
Other Regulatory Authorities
In addition to regulation, supervision and examination by federal banking agencies, the Corporation and certain of its subsidiaries, including those that engage in securities brokerage, dealing and investment advisory activities, are subject to other federal and applicable state securities and other laws and regulations, and to supervision and examination by other regulatory authorities including the SEC, FINRA, NYSE, DOL and others.
Separately, in June 2019, the SEC adopted Regulation Best Interest, which, among other things, establishes a standard of conduct for a broker-dealer to act in the best interest of a retail customer when making a recommendation of any securities transaction or investment strategy involving securities to such customer. The rule requires us to review and possibly modify our compliance activities, which is causing us to incur some additional costs. In addition, state laws that impose a fiduciary duty may require monitoring, as well as require that we undertake other compliance measures.
Government Monetary Policies and Economic Controls
Our earnings and growth, as well as the earnings and growth of the banking industry, are affected by the credit policies of monetary authorities, including the Federal Reserve. An important function of the Federal Reserve is to regulate the national
supply of bank credit in order to combat recession and curb inflationary pressures. Among the instruments of monetary policy used by the Federal Reserve to implement these objectives are open market operations in U.S. government securities, changes in reserve requirements against member bank deposits, and changes in the Federal Reserve discount rate. These instruments are used in varying combinations to influence overall growth of bank loans, investments, and deposits, and may also affect interest rates charged on loans or paid for deposits. The monetary policies of the Federal Reserve authorities have had a significant effect on the operating results of commercial banks in the past and are expected to continue to have such an effect in the future.
In view of changing conditions in the national economy and in money markets, as well as the effect of credit policies by monetary and fiscal authorities, including the Federal Reserve, it is difficult to predict the impact of possible future changes in interest rates, deposit levels, and loan demand, or their effect on our business and earnings or on the financial condition of our various customers.
Available Information
We file annual, quarterly, and current reports, proxy statements, and other information with the SEC. These filings are available to the public on the Internet at the SEC’s web site at www.sec.gov.
Our principal internet address is www.associatedbank.com. We make available free of charge on or through our website our annual report on Form 10-K, quarterly reports on Form 10-Q, current reports on Form 8-K, and amendments to those reports filed or furnished pursuant to Section 13(a) or 15(d) of the Securities Exchange Act of 1934, as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC. In addition, shareholders may request a copy of any of our filings (excluding exhibits) at no cost by writing at Associated Banc-Corp, Attn: Investor Relations, 433 Main Street, Green Bay, WI 54301 or e-mailing us at investor.relations@associatedbank.com.
ITEM 1A.
Risk Factors
An investment in our common stock is subject to risks inherent to our business. The material risks and uncertainties that management believes affect us are described below. Before making an investment decision, you should carefully consider the risks and uncertainties described below, together with all of the other information included or incorporated by reference herein. The risks and uncertainties described below are not the only ones facing us. Additional risks and uncertainties that management is not aware of or focused on or that management currently deems immaterial may impair our business operations. This report is qualified in its entirety by these risk factors. See also, Special Note Regarding Forward-Looking Statements and Risk Factors Summary.
If any of the events described in the risk factors should actually occur, our financial condition and results of operations could be materially and adversely affected. If this were to happen, the value of our securities could decline significantly, and you could lose all or part of your investment.
Credit Risks
Changes and instability in economic conditions, geopolitical matters and financial markets, including a contraction of economic activity, could adversely impact our business, results of operations and financial condition.
Our success depends, to a certain extent, upon global, domestic and local economic and political conditions, as well as governmental monetary policies. Conditions such as changes in interest rates, money supply, levels of employment and other factors beyond our control may have a negative impact on economic activity. Any contraction of economic activity, including an economic recession, may adversely affect our asset quality, deposit levels and loan demand and, therefore, our earnings. In particular, interest rates are highly sensitive to many factors that are beyond our control, including global, domestic and local economic conditions and the policies of various governmental and regulatory agencies and, specifically, the Federal Reserve. Throughout 2022 and 2023, the FOMC raised the target range for the federal funds rate on eleven separate occasions, citing factors including the hardships caused by the ongoing Russia-Ukraine conflict, continued global supply chain disruptions and imbalances, and increased inflationary pressure. In the third and fourth quarters of 2024, however, the FOMC pivoted and lowered the federal funds rate from 5.50% to 4.50% based principally on reduced levels of inflation and labor market factors. The FOMC continued to lower the federal funds rate several times in 2025, with the federal funds rate reaching a target range of 3.50% to 3.75% at the FOMC’s December 10, 2025 meeting. The FOMC maintained these rates at its January 28, 2026 meeting.
As of December 31, 2025, various economic indicators suggested that real GDP had expanded solidly throughout 2025. The unemployment rate had increased, on net, but remained low relative to historic norms. Consumer price inflation, as measured by the 12-month change in the price index for personal consumption expenditures, decreased compared to its peak level in
2023, approaching the Federal Reserve’s two percent inflation objective. The U.S. economy had strong GDP growth, loosening of tight labor markets and slowed inflation in 2025.
While this positive growth may continue in 2026, external factors such as stricter immigration policies, tariffs, and other trade policies, sanctions, geopolitical tensions, high unemployment, civil unrest, and other political or trade-related policies affecting domestic and global markets may cause greater economic uncertainty. Such conditions may adversely affect our asset quality, deposit levels, loan demand and results of operations.
As a result of the economic and geopolitical factors discussed above, financial institutions face heightened credit risk, among other forms of risk. Of note, because we have a significant amount of real estate loans, decreases in real estate values could adversely affect the value of property used as collateral, which, in turn, can adversely affect the value of our loan and investment portfolios. Adverse economic developments, specifically including inflation-related impacts, may have a negative effect on the ability of our borrowers to make timely repayments of their loans or to finance future home purchases. The outlook for CRE is dependent on the economic environment and how major subsectors respond to the interest rate environment and continued higher prices for commodities, goods and services. Credit performance over the medium- and long-term is susceptible to economic and market forces and therefore forecasts remain uncertain; however, some degree of instability in the CRE markets is expected in the coming quarters as loans continue to be refinanced in markets with higher vacancy rates.
Changes in U.S. trade policies, including the imposition of tariffs and retaliatory tariffs, may adversely impact our business, financial condition, and results of operations.
The Trump Administration, during its second term beginning 2025, imposed tariffs against goods imported from U.S. trading partners, including Canada, Mexico and China. The tariffs have resulted in threats of retaliatory tariffs against U.S. goods, discussions with the countries which have delayed many of the U.S. imposed tariffs while discussions with each trading partner continue and litigation in the U.S. courts.
Tariffs and trade restrictions may cause the prices of our customers' products to increase, which could reduce demand for such products, or reduce our customers' margins, and adversely impact their revenues, financial results, and ability to service debt. This in turn could adversely affect our financial condition and results of operations. To the extent changes in the political environment have a negative impact on us or on the markets in which we operate our business, our results of operations and financial condition could be materially and adversely impacted in the future. At this time, it remains unclear what the U.S. government or foreign governments will or will not do in response to additional tariffs that may be imposed or international trade agreements and policies.
Our allowance for credit losses on loans may be insufficient.
All borrowers have the potential to default, and our remedies in the event of such default (such as seizure and/or sale of collateral, legal actions, and guarantees) may not fully satisfy the debt owed to us. We maintain an ACLL, which is a reserve established through a provision for credit losses charged to expense, that represents management’s best estimate of probable credit losses over the life of the loan within the existing portfolio of loans. The ACLL, in the judgment of management, is necessary to reserve for estimated credit losses and risks inherent in the loan portfolio. The level of the ACLL reflects management’s continuing evaluation of industry concentrations; specific credit risks; loan loss experience; current loan portfolio quality; present economic, political, and regulatory conditions; and unidentified losses inherent in the current loan portfolio. The determination of the appropriate level of the ACLL inherently involves a high degree of subjectivity and requires us to make significant estimates of current credit risks using existing qualitative and quantitative information, all of which may undergo material changes. Changes in economic conditions affecting borrowers, new information regarding existing loans, identification of additional loans, and other factors, both within and outside of our control, may require an increase in the ACLL. Bank regulatory agencies periodically review our ACLL and may require an increase in the provision for credit or the recognition of additional loan charge offs, based on judgments different than those of management. An increase in the ACLL would result in a decrease in net income, and possibly risk-based capital, and could have a material effect on our financial condition and results of operations.
We are subject to lending concentration risks.
As of December 31, 2025, 65% of our loan portfolio consisted of commercial and industrial, real estate construction, and CRE loans (collectively, "commercial loans"). Commercial loans are generally viewed as having more inherent risk of default than residential mortgage loans or other consumer loans. Further, the commercial loan balance per borrower is typically larger than that for residential mortgage loans and other consumer loans, implying higher potential losses on an individual loan basis. Because our loan portfolio contains a number of commercial loans with significant balances, the deterioration of one or a few of these loans could cause a significant increase in nonaccrual loans, which could have a material adverse effect on our financial condition and results of operations.
CRE lending may expose us to increased lending risks.
Our policy generally has been to originate CRE loans primarily in the states in which the Bank operates. At December 31, 2025, CRE loans, including owner occupied, investor, and real estate construction loans, totaled $8.4 billion, or 27%, of our total loan portfolio and 183% of total risk-based capital. CRE loans generally involve a greater degree of credit risk than residential mortgage loans because they typically have larger balances and are more affected by adverse conditions in the economy. Because payments on loans secured by CRE depend upon the successful operation and management of the properties and the businesses that operate from within them, repayment of such loans can be affected by factors outside the borrower’s control, such as adverse conditions in the real estate market or the economy or changes in government regulation.
Although CRE markets have shown signs of stabilization since 2024, the federal banking agencies have issued guidance on the sound risk management practices regarding CRE lending and regulatory scrutiny may increase depending on the concentration in CRE lending and changing economic conditions for the CRE markets. Our failure to adequately maintain appropriate risk management policies, procedures and controls could adversely affect our ability to increase this portfolio and could result in an increased rate of delinquencies in, and increased losses from, this portfolio as well as enhanced regulatory scrutiny and regulatory expectations for increased capital. At December 31, 2025, nonaccrual CRE loans totaled $8.7 million, or less than 1% of our total portfolio of CRE loans.
