9

Overdrafts

The Electronic Funds Transfer Act, as implemented by the Federal Reserve’s Regulation E, governs transfers initiated

through automated teller machines (“ATMs”), point-of-sale terminals, and other electronic banking services. Regula-

tion E prohibits financial institutions from assessing an overdraft fee for paying ATM and one-time point-of-sale debit

card transactions, unless the customer affirmatively opts in to the overdraft service for those types of transactions. The

opt-in provision establishes requirements for clear disclosure of fees and terms of overdraft services for ATM and one-

time debit card transactions. The rule does not apply to other types of transactions, such as check, automated clearing-

house (“ACH”) and recurring debit card transactions. Additionally, in November 2010 the FDIC issued its Overdraft

Guidance on automated overdraft service programs, to ensure that a bank mitigates the risks associated with offering

automated overdraft payment programs and complies with all consumer protection laws and regulations. The proce-

dural changes and fee adjustments necessitated by those regulatory changes resulted in lower overdraft income for the

Company, and could further adversely impact non-interest income in the future.

Consumer Financial Protection and Financial Privacy

Dodd-Frank created the Consumer Finance Protection Bureau (the “CFPB”) as an independent entity with broad

rulemaking, supervisory and enforcement authority over consumer financial products and services including deposit

products, residential mortgages, home-equity loans and credit cards. The CFPB’s functions include investigating con-

sumer complaints, conducting market research, rulemaking, supervising and examining bank consumer transactions,

and enforcing rules related to consumer financial products and services. CFPB regulations and guidance apply to all

financial institutions, including the Bank, although only banks with $10 billion or more in assets are subject to exami-

nation by the CFPB. Banks with less than $10 billion in assets, including the Bank, will continue to be examined for

compliance by their primary federal banking agency.

In January 2013, the CFPB issued final regulations governing primarily consumer mortgage lending. One rule which

became effective in January 2014 imposes additional requirements on lenders, including rules designed to require lend-

ers to ensure borrowers’ ability to repay their mortgages. The CFPB also finalized a rule on escrow accounts for higher

priced mortgage loans and a rule expanding the scope of the high-cost mortgage provision in the Truth in Lending Act.

The CFPB also issued final rules implementing provisions of the Dodd-Frank Act that relate to mortgage servicing. In

November 2013 the CFPB issued a final rule on integrated and simplified mortgage disclosures under the Truth in

Lending Act and the Real Estate Settlement Procedures Act, which became effective in October 2015.

The CFPB has broad rulemaking authority for a wide range of consumer financial laws that apply to all banks, including,

among other things, the authority to prohibit “unfair, deceptive or abusive” acts and practices. Abusive acts or practices

are defined as those that materially interfere with a consumer’s ability to understand a term or condition of a consumer

financial product or service or take unreasonable advantage of a consumer’s: (i) lack of financial savvy, (ii) inability

to protect himself in the selection or use of consumer financial products or services, or (iii) reasonable reliance on a

covered entity to act in the consumer’s interests.

The Bank continues to be subject to numerous other federal and state consumer protection laws that extensively govern

its relationship with its customers. These laws include the Equal Credit Opportunity Act, the Fair Credit Reporting

Act, the Truth in Lending Act, the Truth in Savings Act, the Electronic Fund Transfer Act, the Expedited Funds Avail-

ability Act, the Home Mortgage Disclosure Act, the Fair Housing Act, the Real Estate Settlement Procedures Act, the

Fair Debt Collection Practices Act, the Right to Financial Privacy Act, the Service Members Civil Relief Act, and

respective state-law counterparts to these laws, as well as state usury laws and laws regarding unfair and deceptive acts

and practices. These and other laws require disclosures including the cost of credit and terms of deposit accounts,

provide substantive consumer rights, prohibit discrimination in credit transactions, regulate the use of credit report

information, provide financial privacy protections, prohibit unfair, deceptive and abusive practices, restrict the

Company’s ability to raise interest rates and subject the Company to substantial regulatory oversight.

In addition, the Bank, like all other financial institutions, is required to maintain the privacy of its customers’ non-

public, personal information. Such privacy requirements direct financial institutions to: (i) provide notice to customers

regarding privacy policies and practices; (ii) inform customers regarding the conditions under which their non-public

personal information may be disclosed to non-affiliated third parties; and (iii) give customers an option to prevent

disclosure of such information to non-affiliated third parties.