{ "ticker": "CFG", "company": "Citizens Financial Group Inc.", "filing_type": "10-K", "year_current": "2024", "year_prior": "2023", "summary": { "added": 5, "removed": 5, "modified": 31, "unchanged": 35, "total_current": 71, "total_prior": 71 }, "source": "SEC EDGAR", "url": "https://riskdiff.com/cfg/2024-vs-2023/", "markdown_url": "https://riskdiff.com/cfg/2024-vs-2023/index.md", "json_url": "https://riskdiff.com/cfg/2024-vs-2023/index.json", "generated": "2026-05-11", "ai_summary": "Citizens Financial Group's 2024 10-K reflects a shift from LIBOR discontinuance concerns to forward-looking regulatory requirements, replacing five discontinued risks with five new ones including long-term debt requirements and sustainability disclosures. The most substantive changes center on evolving regulatory frameworks, with modifications to prudential standards, capital and stress testing requirements, and heightened governance standards representing the company's response to updated regulatory expectations. Notably, the risk around financial estimates was reframed to emphasize subjective determinations and their potential material impact on financial condition, while ESG-related risks were reconceptualized under a sustainability framework.", "risks": [ { "status": "ADDED", "current_title": "Sustainability", "prior_title": null, "current_body": "Our efforts relative to ESG matters are aligned with the needs, interests, and expectations of our stakeholders and are divided into four focus areas: Leading with Robust Corporate Governance, Driving Positive Climate Impact, Building the Workforce of the Future, and Fostering Strong Communities. These areas speak to the strengths of our company, align with our business priorities, and define how we can have an outsized impact on our business, society, and the planet. In 2023, we announced a $50 billion Sustainable Finance Target, including $5 billion in green financing, by 2030. As part of this announcement, we committed to engage corporate clients in high-emitting sectors on climate-related topics, beginning with a target to engage 100% of our Oil & Gas clients by the end of 2024. In addition, we committed to achieving carbon neutrality by 2035. For more details regarding ESG and other corporate responsibility matters, go to our website." }, { "status": "ADDED", "current_title": "Enhanced Prudential Standards and Regulatory Tailoring Rules", "prior_title": null, "current_body": "As a BHC with over $100 billion in total consolidated assets, we are currently subject to enhanced prudential standards and associated capital and liquidity rules (“Tailoring Rules”). The Tailoring Rules assign each BHC, including its bank subsidiaries, to one of four categories based on its size and certain risk-based indicators. CFG and CBNA are each subject to Category IV standards, the least restrictive of the requirements under the Tailoring Rules. As discussed in greater detail in “Capital and Stress Testing Requirements” and “Long-Term Debt Requirements”, the federal banking regulators proposed sweeping changes to the regulatory capital and liquidity rules that would significantly impact the application of those rules to the Company." }, { "status": "ADDED", "current_title": "Capital and Stress Testing Requirements", "prior_title": null, "current_body": "We are required to comply with the U.S. Basel III rules, which establish risk-based and leverage capital requirements. The risk-based requirements are based on a banking organization’s RWA, which is inclusive of the organization’s on- and off-balance sheet exposures. We calculate RWA using the standardized approach and have made the AOCI opt-out election, permitting us to exclude components of AOCI from regulatory capital. The leverage requirements are based on a banking organization’s average consolidated on-balance sheet assets. Under the U.S. Basel III rules, the minimum capital ratios are: •CET1 capital ratio of 4.5%; •Tier 1 capital ratio of 6.0%; •Total capital ratio of 8.0%; and •Tier 1 leverage ratio of 4.0%. For BHCs with $100 billion or more in assets, such as us, the FRB’s capital rules impose an institution-specific SCB on top of each of the three minimum risk-based capital ratios listed above. Banking institutions that fail to meet the effective minimum ratios including the SCB will be subject to constraints on capital distributions, including dividends and share repurchases, and certain discretionary executive compensation. The severity of the constraints depends on the amount of the shortfall and the institution’s “eligible retained income”, defined as the greater of four quarter trailing net income net of distributions and tax effects not reflected in net income, or the average four quarter trailing net income. On January 1, 2020, we adopted the CECL accounting standard. In reaction to the COVID disruption, on September 30, 2020, the federal banking regulators adopted a final rule relative to regulatory capital treatment of the ACL under CECL. This rule allowed electing banking organizations to delay the estimated impact of CECL on regulatory capital for a two-year period ending December 31, 2021, followed by a three-year transition period ending December 31, 2024. The three-year transition period will phase-in the reversal of the aggregate amount of the capital benefit provided during the initial two-year delay. As a Category IV firm under the Tailoring Rules, we are subject to biennial supervisory stress testing and are exempt from company-run stress testing and related disclosure requirements. The FRB supervises Category IV firms on an ongoing basis, including evaluating the capital adequacy and capital planning processes of firms during off-cycle years. We are required to develop, maintain and submit an annual capital plan for review and approval by our Board of Directors, or one of its committees, as well as FR Y-14 reporting requirements. On July 27, 2023, the federal banking regulators issued a proposal to implement the Basel Committee on Banking Supervision’s finalization of the post-crisis bank regulatory capital reforms. The proposal, commonly referred to as Basel III “Endgame,” would significantly revise the capital requirements applicable to large banking organizations with total assets of $100 billion or more, including the Company. Under the proposal, Category III and IV firms, including the Company as a Category IV firm, would become subject to the same capital treatment regarding the inclusion of AOCI, deductions, and rules for minority interest as Category I and II firms. The proposal would also replace the existing models-based approaches for credit and operational risk, which currently apply only to Category I and II firms, with two new approaches applicable to Category I through IV firms. The first would use the existing standardized approach and a proposed revised market risk capital rule. The second would use a new expanded risk-based approach, consisting of new non-models-based approaches for credit risk, operational risk and credit valuation adjustment risk, as well as the proposed revised market risk capital rule. The approach resulting in the lower ratio would establish the binding ratio for purposes of satisfying regulatory capital requirements and buffers, including the SCB. Category III and IV firms would also be required to calculate counterparty credit exposure relating to derivative transactions using the standardized approach for counterparty credit risk. Additionally, Category IV firms would become subject to the supplementary leverage ratio and the countercyclical capital buffer. The Company estimates a pro forma CET1 ratio, adjusted for the AOCI opt-out removal, of 9.0% as of December 31, 2023. In addition, the proposal is estimated to modestly increase our RWA on a fully phased-in basis. Under the proposal, the rule would take effect on July 1, 2025, with a three-year phase-in of the capital impact through June 30, 2028. Comments on the proposal were due by January 16, 2024. We continue to evaluate the full impact of the proposal. For more details regarding our regulatory capital and SCB, see the “Capital and Regulatory Matters” section of Item 7. We are also subject to the FRB's risk-based capital requirements for market risk. See the “Market Risk” section of Item 7 for additional