We depend on the accuracy and completeness of information furnished by and on behalf of our customers and counterparties.
In deciding whether to extend credit or enter into other transactions, we rely on information furnished by or on behalf of customers and counterparties, including financial statements, credit reports, and other financial information. We may rely on representations of those customers, counterparties, or other third parties, such as independent auditors, as to the accuracy and completeness of that information. Reliance on inaccurate or misleading financial statements, credit reports, or other financial information could cause us to enter into unfavorable transactions, which could have a material adverse effect on our financial condition and results of operations.
Lack of system integrity or credit quality related to funds settlement could result in a financial loss.
We settle funds on behalf of financial institutions, other businesses and consumers and receive funds from clients, card issuers, payment networks and consumers on a daily basis for a variety of transaction types. Transactions we facilitate include wire transfers, debit card, credit card and electronic bill payment transactions, supporting consumers, financial institutions and other businesses. These payment activities rely upon the technology infrastructure that facilitates the verification of activity with counterparties and the facilitation of the payment. If the continuity of operations or integrity of processing were compromised, it could result in a financial loss to us. We may issue credit to consumers, financial institutions or other businesses as part of the funds settlement. A default on this credit by a counterparty could result in a financial loss to us.
We are subject to environmental liability risk associated with lending activities.
A significant portion of our loan portfolio is secured by real property. During the ordinary course of business, we may foreclose on and take title to properties securing certain loans. In doing so, there is a risk that hazardous or toxic substances could be found on these properties. If hazardous or toxic substances are found, we may be liable for remediation costs, as well as for personal injury and property damage. Environmental laws may require us to incur substantial expenses which may materially reduce the affected property’s value or limit our ability to use or sell the affected property. Future laws or more stringent interpretations or enforcement policies with respect to existing laws may increase our exposure to environmental liability. Although we have policies and procedures to perform an environmental review before lending against or initiating any foreclosure action on real property, these reviews may not be sufficient to detect all potential environmental hazards. The
remediation costs and any other financial liabilities associated with an environmental hazard could have a material adverse effect on our financial condition and results of operations.
Liquidity and Interest Rate Risks
Impairment of our access to liquidity could affect our ability to meet our obligations.
The Corporation requires liquidity to meet its deposit and debt obligations as they come due. Access to liquidity could be impaired by an inability to access the capital markets or unforeseen outflows of deposits. Risk factors that could impair our ability to access capital markets include a downturn in our Midwest markets, difficult credit markets, credit rating downgrades, or regulatory actions against the Corporation. The Corporation’s access to deposits can be impacted by the liquidity needs of our customers as a substantial portion of the Corporation’s liabilities are demand while a substantial portion of the Corporation’s assets are loans that cannot be sold in the same timeframe. Historically, the Corporation has been able to meet its cash flow needs as necessary. If a sufficiently large number of depositors sought to withdraw their deposits for whatever reason, the Corporation may be unable to obtain the necessary funding at favorable terms.
The proportion of our deposit account balances that exceed FDIC insurance limits may expose the Bank to enhanced liquidity risk in times of financial distress.
In the aftermath of the significant bank failures that occurred in 2023, the federal banking agencies have enhanced their scrutiny of banks' liquidity risk management.
In the event of financial distress, uninsured depositors historically have been more likely to withdraw their deposits. The Corporation had approximately $17.0 billion of uninsured deposits at December 31, 2025. Estimated uninsured and uncollateralized deposits, excluding intercompany deposits, were $9.4 billion or 26.5% of total deposits at December 31, 2025.
The ease and speed of the electronic withdrawals may accelerate this process. If a significant portion of our deposits were to be withdrawn within a short period such that additional sources of funding would be required to meet withdrawal demands, the Corporation may be unable to obtain funding at favorable terms, which may have an adverse effect on our net interest margin. Our ability to attract depositors during a time of actual or perceived distress or instability in the marketplace may be limited. Further, interest rates paid for borrowings generally exceed the interest rates paid on deposits. Because our AFS investment securities lose value when interest rates rise, after-tax proceeds resulting from the sale of such assets may be diminished during periods when interest rates are elevated. Under such circumstances, we may be required to access funding from sources such as the Federal Reserve’s discount window and the FHLB system in order to manage our liquidity risk. For additional information regarding uninsured deposits and liquidity, see sections Deposits and Customer Funding and Liquidity of Part II, Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations.
Adverse changes to our credit ratings could limit our access to funding and increase our borrowing costs.
Credit ratings are subject to review by rating agencies, which consider a number of factors, including our financial strength, performance, prospects and operations as well as factors not under our control. Other factors that influence our credit ratings include changes to the rating agencies’ methodologies for our industry or certain security types; the rating agencies’ assessment of the general operating environment for financial services companies; our relative positions in the markets in which we compete; our various risk exposures and risk management policies and activities; pending litigation and other contingencies; our reputation; our liquidity position, diversity of funding sources and funding costs; the current and expected level and volatility of our earnings; our capital position and capital management practices; our corporate governance; current or future regulatory and legislative initiatives; and the agencies’ views on whether the U.S. government would provide meaningful support to the Corporation or its subsidiaries in a crisis. Rating agencies could make adjustments to our credit ratings at any time, and there can be no assurance that they will maintain our ratings at current levels or that downgrades will not occur.
In August 2023, Moody’s and S&P Global Ratings each downgraded our long-term issuer credit ratings, and the ratings remained unchanged as of December 31, 2025. Any additional downgrade in our credit ratings could potentially adversely affect the cost and other terms upon which we are able to borrow or obtain funding, increase our cost of capital and/or limit our access to capital markets. Credit rating downgrades or negative watch warnings could negatively impact our reputation and the perception of the Corporation by lenders, investors and other third parties, which could impair our ability to compete in certain markets or engage in certain transactions. In particular, holders of deposits which exceed FDIC insurance limits may perceive such a downgrade or warning negatively and withdraw all or a portion of such deposits. While certain aspects of a credit rating are quantifiable, the impact that such a would have on our liquidity, business and results of operations in future periods is inherently uncertain and would depend on a number of interrelated factors, including, among other things, the
magnitude of the downgrade, the rating relative to peers, the rating assigned by the relevant agency pre-downgrade, individual client behavior and future mitigating actions we might take.
We are subject to interest rate risk.
Our earnings and cash flows are largely dependent upon our net interest income. Interest rates are highly sensitive to many factors that are beyond our control, including general economic conditions and policies of various governmental and regulatory agencies and, in particular, the Federal Reserve. Changes in monetary policy, including changes in interest rates, could influence not only the interest we receive on loans and investments and the amount of interest we pay on deposits and borrowings, but such changes could affect (i) our ability to originate loans and obtain deposits; (ii) the fair value of our financial assets and liabilities; and (iii) the average duration of our mortgage portfolio and other interest-earning assets.
As of January 28, 2026, the date of the FOMC's most recent meeting, the target range for the federal funds rate was 3.50% to 3.75%, which is down from the peak of 5.25% to 5.50% prior to the FOMC meeting in September 2024. Despite direct pressure from the President and the anticipated change in the Chair of the Federal Reserve, it remains uncertain whether the FOMC will further reduce the target range for the federal funds rate to stimulate economic activity and promote job growth or leave the rate at its current level for an additional period of time. Earnings could be adversely affected if the interest rates received on loans and other investments fall more quickly than the interest rates paid on deposits and other borrowings. The Corporation's interest rate risk profile is such that, generally, a higher yield curve adds to income while a lower yield curve has a negative impact on earnings. Our most significant interest rate risk may result from timing differences in the maturity and re-pricing characteristics of assets and liabilities, changes in the shape of the yield curve, and the potential exercise of explicit or embedded options.
Although management believes it has implemented effective asset and liability management strategies, including the use of derivatives as hedging instruments, to reduce the effects of changes in interest rates on our results of operations, any substantial, unexpected, prolonged change in market interest rates could have a material adverse effect on our financial condition and results of operations, and any related economic impact, especially domestically and in the regions in which we operate, may adversely affect our asset quality, deposit levels, loan demand and results of operations. Our interest rate risk modeling techniques and assumptions may not fully predict or capture the impact of actual interest rate changes on our balance sheet.
The impact of interest rates on our mortgage banking business can have a significant impact on revenues.
Changes in interest rates can impact our mortgage-related revenues. A decline in mortgage rates generally increases the demand for mortgage loans as borrowers refinance, but generally leads to accelerated payoffs. Conversely, in a constant or increasing rate environment, we would expect fewer loans to be refinanced and a decline in payoffs. Although we use models to assess the impact of interest rates on mortgage-related revenues, the estimates of revenues produced by these models are dependent on estimates and assumptions of future loan demand, prepayment speeds and other factors which may differ from actual subsequent experience.
Changes in interest rates could reduce the value of our investment securities holdings which would increase our accumulated other comprehensive loss and thereby negatively impact stockholders' equity.
The Corporation maintains an investment portfolio consisting of high-quality liquid fixed-income securities. The total carrying value of the AFS securities portfolio was $5.4 billion as of December 31, 2025, and the estimated duration of the aggregate portfolio was approximately 3.2 years. The nature of fixed-income securities is such that changes in market interest rates impact the value of these assets.
Changes in interest rates could reduce the value of our residential mortgage-related securities and MSRs, which could negatively affect our earnings.
The Corporation earns revenue from the fees it receives for originating mortgage loans and for servicing mortgage loans. When rates rise, the demand for mortgage loans tends to fall, reducing the revenue the Corporation receives from loan originations. At the same time, revenue from MSRs can increase through increases in fair value. When rates fall, mortgage originations tend to increase and the value of MSRs tends to decline, with some offsetting revenue effect. Even though the origination of mortgage loans can act as a natural hedge, the hedge is not perfect, either in amount or timing. For example, the negative effect on revenue from a decrease in the fair value of MSRs is immediate, but any offsetting revenue benefit from more originations and the MSRs relating to the new loans would be recognized during the month of origination. It is possible that even if interest rates were to fall, mortgage originations may fall or any increase in mortgage originations may not be enough to offset the decrease in the MSRs value caused by the lower rates.
