8

competitive influences or because certain required practices for larger institutions may subsequently become expected

“best practices” for smaller institutions. We expect to see continued increases in the attention and resources devoted

by the Company to ensure compliance with the statutory and regulatory requirements engendered by Dodd-Frank.

Deposit Insurance

The Bank’s deposits are insured up to maximum applicable limits under the Federal Deposit Insurance Act, and the

Bank is subject to deposit insurance assessments to maintain the FDIC’s Deposit Insurance Fund (the “DIF”). In

October 2010, the FDIC adopted a revised restoration plan to ensure that the DIF’s designated reserve ratio (“DRR”)

reaches 1.35% of insured deposits by September 30, 2020, the deadline mandated by the Dodd-Frank Act. However,

financial institutions like Bank of the Sierra with assets of less than $10 billion are exempted from the cost of this

increase. Furthermore, the restoration plan proposed an increase in the DRR to 2% of estimated insured deposits as a

long-term goal for the fund. The FDIC also proposed future assessment rate reductions in lieu of dividends, when the

DRR reaches 1.5% or greater.

As noted above, the Dodd-Frank Act provided for a permanent increase in FDIC deposit insurance per depositor from

$100,000 to $250,000 retroactive to January 1, 2008. Furthermore, the FDIC redefined its deposit insurance premium

assessment base from an institution’s total domestic deposits to its total assets less tangible equity, effective in the

second quarter of 2011. The changes to the assessment base necessitated changes to assessment rates, which became

effective April 1, 2011. The revised assessment rates are lower than prior rates but the assessment base is larger, so

approximately the same amount of assessment revenue is being collected by the FDIC. We are generally unable to

control the amount of premiums that we are required to pay for FDIC insurance. If there are additional bank or financial

institution failures or if the FDIC otherwise determines, we may be required to pay even higher FDIC premiums, which

may have a material adverse effect on our earnings and could have a material adverse effect on the value of, or market

for, our common stock.

In addition to DIF assessments, banks must pay quarterly assessments that are applied to the retirement of Financing

Corporation bonds issued in the 1980’s to assist in the recovery of the savings and loan industry. The assessment

amount fluctuates, but was 0.60 basis points of insured deposits for the fourth quarter of 2015. Those assessments will

continue until the Financing Corporation bonds mature in 2019.

Community Reinvestment Act

The Bank is subject to certain requirements and reporting obligations involving Community Reinvestment Act (“CRA”)

activities. The CRA generally requires federal banking agencies to evaluate the record of a financial institution in

meeting the credit needs of its local communities, including low and moderate income neighborhoods. The CRA further

requires the agencies to consider a financial institution’s efforts in meeting its community credit needs when evaluating

applications for, among other things, domestic branches, mergers or acquisitions, or the formation of holding

companies. In measuring a bank’s compliance with its CRA obligations, the regulators utilize a performance-based

evaluation system under which CRA ratings are determined by the bank’s actual lending, service, and investment

performance, rather than on the extent to which the institution conducts needs assessments, documents community

outreach activities or complies with other procedural requirements. In connection with its assessment of CRA

performance, the FDIC assigns a rating of “outstanding,” “satisfactory,” “needs to improve” or “substantial

noncompliance.” The Bank most recently received a “satisfactory” CRA assessment rating in August 2013.

Privacy and Data Security

The Gramm-Leach-Bliley Act, also known as the Financial Modernization Act of 1999 (the “Financial Modernization

Act”), imposed requirements on financial institutions with respect to consumer privacy. Financial institutions, however,

are required to comply with state law if it is more protective of consumer privacy than the Financial Modernization Act.

The Financial Modernization Act generally prohibits disclosure of consumer information to non-affiliated third parties

unless the consumer has been given the opportunity to object and has not objected to such disclosure. The statute also

directed federal regulators, including the Federal Reserve and the FDIC, to establish standards for the security of con-

sumer information, and requires financial institutions to disclose their privacy policies to consumers annually.