details." }, { "status": "ADDED", "current_title": "Long-Term Debt Requirements", "prior_title": null, "current_body": "On August 29, 2023, the federal banking regulators issued a proposal that would require large bank holding companies and IDIs with total assets of $100 billion or more, such as CFG and CBNA, to maintain a minimum amount of long-term debt. The joint agency proposal aims to increase the resolvability and resiliency of large banking organizations by mandating a long-term debt requirement to provide the regulatory agencies additional resources to resolve failed banking organizations, foster depositor confidence, and decrease costs to the DIF in the event of a large banking organization failure. Under the proposal, large bank holding companies and IDIs would each be required to maintain a minimum amount of eligible long-term debt equal to the greater of 6 percent of RWA, 3.5 percent of average total consolidated assets, and 2.5 percent of total leverage exposure for those banks subject to the supplementary leverage ratio. The proposal also prohibits large banking organizations from engaging in certain activities that could complicate their resolution and discourages them from holding long-term debt issued by other banks to reduce interconnectedness. The proposal provides for a three-year transition period, with 25 percent of the long-term debt requirement to be met one year after the rule is finalized, 50 percent after two years, and 100 percent after three years. Comments on the proposal were due by January 16, 2024. We continue to evaluate the full impact of the proposal." }, { "status": "ADDED", "current_title": "The preparation of our financial statements requires us to make subjective determinations and use estimates that may vary from actual results and materially impact our financial condition and results of operations.", "prior_title": null, "current_body": "The preparation of consolidated financial statements in conformity with GAAP requires management to make significant estimates that affect the financial statements. Our accounting policies and methods are fundamental to how we record and report our financial condition and results of operations and, at times, require management to exercise judgment in their application so as to report our financial condition and results of operations in the most appropriate manner. Certain accounting policies are critical because they require management to make difficult, subjective or complex judgments about matters that are inherently uncertain and the likelihood that materially different estimates would result under different conditions or through the utilization of different assumptions. Our critical accounting estimates include the ACL, estimations of fair value and review of goodwill for impairment. If our estimates are inaccurate or need to be adjusted periodically, our financial condition and results of operations could be materially impacted. For more information regarding our use of estimates in the preparation of our consolidated financial statements, see Note 1 in Item 8 and the “Critical Accounting Estimates” section in Item 7." }, { "status": "REMOVED", "current_title": null, "prior_title": "Environmental, Social and Governance", "prior_body": "Investors have begun to consider how corporations are addressing ESG matters when making investment decisions. Specifically, certain investors are beginning to incorporate the business risks of climate change and the adequacy of a company’s response to climate change as part of their investment strategy. In 2021, we announced targets to reduce our Scope 1 and 2 greenhouse gas emissions 30% by 2025 and 50% by 2035, based on our 2016 baseline. These reductions align with the recommendations of the Paris Agreement, which aims to limit average global temperature increase to well below 2 degrees Celsius compared to pre-industrial levels. In 2022, we published our fifth annual Corporate Responsibility Report and completed the CDP’s Climate Change Questionnaire for the seventh time. We also issued our inaugural Task Force on Climate-related Financial Disclosures (“TCFD”) report and expanded our climate commitment by: •joining the Partnership for Carbon Accounting Financials (“PCAF”), a collaboration among worldwide financial institutions working to develop and implement a harmonized approach to assess and disclose greenhouse gas (“GHG”) emissions associated with loans and investments; •participating in the Risk Management Association Climate Risk Consortium, a financial industry group dedicated to advancing best practices in climate risk management; and •entering into a virtual power purchase agreement with Ørsted, supporting the construction of the Sunflower Wind Project in Kansas, which will offset 100% of our power consumption across our entire operational footprint with renewable energy credits. For more details regarding ESG and other corporate responsibility matters, go to our website." }, { "status": "REMOVED", "current_title": null, "prior_title": "Tailoring of Prudential Requirements", "prior_body": "The FRB and the other federal banking regulators have enacted rules that tailor the application of the enhanced prudential standards to BHCs and depository institutions to implement the Economic Growth, Regulatory Relief, and Consumer Protection Act of 2018 amendments to the Dodd-Frank Act (“Tailoring Rules”). Under the Tailoring Rules, we are subject to “Category IV standards,” which apply to banking organizations with at least $100 billion in total consolidated assets that do not meet any of the thresholds specified for Categories I through III. We discuss other elements of the Tailoring Rules where relevant below. The liquidity requirements are described below under “—Liquidity Requirements,” and the stress testing requirements are described below under “—Capital Planning and Stress Testing Requirements.”" }, { "status": "REMOVED", "current_title": null, "prior_title": "Capital Planning and Stress Testing Requirements", "prior_body": "Under the Tailoring Rules, Category IV firms, such as us, are subject to biennial supervisory stress testing and are exempt from company-run stress testing and related disclosure requirements. The FRB continues to supervise Category IV firms on an ongoing basis, including evaluation of the capital adequacy and capital planning processes during off-cycle years. We remain subject to the requirement to develop, maintain and submit an annual capital plan for review and approval by our board of directors, or one of its committees, as well as FR Y-14 reporting requirements. Regulations relating to capital planning, regulatory reporting, and stress testing and capital buffer requirements applicable to firms like us are presently subject to rule making and potential further guidance and interpretation by the applicable federal regulators. We will continue to evaluate the impact of these and any other prudential regulatory changes, including their potential resultant changes in our regulatory and compliance costs and expenses. For more detail on our capital planning and stress testing requirements see the “Capital and Regulatory Matters” section of Item 7." }, { "status": "REMOVED", "current_title": null, "prior_title": "Changes in the method pursuant to which the LIBOR and other benchmark rates are calculated and their planned discontinuance could adversely impact our business operations and financial results.", "prior_body": "Many of our lending products, securities, derivatives, and other financial transactions utilize a benchmark rate, such as LIBOR, to determine the applicable interest rate or payment amount. The U.K. Financial Conduct Authority and the ICE Benchmark Administration have announced that the publication of the most commonly used U.S. Dollar LIBOR tenors will cease to be provided or cease to be representative after June 30, 2023. The publication of all other LIBOR settings ceased to be provided or ceased to be representative as of December 31, 2021. The Adjustable Interest Rate (LIBOR) Act (LIBOR Act), enacted in March 2022, provides a statutory framework to replace U. S. Dollar LIBOR with a benchmark rate based on the Secured Overnight Financing Rate (SOFR) for contracts governed by U.S. law that have no fallbacks or fallbacks that would require the use of a poll or