The Corporation typically uses derivatives and other instruments to hedge its mortgage banking interest rate risk. The Corporation generally does not hedge all of its risks and the fact that hedges are used does not mean they will be successful. Hedging is a complex process, requiring sophisticated models and constant monitoring. The Corporation could incur significant losses from its hedging activities. There may be periods where the Corporation elects not to use derivatives and other instruments to hedge mortgage banking interest rate risk, which could cause the Corporation to incur substantial losses.
We rely on dividends from our subsidiaries for most of our cash flow.
The Parent Company is a separate and distinct legal entity from its banking and other subsidiaries. A substantial portion of the Parent Company’s cash flow comes from dividends from its subsidiaries. These dividends are the principal source of funds to pay dividends on the Parent Company’s common and preferred stock, and to pay interest and principal on the Parent Company’s debt. Various federal and/or applicable state laws and regulations limit the amount of dividends that the Bank and certain of our nonbanking subsidiaries may pay to us. Our right to participate in a distribution of assets upon a subsidiary’s liquidation or reorganization is subject to the prior claims of the subsidiary’s creditors. In the event the Bank subsidiary is unable to pay dividends to us, we may not be able to service debt, pay obligations, or pay dividends on our common and preferred stock. The inability to receive dividends from the Bank would have a material adverse effect on our business, financial condition, and results of operations.
Operational Risks
We face significant operational risks due to the high volume and the high dollar value nature of transactions we process.
We operate in many different businesses in diverse markets and rely on the ability of our employees and systems to process transactions. Operational risk is the risk of loss resulting from our operations, including but not limited to, the risk of fraud by employees or persons outside the Corporation, the execution of unauthorized transactions, errors relating to transaction processing and technology, breaches of our internal control systems or failures of those of our suppliers or counterparties, compliance failures, cyber-attacks or other security breaches, technology failures, or unforeseen problems encountered while implementing new computer systems or upgrades to existing systems, business continuation and disaster recovery issues, and other external events. In recent periods, the OCC has observed an increased incidence of check , wire , peer-to-peer payment , and the use of AI technology to facilitate the of social engineering and impersonation schemes and identity theft. Insurance coverage may not be available for such , or where available, such may exceed insurance limits. This risk of includes the potential legal actions that could arise as a result of an operational or as a result of with applicable regulatory standards, business decisions or their implementation, and customer due to potential publicity. The occurrence of any of these events could cause us to financial , face regulatory action and to our reputation.
Unauthorized disclosure of sensitive or confidential client or customer information (including personal information), whether through a cyber-attack, other breach of our computer systems or otherwise, could severely harm our business.
In the normal course of our business, we collect, share, use, store and otherwise process sensitive and confidential client and customer information, including personal information, on our behalf and on behalf of other third parties. Despite the security measures we have in place, our facilities, systems and networks may be vulnerable to cyber-attacks, security breaches, acts of vandalism, theft, computer viruses, malware, ransomware, denial of service attacks, phishing or other social engineering attacks, credential stuffing, account takeovers, misplaced or lost data, programming and/or human errors, software or hardware failures, or other similar events.
Information security risks for financial institutions like us continue to increase in part because of new technologies, the increased use of the internet and telecommunications technologies (including mobile devices and cloud computing) to conduct financial and other business transactions, political activism, and the increased sophistication and activities of organized crime, perpetrators of fraud, hackers, terrorists and others.
We rely on computer systems, hardware, software, technology infrastructure and online sites and networks for both internal and external operations that are critical to our business. Operational risk related to cyber-attacks is increasing as cyber-attacks evolve and have a greater and more pervasive economic impact. In addition to cyber-attacks or other security breaches involving the theft, loss, destruction, gathering, monitoring, dissemination, misappropriation, misuse, alteration, or unauthorized disclosure of or unauthorized access to sensitive and confidential information (including personal information), hackers have engaged in attacks against large financial institutions, designed to disrupt key business services, such as customer-facing web sites. Critical infrastructure sectors, including financial services, increasingly have been the targets of cyber-attacks, including attacks emanating from foreign countries. Cyber-attacks involving large financial institutions, including distributed
denial of service attacks designed to disrupt external customer-facing services, cyber-attacks carried out by terrorists, nation states, nation-state supported actors, organized criminal groups or “hacktivists”, and ransomware attacks designed to deny organizations access to key internal resources or systems or other critical data, as well as targeted social engineering and phishing email and text message attacks designed to allow unauthorized persons to obtain access to an institution’s information systems and data or that of its customers, are becoming more common and increasingly sophisticated.
Cyber-attacks continue to evolve and become more pervasive throughout the financial services sector. In particular, there has been an observed increase in the number of distributed denial of service and ransomware attacks against the financial sector, for which the increase is believed to be partially attributable to politically motivated attacks as well as financial demands coupled with extortion. Further, threat actors continue to exploit publicly known software vulnerabilities and weak authentication controls used by large numbers of banking organizations in order to conduct malicious cyber activities. These types of attacks have resulted in increased supply chain and third-party risk. Such cybersecurity threats may see their frequency increased, and effectiveness enhanced, by the use of AI.
Because the methods of cyber-attacks change frequently or, in some cases, are not recognized until launch, we are not able to anticipate or implement effective preventive measures against all possible security breaches and the probability of a successful attack cannot be predicted. Although we employ detection and response mechanisms designed to contain and mitigate security incidents, early detection may be thwarted by persistent sophisticated attacks and malware designed to avoid detection.
We face risks related to cyber-attacks and other security breaches in connection with card transactions that typically involve the transmission of sensitive information (including personal information) regarding our customers through various third parties. Some of these parties have in the past been the target of security breaches and cyber-attacks, and because the transactions involve third parties and environments that we do not control or secure, future security breaches or cyber-attacks affecting any of these third parties could impact us, and in some cases we may have exposure and suffer losses for breaches or attacks relating to them. We rely on numerous other third-party service providers to conduct other aspects of our business operations and face similar risks relating to them. We cannot be sure that such third-party information security protocols are sufficient to withstand a cyber-attack or other security breach.
Cybersecurity risks for financial institutions have evolved as a result of the increased interconnectedness of operating environments and the use of new technologies, devices and delivery channels to transmit data and conduct financial transactions. The adoption of new products, services and delivery channels contribute to a more complex operating environment, which enhances operational risk and presents the potential for additional structural vulnerabilities. As such, a single cyber-attack is now able to compromise hundreds of organizations and affect a significant number of consumers. The adoption of hybrid and remote work environments in the past several years presents institutions with additional cybersecurity vulnerabilities and risks.
The Corporation endeavors to regularly evaluate its systems and controls and implement upgrades as necessary. The additional cost to the Corporation of our cybersecurity monitoring and protection systems and controls includes the cost of hardware and software, third party technology providers, consulting and forensic testing firms, insurance premium costs and legal fees and the incremental cost of our personnel who focus a substantial portion of their responsibilities on cybersecurity.
Any attempted or successful cyber-attack or other security breach involving the theft, loss, destruction, gathering, monitoring, dissemination, misappropriation, misuse, alteration, or unauthorized disclosure of or unauthorized access to sensitive or confidential client or customer information (including personal information), confidential and proprietary information relating to our bank and operations, unauthorized access to our information systems or networks or that of our third-party service providers, or unauthorized access to other data that compromises our ability to function could severely damage our reputation, erode confidence in the security of our systems and networks, products and services, expose us to the risk of litigation and liability, our operations and have a material effect on our business. Any attempted or cyber-attack may subject the Corporation to regulatory , (including class action ) or enforcement, or require the payment of regulatory or or undertaking remediation efforts with respect to third parties affected by a cybersecurity , all or any of which could affect the Corporation’s business, financial condition or results of operations and its reputation. Finally, we cannot guarantee that any costs and liabilities incurred in relation to an attack or will be covered by our existing insurance policies or that applicable insurance will be available to us in the future on economically reasonable terms or at all.
From time to time, the Corporation engages in acquisitions, including acquisitions of depository institutions. The integration of core systems and processes for such transactions often occurs after the closing, which may create elevated risk of cyber incidents.
The Corporation may be subject to the data risks and cybersecurity vulnerabilities of the acquired company until the Corporation has sufficient time to fully integrate the acquiree’s customers and operations. Although the Corporation endeavors to conduct comprehensive due diligence of cybersecurity policies, procedures and controls of our acquisition counterparties, and the Corporation endeavors to maintain adequate policies, procedures, controls and information security protocols to facilitate a successful integration, there can be no assurance that such measures, controls and protocols are sufficient to withstand a cyber-attack or other security breach with respect to the companies we acquire, particularly during the period of time between closing and final integration.
We rely heavily on communications and information systems and networks to conduct our business. Any failures or disruptions to our third parties’ communications and information systems and networks could materially and adversely affect our business.
Our business is dependent on our and third parties' information technology systems and networks. Any failure, interruption, or breach in security or operational integrity of our or our third-party service providers' communications and information systems or networks, including those caused by a cyber-attack, could result in failures or disruptions in our customer relationship management, general ledger, deposit, loan, and other systems.
Our computer, communications, data processing, networks, backup, business continuity or other operating, information or technology systems and networks, including those that we outsource to providers, may fail to operate properly or become disabled, overloaded or damaged as a result of a number of factors, including events that are wholly or partially beyond our control, which could have a negative effect on our ability to conduct our business activities.
While we have policies and procedures designed to prevent or limit the effect of the failure, interruption, or security breach of our or our third parties' communications and information systems and networks, we cannot completely ensure that any such failures, interruptions, or security breaches will not occur, nor can we ensure that our prevention procedures and information security program will function as designed and planned. Our business interruption insurance may be inadequate to compensate us for all losses that may occur as a result of any system, network or operational failure or disruption. The occurrence of any failures, interruptions, or security breaches of our or our third-party service providers' communications and information systems and networks, including those caused by a cyber-attack, could our reputation, result in a of customer business, subject us to additional regulatory , or us to civil and possible financial liability, any of which could have a material effect on our financial condition and results of operations.
We are subject to certain industry standards regarding our credit card-related services. Failure to meet those standards may significantly impact our ability to offer these services.
We are subject to the PCI-DSS, issued by the Payment Card Industry Security Standards Council. PCI-DSS contains compliance guidelines with regard to our security surrounding the physical and electronic storage, processing and transmission of cardholder data. Compliance with PCI-DSS and implementing related procedures, technology and information security measures requires significant resources and ongoing attention. Costs and potential problems and interruptions associated with the implementation of new or upgraded systems and technology, such as those necessary to achieve compliance with PCI-DSS or with maintenance or adequate support of existing systems could disrupt or reduce the efficiency of our operations. Any material interruptions or failures in our payment-related systems or third parties that we rely upon could have a material adverse effect on our business, results of operations and financial condition. If there are amendments to PCI-DSS, the cost of compliance could increase, and we may suffer loss of data and or in our operations as a result. If we or our service providers are to comply with the standards imposed by PCI-DSS, we may be subject to and restrictions on our ability to offer certain services, which could materially and affect our business.
Compliance with the rapidly evolving federal and state laws relating to the handling of information about individuals involves significant expenditure and resources, and any failure by us or our service providers to comply may result in significant liability, negative publicity, and/or an erosion of trust, which could materially adversely affect our business, results of operations, and financial condition.
We and our service providers are subject to a number of U.S. federal, state, and local laws and regulations, industry standards and other requirements relating to consumer privacy and data protection. For more information, see “Privacy, Data Protection, and Cybersecurity” in the Item 1, Business section above.
Both to comply with applicable existing law and to prepare for potential expansions in laws requiring protection of personal information, we must endeavor to maintain adequate privacy and security measures, which require significant investments in resources and ongoing attention.
We send marketing messages via email and occasionally make telephone calls and/or send SMS text messages to customers. The actual or perceived improper emailing of marketing communications, calling of customer phones and/or sending of text messages may subject us to potential risks, including liabilities or claims relating to consumer protection laws such as the TCPA and the CAN-SPAM Act. Numerous class-action suits under federal and state laws have been filed in recent years against companies who conduct telemarketing and/or SMS texting programs, and any future such litigation against us could be costly and time-consuming to defend. In particular, the TCPA imposes significant restrictions on the ability to make telephone calls or send text messages to mobile telephone numbers without the prior consent of the person being contacted. Federal or state regulatory authorities or private litigants may claim that the notices and disclosures we provide, form of consents we obtain or our outreach practices are not adequate or violate applicable law. This may in the future result in civil us. that we have the TCPA could be to , whether or not they have merit, and could us to substantial statutory or settlements.
While we strive to ensure that all of our marketing communications comply with the requirements set forth in the CAN-SPAM Act, any violations could result in the FTC seeking civil penalties against us.
Moreover, we are considered a both a “furnisher” of consumer report information and a “user” of consumer reports provided by consumer reporting agencies under the FCRA. Our failure to satisfy the obligations under the FCRA, as applicable, may expose us to supervisory scrutiny or litigation, each of which could have a material adverse effect on our financial condition and results of operations.
Our obligations related to privacy and security are quickly changing in an increasingly stringent fashion and may be subject to differing applications and interpretations, which may be inconsistent or in conflict among jurisdictions. Preparing for and complying with these obligations requires us to devote significant resources and may necessitate changes to our business practices. We enter into agreements with third parties regarding our collection, sharing, use, storage and other processing of personal information and publish public privacy policies and make other public statements about our privacy and security practices. Although we endeavor to comply with our privacy and security obligations, we may at times fail to do so or may be perceived to have failed to do so, including due to the errors or omissions of our personnel and third parties upon which we rely.
Any failure or perceived failure by us to comply with laws, regulations and other requirements relating to the privacy, security and handling of information could result in legal claims or proceedings (including class actions), regulatory investigations, enforcement actions, claims, fines, judgments, awards, penalties or sanctions. We could incur significant costs in investigating and defending such claims and, if found liable, pay significant damages or fines or be required to make changes to our business. These proceedings and any subsequent adverse outcomes may subject us to significant negative publicity and an erosion of trust. If any of these events were to occur, our business, results of operations, and financial condition could be materially affected.
The use of AI in connection with our business and operations contains inherent risks that may expose us to material harm and any actual or perceived failure to comply with evolving regulatory frameworks around the development and use of AI could adversely affect our business, results of operations, and financial condition.
Our business increasingly relies on AI, machine learning and automated decision making to improve our services and our customers’ experience. The regulatory framework around the development and use of these emerging technologies is rapidly evolving, and many federal, state and foreign government bodies and agencies have introduced and/or are currently considering additional laws and regulations. The implementation standards and enforcement practices are likely to remain uncertain for the foreseeable future, and we cannot yet determine the impact future laws, regulations, standards, or perception of their requirements may have on our business.
If any of our employees or service providers use any third-party AI-powered software in connection with our business or the services they provide to us, it may lead to the inadvertent disclosure or incorporation of our confidential information into publicly available training sets, which may impact our ability to realize the benefit of, or adequately maintain, protect and enforce our intellectual property or confidential information, harming our competitive position and business. Any output created by us using AI tools may not be subject to copyright protection, which may adversely affect our intellectual property rights in, or ability to commercialize or use, any such content.
If we do not have sufficient rights to use the data or other material or content on which our AI solutions rely, or if we experience cybersecurity incidents in connection with our use of AI, we may incur liability through the violation of applicable laws and regulations, such as fair lending laws and regulations, third-party intellectual property, privacy or other rights, or contracts to which we are a party. We may not be able to sufficiently mitigate or detect any of the foregoing limitations or risks given our and other market participants' lack of experience with using AI, the pace of technological change, and rapid adoption of AI by our business partners and competitors. This exposes us to potential damage to our reputation, adverse impacts on our business operations, and violation of legal and regulatory obligations.
Any of the foregoing, together with developing guidance and/or decisions in this area, may affect our use of AI and our ability to provide and improve our services, require additional compliance measures and changes to our operations and processes, and result in increased compliance costs and potential increases in civil claims against us. Any actual or perceived failure to comply with evolving regulatory frameworks around the development and use of AI, machine learning and automated decision making or to address any ethical, reputational, technical, operational, legal, competitive or regulatory issues could adversely affect our business, results of operations, and financial condition.
We are dependent upon third parties for certain information system, data management and processing services, and to provide key components of our business infrastructure.
We outsource certain information system and data management and processing functions to third-party service providers to compete in a rapidly evolving financial marketplace. We may outsource to certain foreign-based service providers in the future. These third-party service providers are sources of operational and informational security risk to us, including risks associated with operational errors, information system interruptions or breaches, and unauthorized disclosures of sensitive or confidential client or customer information, including personal information. Any service relationships that we may have with foreign-based service providers would present additional risks, including, for example, country risk (e.g., risks relating to economic, social, and political conditions within the service provider’s home country that may inhibit the ability of the service provider to provide us with services) and compliance risk (e.g., risks arising from the cross-border flow of information and services and the potential applicability of foreign laws and regulations). Concentration among larger third-party service providers servicing large segments of the banking industry can potentially affect wide segments of the financial industry. If third-party service providers encounter any of these issues, or if we have difficulty communicating with them, we could be exposed to of operations, of service or connectivity to customers, reputational , and risk that could have a material effect on our results of operations or our business.
Third-party service providers provide key components of our business infrastructure, such as internet connections, network access and core application processing. While we have selected these third-party service providers in accordance with supervisory requirements, we do not control their actions. The actions of these third parties, including as a result of their not providing us their services for any reason or their performing their services poorly, could adversely affect our ability to deliver products and services to our customers and otherwise to conduct our business. Replacing these third-party service providers could entail significant delay and expense.
The potential for business interruption exists throughout our organization.
Integral to our performance is the continued efficacy of our technical systems, operational infrastructure, relationships with third parties and the vast array of associates and key executives in our day-to-day and ongoing operations. Failure by any or all of these resources subjects us to risks that may vary in size, scale and scope. This includes, but is not limited to, operational or technical failures, ineffectiveness or exposure due to interruption in third party support, problems arising from systems conversions, as well as the loss of key individuals or failure on the part of key individuals to perform properly. Although management has established policies and procedures to address such failures, the occurrence of any such event could have a material adverse effect on our business, which, in turn, could have a material adverse effect on our financial condition and results of operations.
Changes in the federal, state, or local tax laws may negatively impact our financial performance.
We are subject to changes in tax law that could increase our effective tax rates. These law changes may be retroactive to previous periods and as a result could negatively affect our current and future financial performance. For example, legislation enacted in 2017 resulted in a reduction in our federal corporate tax rate from 35% in 2017 to 21% in 2018, which had a favorable impact on our earnings and capital generation abilities. However, this legislation enacted limitations on certain deductions, such as the deduction of FDIC deposit insurance premiums, which partially offset the anticipated increase in net earnings from the lower tax rate. The current Administration may further reduce the federal corporate tax rate, but the extent and timing of any tax reform, as well as any corresponding effect on our business and financial results, are uncertain at this
time. On the other hand, any increase in the corporate tax rate or surcharges that may be adopted by Congress would adversely affect our results of operations in future periods.
The Bank’s customers experienced and likely will continue to experience varying effects from both the individual and business tax provisions of the Tax Act. Certain provisions of the Tax Act were extended by the One Big Beautiful Bill Act. Future changes in tax law and such effects, whether positive or negative, may have a corresponding impact on our business and the economy as a whole.
Impairment of investment securities, goodwill, other intangible assets, or DTAs could require charges to earnings, which could result in a negative impact on our results of operations.
In assessing whether the impairment of investment securities is related to a deterioration in credit factors, management considers the length of time and extent to which the fair value has been less than cost, the financial condition and near-term prospects of the issuer, and the intent and ability to retain our investment in the security for a period of time sufficient to allow for any anticipated recovery in fair value in the near term.
Under current accounting standards, goodwill is not amortized but, instead, is subject to impairment tests on at least an annual basis or more frequently if an event occurs or circumstances change that reduce the fair value of a reporting unit below its carrying amount. A decline in our stock price or occurrence of a triggering event following any of our quarterly earnings releases and prior to the filing of the periodic report for that period could, under certain circumstances, cause us to perform a goodwill impairment test and result in an impairment charge being recorded for that period which was not reflected in such earnings release. During 2025, the annual impairment test conducted in May, using a qualitative assessment, indicated that the estimated fair value of all of the Corporation’s reporting units exceeded the carrying value. In the event that we conclude in a future assessment that all or a portion of our goodwill may be impaired, a non-cash charge for the amount of such impairment would be recorded to earnings. Such a charge would have no impact on tangible capital. At December 31, 2025, we had goodwill of $1.1 billion, which represents approximately 22% of stockholders’ equity.