LIBOR-based rate, and in December 2022, the FRB adopted rules which identify different SOFR-based replacement rates for derivative contracts, for cash instruments such as floating-rate notes and preferred stock, for consumer loans, for certain government-sponsored enterprise contracts and for certain asset-backed securities. We continue to monitor market developments and regulatory updates related to the cessation of LIBOR, as well as collaborate with regulators and industry groups on the transition. As the transition from LIBOR is ongoing, there continues to be uncertainty as to the ultimate effect of the transition on the financial markets for LIBOR-linked financial instruments. The discontinuation of a benchmark rate, changes in a benchmark rate, or changes in market perceptions of the acceptability of a benchmark rate, including LIBOR, could, among other things, adversely affect the value of and return on certain of our financial instruments or products, result in changes to our risk exposures, or require renegotiation of previous transactions. In addition, any such discontinuation or changes, whether actual or anticipated, could result in market volatility, increased compliance, legal and operational costs, and risks associated with customer disclosures and contract negotiations. Although the LIBOR Act includes safe harbors if the FRB-identified SOFR-based replacement rate is selected, these safe harbors are untested. As a result, and despite the enactment of the LIBOR Act, for the most commonly used U.S. Dollar LIBOR settings, the use or selection of a successor rate could also expose us to risks associated with disputes with customers and other market participants in connection with implementing LIBOR fallback provisions. For more information on our LIBOR transition, see the “Market Risk” section in Item 7." }, { "status": "REMOVED", "current_title": null, "prior_title": "The preparation of our financial statements requires the use of estimates that may vary from actual results. Particularly, various factors may cause our Allowance for Credit Losses to increase.", "prior_body": "The preparation of audited Consolidated Financial Statements in conformity with GAAP requires management to make significant estimates that affect the financial statements. Our most critical accounting estimate is the ACL. The ACL is a reserve established through a provision for credit losses charged to expense and represents our estimate of expected credit losses within the existing loan and lease portfolio and unfunded lending commitments. The level of the ACL is based on periodic evaluation of the loan and lease portfolios and unfunded lending commitments that are not unconditionally cancellable considering a number of relevant underlying factors, including key assumptions and evaluation of quantitative and qualitative information. The determination of the appropriate level of the ACL inherently involves a degree of subjectivity and requires that we make significant estimates of current credit risks and future trends, all of which may undergo material changes. Changes in economic conditions affecting borrowers, the stagnation of certain economic indicators that we are more susceptible to, such as unemployment and real estate values, new information regarding existing loans, identification of additional problem loans and other factors, both within and outside our control, may require an increase in the ACL. In addition, bank regulatory agencies periodically review our ACL and may require an increase in the ACL or the recognition of further loan charge-offs, based on judgments that can differ from those of our own management. In addition, if charge-offs in future periods exceed the ACL—that is, if the ACL is inadequate—we will need to recognize additional provision for credit losses. Should such additional provision expense become necessary, it would result in a decrease in net income and capital and may have a material adverse effect on us. For more information regarding our use of estimates in preparation of financial statements, see Note 1 in Item 8 and the “Critical Accounting Estimates” section in Item 7." }, { "status": "MODIFIED", "current_title": "Our financial and accounting estimates and risk management framework rely on analytical forecasting and models.", "prior_title": "Our financial and accounting estimates and risk management framework rely on analytical forecasting and models.", "similarity_score": 0.919, "confidence": "high", "key_changes": [ "Reworded sentence: \"The processes we use to estimate loan losses, measure the fair value of financial instruments and estimate the effects of changing interest rates and other market measures on our financial condition and results of operations are reliant upon the use of analytical and forecasting models.\"" ], "current_body": "The processes we use to estimate loan losses, measure the fair value of financial instruments and estimate the effects of changing interest rates and other market measures on our financial condition and results of operations are reliant upon the use of analytical and forecasting models. Some of our tools and metrics for managing risk are based on observed historical market behavior, and we rely on quantitative models to measure risks and to estimate certain financial values. Models may be used in processes such as determining the pricing of various products, grading loans and extending credit, measuring interest rate and other market risks, predicting losses, assessing capital adequacy and calculating regulatory capital levels, as well as estimating the value of financial instruments and balance sheet items. Poorly designed or implemented models could adversely affect our business decisions if the information is inadequate. In addition, our models may fail to predict future risk exposures if the information used is inaccurate, obsolete or not sufficiently comparable to actual events as they occur. We seek to incorporate appropriate historical data in our models, but the range of market values and behaviors reflected in any period of historical data is not always predictive of future developments in any particular period and the period of data we incorporate into our models may turn out to be inappropriate for the future period being modeled. In these instances, our ability to manage risk would be limited and our risk exposure and losses could be significantly greater than our models indicated, which could harm our reputation and adversely affect our revenues and profits. Finally, information provided to our regulators based on poorly designed or implemented models could be inaccurate or insufficient. Some of the decisions that our regulators make, including those related to capital distributions to our stockholders, could be adversely affected due to their perception that the quality of the models used to generate the relevant information is insufficient.", "prior_body": "The processes we use to estimate our inherent loan losses and to measure the fair value of financial instruments, as well as the processes used to estimate the effects of changing interest rates and other market measures on our financial condition and results of operations, depends upon the use of analytical and forecasting models. Some of our tools and metrics for managing risk are based upon our use of observed historical market behavior. We rely on quantitative models to measure risks and to estimate certain financial values. Models may be used in such processes as determining the pricing of various products, grading loans and extending credit, measuring interest rate and other market risks, predicting losses, assessing capital adequacy and calculating regulatory capital levels, as well as estimating the value of financial instruments and balance sheet items. Poorly designed or implemented models present the risk that our business decisions based on information incorporating such models will be adversely affected due to the inadequacy of that information. Moreover, our models may fail to predict future risk exposures if the information used in the model is incorrect, obsolete or not sufficiently comparable to actual events as they occur. We seek to incorporate appropriate historical data in our models, but the range of market values and behaviors reflected in any period of historical