In assessing the realizability of DTAs, management considers whether it is more likely than not that some portion or all of the DTAs will not be realized. Assessing the need for, or the sufficiency of, a valuation allowance requires management to evaluate all available evidence, both negative and positive, including the recent trend of quarterly earnings. Positive evidence necessary to overcome the negative evidence includes whether future taxable income in sufficient amounts and character within the carryback and carryforward periods is available under the tax law, including the use of tax planning strategies. When negative evidence (e.g., cumulative losses in recent years, history of operating loss or tax credit carryforwards expiring unused) exists, more positive evidence than negative evidence will be necessary.
The impact of each of these impairment matters could have a material adverse effect on our business, results of operations, and financial condition.
Failure to appropriately administer or manage our investment management and asset servicing businesses properly could put the related earnings at risk.
Revenues from our investment management and asset servicing businesses are significant to our earnings. Generating returns that satisfy clients in a variety of asset classes is important to maintaining existing business and attracting new business. Administering or managing assets in accordance with the terms of governing documents and applicable laws is also important to client satisfaction. Failure in either of the foregoing areas can expose us to liability, and result in a decrease in our revenues and earnings.
Climate-related risks could adversely affect our business and performance, including indirectly through impacts on our customers.
There continues to be a concern, including on the part of certain state regulators, regarding climate change and its impacts. Climate change could manifest as a financial risk to us either through changes in the physical climate or from the process of transitioning to a low-carbon economy. Both physical risks and transition risks associated with climate change could have negative impacts on the financial condition or creditworthiness of our customers, and on its exposure to those customers. Physical risks include the increased frequency or severity of acute weather events, such as floods, wildfires and tropical cyclones, and chronic shifts in the climate, such as persistent changes in precipitation levels, rising sea levels, or increases in average ambient temperature. Transition risks arise from societal adjustment to a low-carbon economy, such as changes in public policy, adoption of new technologies or changes in consumer preferences toward low-carbon goods and services. These risks could also be influenced by changes in the physical climate.
Concerns over the anticipated and unanticipated impacts of climate change (including physical risk and transition risk) have led and may continue to lead to governmental efforts to mitigate those impacts. The Corporation may be compelled to change or cease some of its business or operational practices or to incur additional capital, compliance, and other costs because of climate- or environmental-driven changes in applicable law or supervisory expectations or due to related political, social, market, or similar pressure. The Corporation and its customers may face cost increases, asset value reductions, operating process changes, and other issues. In addition, the Corporation could face reductions in creditworthiness on the part of some customers or in the value of asset securing loans. The Corporation's efforts to take these risks into account in making lending and other decisions may not be effective in protecting it from the negative impact of new laws and regulations or changes in consumer or business behavior.
Further, there is increased scrutiny of climate change-related and other ESG-related policies, goals and disclosures. The Corporation's stakeholders may disagree with these policies and goals, or conversely, believe that these policies and goals are insufficient, which may lead to a decrease in demand for our products and services or damage our reputation. For example, certain federal and state laws and regulations relating to climate or other ESG issues may include provisions that conflict with other laws and regulations, which may increase our costs or limit our ability to conduct business in certain jurisdictions In particular, there is an increasing number of state-level anti-ESG initiatives in the United States that may conflict with other regulatory requirements or our various stakeholders' expectations. Such divergent, sometimes conflicting, views on such matters increase the risk that any action or lack thereof by the Corporation on such matters will be perceived negatively by some stakeholders. The Corporation may also incur additional costs and require additional resources as it evolves its strategy, practices and related disclosures with respect to these matters. In addition, there are and will continue to be related to capturing, verifying, analyzing and climate-related data that is subject to measurement uncertainties.
Severe weather, natural disasters, public health issues, civil unrest, acts of war or terrorism, and other external events could significantly impact our ability to conduct business.
Such events could affect the stability of our deposit base, impair the ability of borrowers to repay outstanding loans, impair the value of collateral securing loans, adversely impact our employee base, cause significant property damage, result in loss of revenue, and/or cause us to incur additional expenses. Climate change and other environmental and social pressures are expected to increase the intensity and frequency of certain events, as well as contribute to chronic changes (such as changes to meteorological or hydrological patterns) that may adversely impact our operations. Although management has established disaster recovery policies and procedures, there is no guarantee these will be successful, and the occurrence of any such event could have a material adverse effect on our business, which, in turn, could have a material adverse effect on our financial condition and results of operations.
Strategic and External Risks
Significant changes to the size, structure, powers and operations of the federal government may cause economic disruptions that could, in turn, adversely impact our business, results of operations and financial condition.
The current Administration continues to implement significant changes to the size and scope of the federal government and reform its operations to achieve stated goals that include reducing the federal budget deficit and national debt, improving the efficiency of government operations, and promoting innovation and economic growth. To date, these efforts have been carried out through a mix of executive actions aimed at eliminating or modifying federal agency and federal program funding, reducing the size of the federal workforce, reducing or altering the scope of activities conducted by, and possibly eliminating, various federal agencies and bureaus, and encouraging the use of AI and other advanced technologies within the public and private sectors. These changes, if implemented and taken as a whole, may have varied effects on the economy that are difficult to predict. For instance, the delivery of government services and the distribution of federal program funds and benefits may be disrupted or, in some cases, eliminated as a result of fraud , funding cuts or recasting of federal agency mandates.
Further, a substantial reduction of the federal workforce could adversely affect regional and local economies, both directly and indirectly, in geographies with significant concentrations of federal employees and contractors. It is possible that such comprehensive changes to the federal government may be materially adverse to the regional and local economies where we conduct business and to our customers, which, in turn, could be materially adverse to our business, financial condition and results of operations.
Our financial condition and results of operations could be negatively affected if we fail to grow or fail to manage our growth effectively.
Our business strategy includes significant growth plans. We intend to continue pursuing a profitable growth strategy. Our prospects must be considered in light of the risks, expenses and difficulties frequently encountered by financial institutions in significant growth stages of development. Sustainable growth requires that we manage our risks by balancing loan and deposit growth at acceptable levels of risk, maintaining adequate liquidity and capital, hiring and retaining qualified employees, successfully managing the costs and implementation risks with respect to strategic projects and initiatives, and integrating acquisition targets and managing the costs. We may not be able to expand our market presence in our existing markets or successfully enter new markets, and any such expansion may adversely affect our results of operations. Failure to manage our growth effectively could have a material adverse effect on our business, future prospects, financial condition or results of operations and could adversely affect our ability to successfully implement our business strategy. If we grow more than anticipated, our operating results could be materially affected.
We operate in a highly competitive industry and market area.
We face substantial competition in all areas of our operations from a variety of different competitors, both within and beyond our principal markets, many of which are larger and may have more financial resources. Such competitors primarily include national, regional, and internet banks within the various markets in which we operate. We face competition from many other types of financial institutions, including, without limitation, savings and loans, credit unions, finance companies, brokerage firms, insurance companies, fintech companies, including those related to digital currencies or cryptocurrencies, and other financial intermediaries.
The financial services industry could become even more competitive as a result of legislative and regulatory changes and continued consolidation. In recent years, the OCC has accepted applications from financial technology companies to become special purpose national banks. These and similar developments at the state level are likely to result in even greater competition within all areas of our operations.
As customer preferences and expectations continue to evolve, technology has lowered barriers to entry and made it possible for nonbanks to offer products and services traditionally provided by banks, such as automatic transfer and automatic payment systems. Technology firms are engaging in joint ventures with banks to provide and/or expand financial service offerings with a technological sophistication and breadth of marketing that smaller institutions do not have. Many of our competitors have fewer regulatory constraints and may have lower cost structures.
Due to their size, many competitors may be able to achieve economies of scale and, as a result, may offer a broader range of products and services as well as better pricing for those products and services than we can.
Our ability to compete successfully depends on a number of factors, including, among other things:
• the ability to develop, maintain, and build upon long-term customer relationships based on top quality service, high ethical standards, and safe, sound assets;
• the ability to expand our market position;
• the scope, relevance, and pricing of products and services offered to meet customer needs and demands;
• the rate at which we introduce new products and services relative to our competitors;
• customer satisfaction with our level of service; and
• industry and general economic trends.
Failure to perform in any of these areas could significantly weaken our competitive position, which could adversely affect our growth and profitability, which, in turn, could have a material adverse effect on our financial condition and results of operations.
Fiscal challenges facing the U.S. government could negatively impact financial markets which in turn could have an adverse effect on our financial position or results of operations.
Federal budget deficit concerns and the potential for political conflict over legislation to fund U.S. government operations and raise the U.S. government’s debt limit may increase the possibility of a default by the U.S. government on its debt obligations,
related credit-rating downgrades, or an economic recession in the United States. Many of our investment securities are issued by the U.S. government and government agencies and sponsored entities. As a result of uncertain domestic political conditions, including potential future federal government shutdowns, the possibility of the federal government defaulting on its obligations for a period of time due to debt ceiling limitations or other unresolved political issues, investments in financial instruments issued or guaranteed by the federal government pose liquidity risks. In connection with prior political disputes over U.S. fiscal and budgetary issues leading to the U.S. government shutdown in 2011, S&P lowered its long-term sovereign credit rating on the U.S. from AAA to AA+. In part due to repeated debt-limit political standoffs and last-minute resolutions, in 2023 Fitch downgraded the U.S. long-term foreign-currency issuer default rating to AA+ from AAA and in 2025 Moody's the U.S. long-term issuer and senior unsecured ratings to Aa1 from Aaa . A further , or a by other rating agencies, as well as sovereign debt issues facing the governments of other countries, could have a material impact on financial markets and economic conditions in the U.S. and worldwide.
Consumers may decide not to use banks to complete their financial transactions.
Technology and other changes are allowing parties to complete financial transactions through alternative methods that historically have involved banks. For example, consumers can now maintain funds that would have historically been held as bank deposits in brokerage accounts, mutual funds or general-purpose reloadable prepaid cards. Consumers can complete transactions, such as paying bills and/or transferring funds directly without the assistance of banks. Transactions utilizing digital assets, including cryptocurrencies, stablecoins and other similar assets, have increased substantially over the course of the last several years. For example, the enactment of the Guiding and Establishing National Innovation for U.S. Stablecoins Act of 2025 (GENIUS Act) provides a legal framework for stablecoins to be issued in the United States, which may allow new and existing competitors to compete for funds that may have otherwise been deposited with banks, such as the Bank.
Certain characteristics of digital asset transactions, such as the speed with which such transactions can be conducted, the ability to transact without the involvement of regulated intermediaries, the ability to engage in transactions across multiple jurisdictions, and the anonymous nature of the transactions, are appealing to certain consumers notwithstanding the various risks posed by such transactions as illustrated by the current and ongoing market volatility. Accordingly, digital asset service providers, which at present are not subject to supervision and regulation comparable to that which is faced by banking organizations and other financial institutions, have become active competitors for our customers’ banking business. The current Administration, through executive actions and public announcements, has established a more relaxed regulatory framework for cryptocurrencies, digital assets and financial technology firms, and created a more favorable environment for those asset classes and firms.
The process of eliminating banks as intermediaries, known as disintermediation, could result in the loss of fee income, as well as the loss of customer deposits and the related income generated from those deposits. On October 22, 2024, the CFPB adopted a final rule regarding personal financial data rights that is designed to promote “open banking.” The final rule requires, among other things, that data providers, including any financial institution, make available to consumers and certain authorized third parties upon request certain covered transaction, account and payment information. However, in August 2025, the CFPB issued an advanced notice of proposed rulemaking to reconsider its final rule and, in October 2025, a district court issued a preliminary injunction preventing the CFPB from enforcing the final rule until the CFPB has completed its reconsideration of the rule. A final rule, if implemented, could lead to greater competition for products and services among banks and nonbanks alike. The loss of these revenue streams and the lower cost of deposits as a source of funds could have a material adverse effect on our financial condition and results of operations.
Our profitability depends significantly on economic conditions in the states within which we do business.
Our success depends on the general economic conditions of the local markets in which we operate, particularly Wisconsin, Illinois, and Minnesota. Local economic conditions have a significant impact on the demand for our products and services, as well as the ability of our customers to repay loans, on the value of the collateral securing loans, and the stability of our deposit funding sources. A significant decline in general local economic conditions caused by inflation, recession, unemployment, changes in securities markets, changes in housing market prices, or other factors could have a material adverse effect on our financial condition and results of operations.
The earnings of financial services companies are significantly affected by general business and economic conditions.
Our operations and profitability are impacted by general business and economic conditions in the United States and abroad. These conditions include short-term and long-term interest rates, inflation, money supply, political issues, ramifications of conflicts including the Russia-Ukraine conflict, Israeli-Palestinian conflict and other conflicts and government turmoil in the
Middle East, Europe and Latin America, legislative and regulatory changes, fluctuations in both debt and equity capital markets, broad trends in industry and finance, the strength of the United States economy, and uncertainty in financial markets globally, all of which are beyond our control. A deterioration in economic conditions, including those arising from government shutdowns, defaults, anticipated defaults or rating agency downgrades of sovereign debt (including debt of the U.S.), or increases in unemployment, could result in an increase in loan delinquencies and NPAs, decreases in loan collateral values, and a decrease in demand for our products and services, among other things, any of which could have a material adverse impact on our financial condition and results of operations.
New lines of business or new products and services may subject us to additional risk.
From time to time, we may implement new lines of business or offer new products and services within existing lines of business. There are substantial risks and uncertainties associated with these efforts, particularly in instances where the markets are not fully developed. In developing and marketing new lines of business and/or new products and services, we may invest significant time and resources. Initial timetables for the introduction and development of new lines of business and/or new products or services may not be achieved, and price and profitability targets may not prove feasible. External factors, such as competitive alternatives and shifting market preferences, may impact the successful implementation of a new line of business and/or a new product or service. Furthermore, strategic planning remains important as we adopt innovative products, services, and processes in response to the evolving demands for financial services and the entrance of new competitors, such as out-of-market banks and financial technology firms. Any new line of business and/or new product or service could have a significant impact on the effectiveness of our system of internal controls, so we must responsibly innovate in a manner that is consistent with sound risk management and is aligned with the Bank's overall business strategies. to manage these risks in the development and implementation of new lines of business and/or new products or services could have a material effect on our business, results of operations and financial condition.
Failure to keep pace with technological change could adversely affect our business.
The financial services industry is continually undergoing rapid technological change with frequent introductions of new technology-driven products and services, including, for example, the growing use of AI, machine learning and automated decision making, as well as blockchain technology to provide alternative high speed payment systems. The effective use of technology increases efficiency and enables financial institutions to better serve customers and to reduce costs. Our future success depends, in part, upon our ability to address the needs of our customers by using technology to provide products and services that will satisfy customer demands, as well as to create additional efficiencies in our operations. Many of our competitors have substantially greater resources to invest in technological improvements. We may not be able to effectively implement new technology-driven products and services or be successful in marketing these products and services to our customers. to keep pace with technological change affecting the financial services industry could have a material impact on our business and, in turn, our financial condition and results of operations.
We may be adversely affected by risks associated with potential and completed acquisitions.
As part of our growth strategy, from time to time we evaluate merger and acquisition opportunities and conduct due diligence activities related to possible transactions with other financial institutions and financial services companies, including our proposed acquisition of American National Corporation. As a result, negotiations may take place and future mergers or acquisitions involving cash, debt, or equity securities may occur at any time. We seek merger or acquisition partners that are culturally similar, have experienced management, and possess either significant market presence or have potential for improved profitability through financial management, economies of scale, or expanded services.
Acquiring other banks, businesses, or branches involves potential adverse impact to our financial results and various other risks commonly associated with acquisitions, including, among other things:
• incurring time and expense associated with identifying and evaluating potential acquisitions and negotiating potential transactions, and with integrating acquired businesses, resulting in the diversion of resources from the operation of our existing businesses;
• difficulty in estimating the value of target companies or assets and in evaluating credit, operations, management, and market risks associated with those companies or assets;
• payment of a premium over book and market values that may dilute our tangible book value and earnings per share in the short and long term;
• potential exposure to unknown or contingent liabilities of the target company, including, without limitation, liabilities for litigation, regulatory and compliance issues;
• exposure to potential asset quality issues of the target company;
• there may be volatility in reported income as goodwill impairment losses could occur irregularly and in varying amounts;
• difficulties, inefficiencies or cost overruns associated with the integration of the operations, personnel, technologies, services, and products of acquired companies with ours;
• inability to realize the expected revenue increases, cost savings, increases in geographic or product presence, and/or other projected benefits;
• potential disruption to our business;
• the possible loss of key employees and customers of the target company; and
• potential changes in banking or tax laws or regulations that may affect the target company.
Acquisitions involve operational risks and uncertainties, and acquired companies may have unknown or contingent liabilities, exposure to unexpected asset quality problems that require write-downs or write-offs (as well as restructuring and impairment or other charges), difficulty retaining key employees and customers and other issues that could negatively affect our business. We may not be able to realize any projected cost savings, synergies or other benefits associated with any such acquisition we complete. Acquisitions typically involve the payment of a premium over book and market values and, therefore, some dilution of our tangible book value and net income per common share may occur in connection with any future transaction. Failure to successfully integrate the entities we acquire into our existing operations could increase our operating costs significantly and have a material adverse effect on our business, financial condition, and results of operations.
We face significant competition from other financial services institutions, some of which may have greater financial resources than we do, when considering acquisition opportunities. Accordingly, attractive opportunities may not be available to us and there can be no assurance that we will be successful in identifying or completing future acquisitions.
Acquisitions may be delayed, impeded, or prohibited due to regulatory issues.
Acquisitions by the Corporation, particularly those of financial institutions such as our proposed acquisition of American National, are subject to approval by a variety of federal and state regulatory agencies. Regulatory approvals could be delayed, impeded, restrictively conditioned or denied due to existing or new regulatory issues the Corporation has, or may have, with regulatory agencies, including, without limitation, issues related to BSA compliance, CRA issues, fair lending laws, fair housing laws, consumer protection laws, unfair, deceptive, or abusive acts or practices regulations, and other similar laws and regulations. We may fail to pursue, evaluate or complete strategic and competitively significant acquisition opportunities as a result of our inability, or perceived or anticipated inability, to obtain regulatory approvals in a timely manner, under reasonable conditions or at all. The regulatory approvals may contain conditions on the completion of the merger that affect our business following the , or which are not anticipated or cannot be met. associated with potential acquisitions that may result from these factors could have a material impact on our business, and, in turn, our financial condition and results of operations.
The standards by which bank and financial institution acquisitions will be evaluated may be subject to change. In 2024, the FDIC, the OCC and the DOJ announced changes to their bank merger review processes but, in May 2025, both the OCC and FDIC rescinded their 2024 policy statements, reinstating the guidance that was in effect prior to 2024. The DOJ withdrew from the 1995 Bank Merger Guidelines and announced that it would consider bank mergers under its 2023 Merger Guidelines, which includes a brief bank merger addendum.
Any enhanced regulatory scrutiny of bank mergers and acquisitions and revision of the framework for merger application review may adversely affect the marketplace for such transactions, could result in our acquisitions in future periods being delayed, impeded or restricted in certain respects and result in new rules that possibly limit the size of financial institutions we may be able to acquire in the future and alter the terms for such transactions.
We may not be able to successfully integrate American National or to realize the anticipated benefits of the acquisition.
Upon consummation of the acquisition of American National, we will begin the process of integrating its business with ours. A successful integration will depend substantially on the Corporation's ability to consolidate operations, corporate cultures,
systems and procedures and to eliminate redundancies and costs. We may not be able to combine our business with the business of American National without encountering difficulties that could adversely affect our ability to maintain relationships with existing clients, customers, depositors and employees, such as:
• the loss of key employees;
• the disruption of operations and business;
• inability to maintain and increase competitive presence;
• loan and deposit attrition, customer loss and revenue loss;
• possible inconsistencies in standards, control procedures and policies;
• additional costs or unexpected problems with operations, personnel, technology and credit;
• inconsistencies in standards, controls, procedures and policies; and/or
• problems with the assimilation of new operations, system, sites or personnel, which could divert resources from regular banking operations.