data is not at all times predictive of future developments in any particular period and the period of data we incorporate into our models may turn out to be inappropriate for the future period being modeled. In such case, our ability to manage risk would be limited and our risk exposure and losses could be significantly greater than our models indicated. In addition, if existing or potential customers believe our risk management is inadequate, they could take their business elsewhere. This could harm our reputation as well as our revenues and profits. Finally, information we provide to our regulators based on poorly designed or implemented models could also be inaccurate or insufficient. Some of the decisions that our regulators make, including those related to capital distributions to our stockholders, could be adversely affected due to their perception that the quality of the models used to generate the relevant information is insufficient." }, { "status": "MODIFIED", "current_title": "Heightened Risk Governance Standards", "prior_title": "Heightened Risk Governance Standards", "similarity_score": 0.901, "confidence": "high", "key_changes": [ "Reworded sentence: \"CBNA is subject to OCC guidelines that impose heightened risk governance standards on large national banks with average total consolidated assets of $50 billion or more.\"", "Reworded sentence: \"A bank’s board of directors is required to have two members who are independent of bank and parent company management, ensure that the risk governance framework meets the appropriate standards, provide active oversight and a credible challenge to management’s recommendations and decisions, and ensure that decisions made by the parent company do not jeopardize the safety and soundness of the bank.\"" ], "current_body": "CBNA is subject to OCC guidelines that impose heightened risk governance standards on large national banks with average total consolidated assets of $50 billion or more. The guidelines set forth minimum standards for the design and implementation of a bank’s risk governance framework and its associated oversight by a bank’s board of directors. The guidelines are intended to protect the safety and soundness of covered banks and improve the ability of bank examiners to assess compliance with the OCC’s expectations. Under the guidelines, a bank may use the risk governance framework of its parent company if it meets the minimum standards and the risk profiles of the parent company and the covered bank are substantially the same, along with certain other conditions. CBNA has elected to use the Parent Company’s risk governance framework. A bank’s board of directors is required to have two members who are independent of bank and parent company management, ensure that the risk governance framework meets the appropriate standards, provide active oversight and a credible challenge to management’s recommendations and decisions, and ensure that decisions made by the parent company do not jeopardize the safety and soundness of the bank.", "prior_body": "CBNA is subject to OCC guidelines imposing heightened risk governance standards on large national banks with average total consolidated assets of $50 billion or more. The guidelines set forth minimum standards for the design and implementation of a bank’s risk governance framework, and minimum standards for oversight of that framework by a bank’s board of directors. The guidelines are intended to protect the safety and soundness of covered banks and improve bank examiners’ ability to assess compliance with the OCC’s expectations. Under the guidelines, a bank may use its parent company’s risk governance framework if the framework meets the minimum standards, the risk profiles of the parent company and the covered bank are substantially the same, and certain other conditions are met. CBNA has elected to use the Parent Company’s risk governance framework. A bank’s board of directors is required to have two members who are independent of the bank and parent company management. A bank’s board of directors is responsible for ensuring that the risk governance framework meets the standards in the guidelines, providing active oversight and a credible challenge to management’s recommendations and decisions and ensuring that the parent company decisions do not jeopardize the safety and soundness of the bank." }, { "status": "MODIFIED", "current_title": "We are subject to a variety of cybersecurity risks that, if realized, could adversely affect how we conduct our business.", "prior_title": "We are subject to a variety of cybersecurity risks that, if realized, could adversely affect how we conduct our business.", "similarity_score": 0.881, "confidence": "high", "key_changes": [ "Reworded sentence: \"Evolving technologies and the increased sophistication and activities of organized crime, hackers, terrorists, nation-states, activists and other external parties present a significant information security risk to large financial institutions such as us.\"", "Reworded sentence: \"Risks related to cyber-attacks on our vendors and other third parties, including supply chain attacks affecting our software and information technology service providers, are on the rise as such attacks become more frequent and severe.\"", "Reworded sentence: \"Although we believe that we have appropriate information security procedures and controls based on our adherence to applicable laws and regulations and industry standards, our technologies, systems, and networks may be the target of cyber-attacks or information security breaches that could result in the unauthorized release, gathering, monitoring, misuse, theft, sale or loss or destruction of the confidential and/or proprietary information of CFG, and our customers, vendors, counterparties, or employees.\"", "Reworded sentence: \"Two of the most significant cyber-attack risks that we face as a result of these fraudulent schemes are potential loss of funds resulting from customers falling victim to cybercriminal communications directed to them or unauthorized access to sensitive customer data.\"", "Reworded sentence: \"Due to the complexity and interconnectedness of information technology systems, the process of enhancing our layers of defense can itself create a risk of system disruptions and security issues.\"" ], "current_body": "Evolving technologies and the increased sophistication and activities of organized crime, hackers, terrorists, nation-states, activists and other external parties present a significant information security risk to large financial institutions such as us. Third parties with whom we or our customers do business also present operational and information security risks to us, including security breaches or failures of their own systems. Risks related to cyber-attacks on our vendors and other third parties, including supply chain attacks affecting our software and information technology service providers, are on the rise as such attacks become more frequent and severe. Employee error, failure to follow security procedures, or malfeasance also present these risks. Our operations rely on the secure processing, transmission and storage of confidential information in our computer systems and networks as well as in the third-party computer systems and networks used to provide products and services on our behalf. Although we believe that we have appropriate information security procedures and controls based on our adherence to applicable laws and regulations and industry standards, our technologies, systems, and networks may be the target of cyber-attacks or information security breaches that could result in the unauthorized release, gathering, monitoring, misuse, theft, sale or loss or destruction of the confidential and/or proprietary information of CFG, and our customers, vendors, counterparties, or employees. We and our third-party vendors are under continuous threat of loss or network degradation due to cyber-attacks, such as computer viruses, malicious or destructive code, phishing attacks, ransomware, and Distributed Denial of Service (“DDoS”) attacks (collectively, “fraudulent schemes”). Also, our customers are routinely the target of fraudulent schemes. This is especially true as we continue to expand customer capabilities to utilize the Internet and other remote channels to transact business. Two of the most significant cyber-attack risks that we face as a result of these fraudulent schemes are potential loss of funds resulting from customers falling victim to cybercriminal communications directed to them or unauthorized access to sensitive customer data. Cybercriminals can use fraudulent schemes directly targeting our customers or our own systems to compromise and directly extract funds from a customer’s account or access sensitive customer data. Certain technology protections such as Customer Profiling and Step-Up Authentications are implemented so that we are compliant with the FFIEC Authentication and Access to Financial Institution Services and Systems guidelines. As cyber threats continue to evolve, we may be required to expend significant additional resources to continue to modify or enhance our layers of defense, to investigate and remediate any information security vulnerabilities internally, to assess and mitigate issues associated with customers that have fallen victim to fraudulent schemes, and perform additional due diligence with respect to our third-party vendors. System enhancements and updates may also create risks associated with implementing new systems and integrating them with existing ones. Due to the complexity and interconnectedness of information technology systems, the process of enhancing our layers of defense can itself create a risk of system disruptions and security issues. In addition, addressing certain information security vulnerabilities, such as hardware-based vulnerabilities, may affect the performance of our information technology systems. The ability of our hardware and software providers to deliver patches and updates to mitigate vulnerabilities in a timely manner can introduce additional risks, particularly when a vulnerability is being actively exploited by threat actors. Cyber-attacks against the patches themselves have also proven to be a significant risk that companies will have to address going forward. Despite our efforts to prevent a cyber-attack, a successful cyber-attack could persist for an extended period of time before being detected, and, following detection, could take considerable time for us to obtain full and reliable information about the cybersecurity incident and the extent, amount and type of information compromised. During the course of an investigation, we may not necessarily know the full effects of the incident or how to remediate it, and actions and decisions that are taken or made in an effort to mitigate risk may further increase the costs and other negative consequences of the incident. Moreover, new regulations may require us to disclose information about a cybersecurity event before it has been resolved or fully investigated. The techniques used by cyber criminals change frequently, may not be recognized until launched and can be initiated from a variety of sources, including terrorist organizations and hostile foreign governments. These actors may attempt to fraudulently induce employees, customers or other third-party users of our systems to disclose sensitive information in order to gain access to data or our systems. In the event that a cyber-attack is successful, our business, financial condition or results of operations may be adversely affected. For a discussion of the guidance that regulators have released regarding cybersecurity and cyber risk management standards, see the “Regulation and Supervision” section of Item 1.", "prior_body": "Information security risks for large financial institutions such as us have increased significantly in recent years in part because of the proliferation of new technologies, such as the internet and mobile banking to conduct financial transactions, and the increased sophistication and activities of organized crime, hackers, terrorists, nation-states, activists and other external parties. Third parties with whom we or our customers do business also present operational and information security risks to us, including security breaches or failures of their own systems. Risks relating to cyber-attacks on our vendors and other third parties, including supply chain attacks affecting our software and information technology service providers, have been rising as such attacks become increasingly frequent and severe. The possibility of employee error, failure to follow security procedures, or malfeasance also presents these risks, particularly given the recent trend towards remote work arrangements. Our operations rely on the secure processing, transmission and storage of confidential information in our computer systems and networks as well as in the third-party computer systems and networks used to provide products and services on our behalf. In addition, to access our products and services, our customers may use personal computers, smartphones, tablets, and other mobile devices that are beyond our control environment. Although we believe that we have appropriate information security procedures and controls based on our adherence to applicable laws and regulations, industry standards and best practices, our technologies, systems, networks and our customers’ devices may be the target of cyber-attacks or information security breaches that could result in the unauthorized release, gathering, monitoring, misuse, theft, sale or loss or destruction of the confidential, and/or proprietary information of CFG, our customers, our vendors, our counterparties, or our employees. We are under continuous threat of loss or network degradation due to cyber-attacks, such as computer viruses, malicious or destructive code, phishing attacks, ransomware, and Distributed Denial of Service (“DDoS”) attacks. This is especially true as we continue to expand customer capabilities to utilize the Internet and other remote channels to transact business. Two of the most significant cyber-attack risks that we face are e-fraud and loss of sensitive customer data. Loss from e-fraud occurs when cybercriminals extract funds directly from customers’ or our accounts using fraudulent schemes that may include Internet-based funds transfers. We have been subject to a number of e-fraud incidents historically. We have also been subject to attempts to steal sensitive customer data, such as account numbers and social security numbers, through unauthorized access to our computer systems including computer hacking. Such attacks are less frequent but could present significant reputational, legal and regulatory costs to us if successful. We have implemented certain technology protections such as Customer Profiling and Set-Up Authentication to be in compliance with the FFIEC Authentication and Access to Financial Institution Services and Systems guidelines. As cyber threats continue to evolve, we may be required to expend significant additional resources to continue to modify or enhance our layers of defense or to investigate and remediate any information security vulnerabilities. System enhancements and updates may also create risks associated with implementing new systems and integrating them with existing ones. Due to the complexity and interconnectedness of information technology systems, the process of enhancing our layers of defense can itself create a risk of systems disruptions and security issues. In addition, addressing certain information security vulnerabilities, such as hardware-based vulnerabilities, may affect the performance of our information technology systems. The ability of our hardware and software providers to deliver patches and updates to mitigate vulnerabilities in a timely manner can introduce additional risks, particularly when a vulnerability is being actively exploited by threat actors. Cyber-attacks against the patches themselves have also proven to be a significant risk that companies will have to address going forward. Despite our efforts to prevent a cyber-attack, a successful cyber-attack could persist for an extended period of time before being detected, and, following detection, it could take considerable time for us to obtain full and reliable information about the cybersecurity incident and the extent, amount and type of information compromised. During the course of an investigation, we may not necessarily know the full effects of the incident or how to remediate it, and