Any disruption to the businesses could cause customers to remove their accounts and move their business to a competing financial institution. Integration efforts between the two companies may also divert management attention and resources. Additionally, general market and economic conditions or governmental actions affecting the financial industry generally may inhibit our successful integration of American National.
Further, we entered into the merger agreement to acquire American National with the expectation that the acquisition will result in various benefits including, among other things, benefits relating to enhanced revenues, a strengthened market position for the combined company, cross selling opportunities, technological efficiencies, cost savings and operating efficiencies. Achieving the anticipated benefits of the transactions contemplated by the merger agreement is subject to a number of uncertainties, including whether we integrate American National in an efficient, effective and timely manner, and general competitive factors in the marketplace. Failure to achieve these anticipated benefits on the anticipated timeframe, or at all, could result in a reduction in the price of our common stock as well as in increased costs, decreases in the amount of expected revenues and diversion of management's time and energy and could materially and affect our business, financial condition and operating results. Additionally, upon consummation of the transactions contemplated by the merger agreement, we will make fair value estimates of certain assets and liabilities in recording the acquisition. Actual values of these assets and liabilities could differ from our estimates, which could result in our not the anticipated benefits of the transaction. Finally, any cost savings that are realized may be offset by in revenues or other charges to earnings.
Legal, Regulatory, Compliance and Reputational Risks
We are subject to extensive government regulation and supervision.
We are subject to extensive federal and applicable state regulation and supervision, primarily through the Bank and certain nonbank subsidiaries. Banking regulations are primarily intended to protect depositors’ funds, federal deposit insurance funds, and the banking system as a whole, not shareholders. These regulations affect our lending practices, capital structure, investment practices, dividend policy, and growth, among other things. Congress and federal regulatory agencies continually review banking laws, regulations, and policies for possible changes, and changes are expected to continue under the current Administration. Changes to statutes, regulations, or regulatory policies, including changes in interpretation or implementation of statutes, regulations, or policies, could affect us in substantial and unpredictable ways. Such changes could subject us to additional costs, limit the types of financial services and products we may offer, and/or increase the ability of nonbanks to offer competing financial services and products, among other things. Failure to comply with laws, regulations, or policies could result in sanctions by regulatory agencies, civil money penalties, and/or reputation damage, which could have a material adverse effect on our business, financial condition, and results of operations. While we have policies and procedures designed to prevent these types of , there can be no assurance that such will not occur.
The Bank faces risks related to the adoption of future legislation and potential changes in federal regulatory agency leadership, policies, and priorities.
As a result of the 2024 Presidential and Congressional elections, Republicans are currently able to set the policy agenda both legislatively and in the regulatory agencies that have rulemaking and supervisory authority over the financial services industry
generally and the Bank. The Republican Party holds slim majorities in each of the Senate and the House of Representatives. Accordingly, the prospects for the enactment of major banking reform legislation under the current Congress are unclear at this time and could change as a result of the Congressional mid-term elections in 2026.
The turnover of the current Administration has resulted in changes in the leadership and senior staffs of the regulatory agencies and the Treasury Department. These changes have impacted the rulemaking, supervision, examination and enforcement priorities and policies of the agencies, including the reversal of a number of final and proposed rules and policy statements promulgated under the prior Administration. The potential impact of any changes in agency personnel, policies and priorities on the financial services sector, including the Bank, remain uncertain. It is possible the expected changes in regulation do not occur or are reversed by a subsequent Administration.
Non-compliance with the USA PATRIOT Act, BSA or other laws and regulations could result in fines or sanctions.
The USA PATRIOT Act and the BSA require financial institutions to develop risk-based compliance programs designed to prevent financial institutions from being used for money laundering, the funding of terrorist activities or other illicit finance activities. If such activities are detected, financial institutions are obligated to file suspicious activity reports with FinCEN. The BSA and its implementing regulations require covered financial institutions to establish procedures for identifying and verifying the identity of customers seeking to open new accounts. Failure to comply with the BSA and its implementing regulations could result in fines or sanctions. An increasing number of banking institutions have received large fines for non-compliance with the BSA and its implementing regulations. Although we have developed policies and procedures designed to assist in compliance with these laws and regulations, no assurance can be given that these policies and procedures will be effective in preventing violations of these laws and regulations.
The failures of several larger banks in 2023 triggered volatility in the banking sector and resulted in agency rulemaking activities and changes in agency policies and priorities that have subjected midsize and larger financial institutions, including the Corporation and the Bank, to enhanced government regulation and supervision.
After the significant bank failures that occurred in 2023, the federal banking agencies enhanced their scrutiny of the banks' risk management practices, including liquidity risk management. The agencies concluded that a significant contributing factor to the failures of such institutions was the concentration of uninsured deposits, coupled with inadequate prudential regulation and supervision of regional banking organizations, poor management and inadequate risk management practices.
Continued regulatory concern over possible future bank failures may lead to further governmental initiatives intended to prevent future bank failures and stem significant deposit outflows from the banking sector, including (i) legislation aimed at preventing similar future bank runs and failures and stabilizing confidence in the banking sector over the long term, (ii) agency rulemaking to modify and enhance relevant regulatory requirements, specifically with respect to liquidity risk management, deposit concentrations, capital adequacy, stress testing and contingency planning, and safe and sound banking practices, and (iii) enhancement of the agencies’ supervision and examination policies and priorities. The prospects and timing of these regulatory changes under the current Administration and Congress are unclear. See Capital Requirements section under Part I, Item 1, Business — Supervision and Regulation for additional discussion of this topic.
Changes in requirements relating to the standard of conduct for broker-dealers under applicable federal and state law may adversely affect our business.
The SEC’s Regulation Best Interest establishes a new standard of conduct for a broker-dealer to act in the best interest of a retail customer when making a recommendation of any securities transaction or investment strategy involving securities to such customer. The regulation required us to review and modify our compliance activities, including our policies, procedures, and controls, which caused us to incur additional costs. State laws that impose a fiduciary duty may require monitoring, as well as require that we undertake additional compliance measures. The Bank's insurance agency subsidiary is subject to regulation and supervision in the various states in which it operates. The administration by the SEC of Regulation Best Interest, as well as any new state laws that impose a fiduciary duty, may negatively impact our results of operations, as well as increase costs associated with legal, compliance, operations, and information technology.
The CFPB has reshaped the consumer financial laws through rulemaking and enforcement of the prohibitions against unfair, deceptive and abusive business practices. Compliance with such initiatives may impact the business operations of depository institutions offering consumer financial products or services, including the Bank.
The CFPB has broad rulemaking authority to administer and carry out federal consumer financial protection laws. In previous years, the CFPB has initiated enforcement actions against a variety of bank and non-bank market participants with respect to a
number of consumer financial products and services that have resulted in those participants expending significant time, money and resources to adjust to the initiatives being pursued by the CFPB.
Past CFPB enforcement actions may serve as precedent for how the CFPB interprets and enforces consumer protection laws, including practices or acts that are deemed to be unfair, deceptive or abusive, with respect to all supervised institutions, which may result in the imposition of higher standards of compliance with such laws. With the change in Administration, there have been, and likely will continue to be, changes in the funding, leadership and staff of the CFPB. This turnover has led to changes in agency policies, tactics and interpretations. The current Administration and Congress have sought, and may continue to seek, to limit the scope and reach of the CFPB’s authority. The extent and timing of any such changes and any resulting impact on our business and financial results cannot be predicted at this time. It is also unclear whether these changes will be reversed, either by the courts or by a later Administration.
The Bank is periodically examined for mortgage-related issues, including mortgage loan and default services, fair lending, and mortgage banking.
Federal and state banking agencies closely examine the mortgage and mortgage servicing activities of depository financial institutions. Should any of these regulators have serious concerns with respect to our mortgage or mortgage servicing activities in this regard, the regulators’ response to such concerns could result in material adverse effects on our growth strategy and profitability.
We may experience unanticipated losses as a result of residential mortgage loan repurchase or reimbursement obligations under agreements with secondary market purchasers.
We may be required to repurchase residential mortgage loans, or to reimburse the purchaser for losses with respect to residential mortgage loans, which have been sold to secondary market purchasers in the event there are breaches of certain representations and warranties contained within the sales agreements, such as representations and warranties related to credit information, loan documentation, collateral and insurability. Consequently, we are exposed to credit risk, and potentially funding risk, associated with sold loans. As a result, we have established reserves in our consolidated financial statements for potential losses related to the residential mortgage loans we have sold. The adequacy of the reserves and the ultimate amount of losses incurred will depend on, among other things, the actual future mortgage loan performance, the actual level of future repurchase and reimbursement requests, the actual success rate of claimants, actual recoveries on the collateral and macroeconomic conditions. Due to uncertainties relating to these factors, there can be no assurance that the reserves we establish will be adequate or that the total amount of losses incurred will not have a material adverse effect on our financial condition or results of operations.
Fee revenues from overdraft protection programs constitute a significant portion of our noninterest income and may become subject to increased supervisory scrutiny.
Revenues derived from transaction fees associated with overdraft protection programs offered to our customers represent a significant portion of our noninterest income. In 2025, the Corporation collected approximately $16.1 million in overdraft transaction fees. Members of Congress and previous leadership of the CFPB and OCC have expressed a heightened interest in bank overdraft protection programs.
In 2023 and 2024, the CFPB brought enforcement actions against a number of financial institutions for overdraft practices that the CFPB alleged to be unlawful and ordered each of these institutions to pay a substantial civil money penalty in addition to customer restitution. The CFPB found that these institutions engaged in unlawful overdraft practices by, among other things, systematically and repeatedly charging fees to customers with insufficient funds in their accounts, imposing overdraft fees without adequate disclosures, charging overdraft fees without proper consent, and misleading customers about the terms and costs of overdraft coverage. The CFPB under the prior Administration published guidance and engaged in rulemaking that imposed limitations on overdraft fees and NSF fees, which were rescinded or repealed in 2025.