actions and decisions that are taken or made in an effort to mitigate risk may further increase the costs and other negative consequences of the incident. Moreover, potential new regulations may require us to disclose information about a cybersecurity event before it has been resolved or fully investigated. The techniques used by cyber criminals change frequently, may not be recognized until launched and can be initiated from a variety of sources, including terrorist organizations and hostile foreign governments. These actors may attempt to fraudulently induce employees, customers or other users of our systems to disclose sensitive information in order to gain access to data or our systems. In the event that a cyber-attack is successful, our business, financial condition or results of operations may be adversely affected. For a discussion of the guidance that federal banking regulators have released regarding cybersecurity and cyber risk management standards, see the “Regulation and Supervision” section of Item 1." }, { "status": "MODIFIED", "current_title": "Consumer Banking Segment", "prior_title": "Consumer Banking Segment", "similarity_score": 0.879, "confidence": "high", "key_changes": [ "Reworded sentence: \"Consumer Banking serves consumer customers and small businesses with annual revenues of up to $25 million, with products and services that include deposits, mortgage and home equity lending, credit cards, small business loans, wealth management and investment services largely across our 14-state traditional banking footprint.\"" ], "current_body": "Consumer Banking serves consumer customers and small businesses with annual revenues of up to $25 million, with products and services that include deposits, mortgage and home equity lending, credit cards, small business loans, wealth management and investment services largely across our 14-state traditional banking footprint. We also offer education and point-of-sale finance loans in addition to select digital deposit products nationwide. Citizens Private Bank, launched during 2023, integrates wealth management and banking services to serve high net-worth individuals and families, as well as businesses. Consumer Banking operates a multi-channel distribution network with a workforce of approximately 5,300 branch colleagues, approximately 1,100 branches, including 187 in-store locations, and approximately 3,200 ATMs. Our network includes approximately 1,100 specialists covering lending, savings and investment needs as well as a broad range of small business products and services. We serve customers on a national basis through telephone service centers as well as through our online and mobile platforms where we offer customers the convenience of depositing funds, paying bills and transferring money between accounts and from person to person, as well as a host of other everyday transactions.", "prior_body": "Consumer Banking serves retail customers and small businesses with annual revenues of up to $25 million, with products and services that include deposit products, mortgage and home equity lending, credit cards, business loans, wealth management and investment services largely across our 14-state traditional banking footprint. We also offer auto, education and point-of-sale finance loans in addition to select digital deposit products nationwide. Consumer Banking operates a multi-channel distribution network with a workforce of approximately 5,780 branch colleagues, approximately 1,100 branches, including 220 in-store locations, and approximately 3,400 ATMs. Our network includes approximately 1,250 specialists covering lending, savings and investment needs as well as a broad range of small business products and services. We serve customers on a national basis through telephone service centers as well as through our online and mobile platforms where we offer customers the convenience of depositing funds, paying bills and transferring money between accounts and from person to person, as well as a host of other everyday transactions." }, { "status": "MODIFIED", "current_title": "A reduction in our credit ratings could have a material adverse effect on our business, financial condition and results of operations.", "prior_title": "A reduction in our credit ratings, which are based on a number of factors, could have a material adverse effect on our business, financial condition and results of operations.", "similarity_score": 0.863, "confidence": "high", "key_changes": [ "Reworded sentence: \"Rating agencies regularly evaluate us, and their ratings are based on a number of factors, including our financial strength and conditions affecting the financial services industry generally.\"" ], "current_body": "Credit ratings affect the cost and other terms upon which we are able to obtain funding. Rating agencies regularly evaluate us, and their ratings are based on a number of factors, including our financial strength and conditions affecting the financial services industry generally. Any downgrade in our ratings would likely increase our borrowing costs and could limit our access to capital markets, which would adversely affect our business. For example, a ratings downgrade could adversely affect our ability to sell or market our securities, including long-term debt, engage in certain longer-term derivatives transactions and retain our customers, particularly corporate customers who may require a minimum rating threshold in order to place funds with us. In addition, under the terms of our derivatives contracts, we may be required to maintain a minimum credit rating, post additional collateral or terminate such contracts. Any of these results of a ratings downgrade could increase our cost of funding, reduce our liquidity and have adverse effects on our business, financial condition and results of operations. For more information regarding our credit ratings, see the “Liquidity” section in Item 7.", "prior_body": "Credit ratings affect the cost and other terms upon which we are able to obtain funding. Rating agencies regularly evaluate us, and their ratings are based on a number of factors, including our financial strength. Other factors considered by rating agencies include conditions affecting the financial services industry generally. Any downgrade in our ratings would likely increase our borrowing costs, could limit our access to capital markets, and otherwise adversely affect our business. For example, a ratings downgrade could adversely affect our ability to sell or market certain of our securities, including long-term debt, engage in certain longer-term derivatives transactions and retain our customers, particularly corporate customers who may require a minimum rating threshold in order to place funds with us. In addition, under the terms of certain of our derivatives contracts, we may be required to maintain a minimum credit rating or have to post additional collateral or terminate such contracts. Any of these results of a rating downgrade could increase our cost of funding, reduce our liquidity and have adverse effects on our business, financial condition and results of operations." }, { "status": "MODIFIED", "current_title": "We rely on third parties for the performance of a significant portion of our information technology.", "prior_title": "We rely on third parties for the performance of a significant portion of our information technology.", "similarity_score": 0.851, "confidence": "high", "key_changes": [ "Reworded sentence: \"We rely on third parties for the performance of a significant portion of our information technology functions and the provision of information technology and business process services including, but not limited to, the operation of our data communications networks, hosted services, and a wide range of other support services.\"", "Reworded sentence: \"If these services are not performed in a satisfactory manner, we would not be able to adequately serve our customers.