In response to this congressional and regulatory scrutiny, and in response to supervision and enforcement of overdraft protection practices, certain banking organizations have modified their overdraft protection programs, including by discontinuing the imposition of overdraft transaction fees. In 2022, the Corporation eliminated NSF fees, overdraft protection transfer fees, and continuous overdraft fees and reduced the daily limit of overdraft fee occurrences from four to two. We may further modify our overdraft program and practices in response to competitive pressures, supervisory guidance and observable trends from public enforcement actions.
We are subject to examinations and challenges by tax authorities.
We are subject to federal and applicable state income tax regulations. Income tax regulations are often complex and require interpretation. Changes in income tax regulations could negatively impact our results of operations. In the normal course of business, we are routinely subject to examinations and challenges from federal and applicable state tax authorities regarding the amount of taxes due in connection with investments we have made and the businesses in which we have engaged. Recently, federal and state taxing authorities have become increasingly aggressive in challenging tax positions taken by financial institutions. These tax positions may relate to tax compliance, sales and use, franchise, gross receipts, payroll, property and income tax issues, including tax base, apportionment and tax credit planning. The challenges made by tax authorities may result in adjustments to the timing or amount of taxable income or deductions or the allocation of income among tax jurisdictions. If any such challenges are made and are not resolved in our favor, they could have a material adverse effect on our financial condition and results of operations.
We are subject to claims and litigation pertaining to fiduciary responsibility.
From time to time, customers make claims and take legal action pertaining to the performance of our fiduciary responsibilities. Whether customer claims and legal action related to the performance of our fiduciary responsibilities are founded or unfounded, if such claims and legal actions are not resolved in a manner favorable to us, they may result in significant financial liability and/or adversely affect the market perception of us and our products and services, as well as impact customer demand for those products and services. Any financial liability or reputation damage could have a material adverse effect on our business, which, in turn, could have a material adverse effect on our financial condition and results of operations.
We may be a defendant in a variety of litigation and other actions, which may have a material adverse effect on our financial condition and results of operations.
We may be involved from time to time in a variety of litigation arising out of our business. Our insurance may not cover all claims that may be asserted against us, and any claims asserted against us, regardless of merit or eventual outcome, may harm our reputation. Should the ultimate judgments or settlements in any litigation exceed our insurance coverage, they could have a material adverse effect on our financial condition and results of operations for any period. We may not be able to obtain appropriate types or levels of insurance in the future, nor may we be able to obtain adequate replacement policies with acceptable terms, if at all.
Negative publicity could damage our reputation.
Reputation risk, or the risk to our earnings and capital from negative public opinion, is inherent in our business. Negative public opinion could adversely affect our ability to keep and attract customers and expose us to adverse legal and regulatory consequences. Negative public opinion could result from our actual or alleged conduct in any number of activities, including lending or foreclosure practices, corporate governance, regulatory compliance, mergers and acquisitions, and disclosure, sharing or inadequate protection of customer information, and from actions taken by government regulators and community organizations in response to that conduct. Because we conduct most of our business under the "Associated Bank" brand, negative public opinion about one business could affect our other businesses.
The speed with which information spreads through news, social media and other sources, including on the internet, means that negative information about the Corporation can rapidly have a broadly adverse impact on its reputation. This is true whether or not the information is accurate. Once information has gone viral, it can be difficult to counter it effectively, either by correcting inaccuracies or communicating remedial steps taken for actual issues. The potential impact of negative information going viral and the ease with which customers transact means that material reputational harm can result from a single discrete or isolated incident.
Ethics or conflict of interest issues could damage our reputation.
We have established a Code of Business Conduct and Ethics and Related Party Transaction Policies and Procedures to address the ethical conduct of business and to avoid potential conflicts of interest. Any system of controls, however well-designed and operated, is based, in part, on certain assumptions and can provide only reasonable, not absolute, assurances that the objectives of the system are met. Any failure or circumvention of our related controls and procedures or failure to comply with the established Code of Business Conduct and Ethics and Related Party Transaction Policies and Procedures could have a material adverse effect on our reputation, business, results of operations, and/or financial condition.
Risks Related to an Investment in Our Securities
The price of our securities can be volatile.
Price volatility may make it more difficult for you to sell your securities when you want and at prices you find attractive. Our securities prices can fluctuate widely in response to a variety of factors including, among other things:
• actual or anticipated variations in quarterly results of operations or financial condition;
• operating results and stock price performance of other companies that investors deem comparable to us;
• news reports relating to trends, concerns, and other issues in the financial services industry;
• perceptions in the marketplace regarding us and/or our competitors;
• new technology used or services offered by competitors;
• significant acquisitions or business combinations, strategic partnerships, joint ventures, or capital commitments by or involving us or our competitors;
• failure to integrate acquisitions or realize anticipated benefits from acquisitions;
• changes in government regulations;
• changes in international trade policy and any resulting disputes or reprisals;
• geopolitical conditions, such as acts or threats of terrorism or military conflicts; and
• recommendations by securities analysts.
General market fluctuations, industry factors, and general economic and political conditions and events, such as economic slowdowns or recessions, interest rate changes, or credit loss trends, could cause our securities prices to decrease regardless of our operating results.
There may be future sales or other dilution of our equity, which may adversely affect the market price of our securities.
We are not restricted from issuing additional securities, including preferred stock, common stock and securities that are convertible into or exchangeable for, or that represent the right to receive, common stock. The issuance of additional shares of common stock or the issuance of convertible securities would dilute the ownership interest of our existing common shareholders. The market price of our common stock could decline as a result of an equity offering, as well as other sales of a large block of shares of our common stock or similar securities in the market after an equity offering, or the perception that such sales could occur. Both we and our regulators perform a variety of analyses of our assets, including the preparation of stress case scenarios, and as a result of those assessments we could determine, or our regulators could require us, to raise additional capital.
We may reduce or eliminate dividends on our common stock.
Although we have historically paid a quarterly cash dividend to the holders of our common stock, holders of our common stock are not entitled to receive dividends. Downturns in the domestic and global economies could cause our board of directors to consider, among other things, the elimination of dividends paid on our common stock. This could adversely affect the market price of our common stock. Furthermore, as a bank holding company, our ability to pay dividends is subject to the guidelines of the Federal Reserve regarding capital adequacy and dividends. Dividends may be limited as a result of safety and soundness considerations.
Common stock is equity and is subordinate to our existing and future indebtedness and preferred stock and effectively subordinated to all the indebtedness and other non-common equity claims against our subsidiaries.
Shares of the common stock are equity interests in us and do not constitute indebtedness. As such, shares of the common stock will rank junior to all of our indebtedness and to other non-equity claims against us and our assets available to satisfy claims against us, including our liquidation. Holders of our common stock are subject to prior dividend and liquidation rights of holders of our outstanding preferred stock. Our board of directors is authorized to issue additional classes or series of preferred
stock without any action on the part of the holders of our common stock, and we are permitted to incur additional debt. Upon liquidation, lenders and holders of our debt securities and preferred stock would receive distributions of our available assets prior to holders of our common stock. Furthermore, our right to participate in a distribution of assets upon any of our subsidiaries’ liquidation or reorganization is subject to the prior claims of that subsidiary’s creditors, including holders of any preferred stock of that subsidiary.
Our articles of incorporation, bylaws, and certain banking laws may have an anti-takeover effect.
Provisions of our articles of incorporation and bylaws, and federal banking laws, including regulatory approval requirements, could make it more difficult for a third party to acquire us, even if doing so would be perceived to be beneficial to our shareholders. The combination of these provisions may prohibit a non-negotiated merger or other business combination, which, in turn, could adversely affect the market price of our common stock.
An investment in our common stock is not an insured deposit.
Our common stock is not a bank deposit and, therefore, is not insured against loss by the FDIC, any other DIF, or by any other public or private entity. An investment in our common stock is inherently risky for the reasons described in this "Risk Factors" section and elsewhere in this report and is subject to the same market forces that affect the price of common stock in any company. As a result, if you acquire our common stock, you may lose some or all of your investment.
General Risk Factors
Changes in our accounting policies or in accounting standards could materially affect how we report our financial results.
Our accounting policies are fundamental to understanding our financial results and condition. Some of these policies require the use of estimates and assumptions that may affect the value of our assets or liabilities and financial results. Some of our accounting policies are critical because they require management to make difficult, subjective and complex judgments about matters that are inherently uncertain and because it is likely that materially different amounts would be reported under different conditions or using different assumptions. If such estimates or assumptions underlying our financial statements are incorrect, we may experience material losses.
From time to time, the FASB and the SEC change the financial accounting and reporting standards or the interpretation of those standards that govern the preparation of our external financial statements. These changes are beyond our control, can be hard to predict and could materially impact how we report our results of operations and financial condition. We could be required to apply a new or revised standard retroactively, resulting in our restating prior period financial statements in material amounts.
Our internal controls may be ineffective.
Management regularly reviews and updates our internal controls, disclosure controls and procedures, and corporate governance policies and procedures. Any system of controls, however well-designed and operated, is based in part on certain assumptions and can provide only reasonable, not absolute, assurances that the objectives of the controls are met. Any failure or circumvention of our controls and procedures or failure to comply with regulations related to controls and procedures could have a material adverse effect on our business, results of operations, and financial condition.
We may not be able to attract and retain skilled people.
Our success depends, in large part, on our ability to attract and retain skilled people. Competition for the best people in most activities engaged in by us can be intense, and we may not be able to hire sufficiently skilled people or to retain them. The unexpected loss of services of one or more of our key personnel could have a material adverse impact on our business because of their skills, knowledge of our markets, years of industry experience, and the difficulty of promptly finding qualified replacement personnel.
Loss of key colleagues may disrupt relationships with certain customers.
Our business is primarily relationship-driven in that many of our key colleagues have extensive customer relationships. Loss of a key colleague with such customer relationships may lead to the loss of business if the customers were to follow that colleague to a competitor or otherwise choose to transition to another financial services provider. While we believe our relationship with
our key personnel is good, we cannot guarantee that all of our key personnel will remain with our organization. Loss of such key personnel could result in the loss of some of our customers.