\"" ], "current_body": "We rely on third parties for the performance of a significant portion of our information technology functions and the provision of information technology and business process services including, but not limited to, the operation of our data communications networks, hosted services, and a wide range of other support services. The success of our business depends in part on the continuing ability of third parties to perform these functions and services in a timely and satisfactory manner, which performance could be disrupted or otherwise adversely affected due to failures or other information security events originating at the third parties or at the third parties’ suppliers or vendors (so-called “fourth party risk”). We may not be able to effectively monitor or mitigate third or fourth-party risk, in particular as it relates to the use of common suppliers or vendors by the third parties that perform functions and services for us. If we experience a disruption in the provision of any functions or services performed by third parties, we may have difficulty in finding alternate providers on terms favorable to us and in reasonable time frames. If these services are not performed in a satisfactory manner, we would not be able to adequately serve our customers. In either situation, our business could incur significant costs and be adversely affected.", "prior_body": "We rely on third parties for the performance of a significant portion of our information technology functions and the provision of information technology and business process services. For example, (i) unaffiliated third parties operate data communications networks on which certain components and services relating to our online banking system rely, (ii) third parties host or maintain many of our applications, including a commercial loan system, which is hosted and maintained by Automated Financial Systems, Inc., and our Mobile Digital Banking Application, which is hosted and maintained by Amazon Web Services, Inc., (iii) Fidelity Information Services, LLC maintains our core deposits system, (iv) Infosys Limited provides us with a wide range of information technology support services, including service desk, end user support, production application support, and private cloud support, and (v) Kyndryl, Inc. provides us with mainframe support services. The success of our business depends in part on the continuing ability of these (and other) third parties to perform these functions and services in a timely and satisfactory manner, which performance could be disrupted or otherwise adversely affected due to failures or other information security events originating at the third parties or at the third parties’ suppliers or vendors (so-called “fourth party risk”). For example, during 2021, there were a number of widely publicized cases of outages in connection with access to cloud service providers. We may not be able to effectively monitor or mitigate fourth-party risk, in particular as it relates to the use of common suppliers or vendors by the third parties that perform functions and services for us. If we experience a disruption in the provision of any functions or services performed by third parties, we may have difficulty in finding alternate providers on terms favorable to us and in reasonable time frames. If these services are not performed in a satisfactory manner, we would not be able to serve our customers well. In either situation, our business could incur significant costs and be adversely affected." }, { "status": "MODIFIED", "current_title": "Difficult economic conditions, including inflationary pressures, would likely have an adverse effect on our business, financial position and results of operations.", "prior_title": "Difficult economic conditions, including inflationary pressures or volatility in the financial markets would likely have an adverse effect on our business, financial position and results of operations.", "similarity_score": 0.843, "confidence": "high", "key_changes": [ "Reworded sentence: \"From March 2022 to July 2023, the FRB raised its benchmark interest rate eleven times in response to inflationary pressures throughout the economy.\"", "Reworded sentence: \"Also, see “Changes in interest rates may have an adverse effect on our profitability” below for more information on the risks associated with changes in interest rates.\"", "Reworded sentence: \"Any of the effects of these adverse economic conditions would likely have an adverse impact on our earnings, with the significance of the impact generally depending on the nature and severity of the economic conditions.\"" ], "current_body": "From March 2022 to July 2023, the FRB raised its benchmark interest rate eleven times in response to inflationary pressures throughout the economy. Financial markets remain volatile amidst the uncertainty of economic conditions, including potential recessionary conditions. Changes in interest rates can affect numerous aspects of our business and may impact our future performance. Also, see “Changes in interest rates may have an adverse effect on our profitability” below for more information on the risks associated with changes in interest rates. Prolonged periods of inflation may impact our profitability by negatively impacting our costs and expenses, including increasing funding costs and expense related to talent acquisition and retention, and negatively impacting consumer demand and client purchasing power for our products and services. If significant inflation continues, our business could be negatively affected by, among other things, increased default rates leading to credit losses which could adversely impact our earnings and capital. Any of the effects of these adverse economic conditions would likely have an adverse impact on our earnings, with the significance of the impact generally depending on the nature and severity of the economic conditions.", "prior_body": "Robust demand, labor shortages and supply chain constraints have led to persistent inflationary pressures throughout the economy. In response to these inflationary pressures, the FRB has raised benchmark interest rates in recent months and may continue to raise interest rates in response to economic conditions, particularly a continued high rate of inflation. Amidst these uncertainties, including potential recessionary economic conditions, financial markets have continued to experience volatility. Changes in interest rates can affect numerous aspects of our business and may impact our future performance. See risk factor headed “Changes in interest rates may have an adverse effect on our profitability” below for more information on the risks associated with changes in interest rates. Prolonged periods of inflation may impact our profitability by negatively impacting our costs and expenses, including increasing funding costs and expense related to talent acquisition and retention, and negatively impacting consumer demand and client purchasing power for our products and services. If significant inflation continues, our business could be negatively affected by, among other things, increased default rates leading to credit losses which could adversely impact our earnings and capital. Any of the effects of these adverse economic conditions would likely have an adverse impact on our earnings, with the significance of the impact generally depending on the nature and severity of the adverse economic conditions." }, { "status": "MODIFIED", "current_title": "Website Access to Citizens’ Filings with the SEC and Corporate Governance Information", "prior_title": "Website Access to Citizens’ Filings with the SEC", "similarity_score": 0.828, "confidence": "high", "key_changes": [ "Added sentence: \"Information about our Board and its committees and corporate governance, including our Code of Business Conduct and Ethics, is available on our website at investor.citizensbank.com/about-us/investor-relations/corporate-governance.\"", "Reworded sentence: \"As a financial services organization, certain elements of risk are inherent in our transactions and operations and the business decisions we make.\"" ], "current_body": "We maintain a website at investor.citizensbank.com. We make available on our website, free of charge, our annual reports on Form 10-K, quarterly reports on Form 10-Q and current reports on Form 8-K, including exhibits, and amendments to those reports that are filed or furnished to the SEC pursuant to Section 13(a) of the Securities Exchange Act of 1934. These documents are made available on our website as soon as reasonably practicable after they are electronically filed with or furnished to the SEC. The SEC also maintains an internet site (www.sec.gov) that contains reports, proxy and information statements, and other information regarding issuers that file electronically with the SEC. Information about our Board and its committees and corporate governance, including our Code of Business Conduct and Ethics, is available on our website at investor.citizensbank.com/about-us/investor-relations/corporate-governance. ITEM 1A. RISK FACTORS We are subject to a number of risks potentially impacting our business, financial condition, results of operations and cash flows. As a financial services organization, certain elements of risk are inherent in our transactions and operations and the business decisions we make. Therefore, we encounter risk as part of the normal course of our business and design a risk management framework and associated processes to help manage these risks. Our success is dependent on our ability to identify, understand and manage the risks presented by our business activities so that we can appropriately balance risk taking with revenue generation and profitability. We discuss the primary risks we face and our risk management framework and associated processes and strategies in the “Risk Governance” section in Item 7. You should carefully consider the following risk factors that may affect our business, financial condition, results of operations or cash flows. Other factors that could affect us are discussed in the “Forward-Looking Statements” section above. However, there may be additional risks that are not currently material or known, and factors besides those discussed below, or in this or other reports that we file or furnish with the SEC, that could adversely affect us. Therefore, the risks described in the risk factors below should not be considered a complete list of risks that we may encounter.", "prior_body": "We maintain a website at investor.citizensbank.com. We make available on our website, free of charge, our annual reports on Form 10-K, quarterly reports on Form 10-Q and current reports on Form 8-K, including exhibits, and amendments to those reports that are filed or furnished to the SEC pursuant to Section 13(a) of the Securities Exchange Act of 1934. These documents are made available on our website as soon as reasonably practicable after they are electronically filed with or furnished to the SEC. The SEC also maintains an internet site (www.sec.gov) that contains reports, proxy and information statements, and other information regarding issuers that file electronically with the SEC. ITEM 1A. RISK FACTORS We are subject to a number of risks potentially impacting our business, financial condition, results of operations and cash flows. As we are a financial services organization, certain elements of risk are inherent in our transactions and operations and are present in the business decisions we make. We, therefore, encounter risk as part of the normal course of our business and we design risk management processes to help manage these risks. Our success is dependent on our ability to identify, understand and manage the risks presented by our business activities so that we can appropriately balance revenue generation and profitability. These risks include, but are not limited to, credit risk, market risk, liquidity risk, operational risk, model risk, technology, regulatory and legal risk and strategic and reputational risk. We discuss our principal risk management processes and, in appropriate places, related historical performance in the “Risk Governance” section in Item 7. You should carefully consider the following risk factors that may affect our business, financial condition and results of operations. Other factors that could affect our business, financial condition and results of operation are discussed in the “Forward-Looking Statements” section above. However, there may be additional risks that are not presently material or known, and factors besides those discussed below, or in this or other reports that we file or furnish with the SEC, that could also adversely affect us." }, { "status": "MODIFIED", "current_title": "We may not be able to successfully execute our business strategy.", "prior_title": "We may not be able to successfully execute our business strategy.", "similarity_score": 0.809, "confidence": "high", "key_changes": [ "Reworded sentence: \"Our business strategy is designed to maximize the full potential of our business and drive sustainable growth and enhanced profitability, with our success resting on our ability to distinguish ourselves.\"", "Reworded sentence: \"If we are not able to successfully execute our business strategy, we may not achieve our financial performance goals and any shortfall may be material.\"" ], "current_body": "Our business strategy is designed to maximize the full potential of our business and drive sustainable growth and enhanced profitability, with our success resting on our ability to distinguish ourselves. Our future success and the value of our stock depends, in part, on our ability to effectively implement our business strategy, including the cost savings and efficiency components, and achieve our financial performance goals, including the anticipated benefits of the Private Bank start-up investment and Investors acquisition. There are risks and uncertainties, many of which are not within our control, associated with each element of our strategy. If we are not able to successfully execute our business strategy, we may not achieve our financial performance goals and any shortfall may be material. See the “Business Strategy” section in Item 1 for further information.", "prior_body": "Our business strategy is designed to maximize the full potential of our business and drive sustainable growth and enhanced profitability, and our success rests on our ability to maintain a high-performing, customer-centric organization; develop differentiated value propositions to acquire, deepen, and retain core customer segments; build excellent capabilities designed to help us stand out from our competitors; operate with financial discipline and a mindset of continuous improvement to self-fund investments; prudently grow and optimize our balance sheet; modernize our technology and operational models to improve delivery, organizational agility and speed to market; and embed risk management within our culture and our operations. Our future success and the value of our stock will depend, in part, on our ability to effectively implement our business strategy, including the cost savings and efficiency components, and achieve our financial performance goals, including through the integration of Investors and the HSBC branches. There are risks and uncertainties, many of which are not within our control, associated with each element of our strategy. If we are not able to successfully execute our business strategy, we may never achieve our financial performance goals and any shortfall may be material. See the “Business Strategy” section in Item 1 for further information." }, { "status": "MODIFIED", "current_title": "Protection of Customer Personal Information and Cybersecurity", "prior_title": "Protection of Customer Personal Information and Cybersecurity", "similarity_score": 0.804, "confidence": "high", "key_changes": [ "Reworded sentence: \"The privacy provisions of GLBA generally prohibit financial institutions, including us, from disclosing nonpublic personal financial information of consumer customers to third parties for certain purposes unless customers have the opportunity to opt out of the disclosure.\"", "Reworded sentence: \"Both the Fair Credit Reporting Act and Regulation V, which are issued by the FRB, govern the use and provision of information to consumer reporting agencies.\"", "Reworded sentence: \"Financial institutions are expected to design multiple layers of security controls to establish lines of defense and to ensure that their risk management processes also address the risk posed by compromised customer credentials, including security measures to reliably authenticate customers when accessing internet-based services of the financial institution.\"", "Reworded sentence: \"For a further discussion of risks related to cybersecurity, see Item 1A “Risk Factors.” A financial institution is also required to notify its primary banking regulator within 36 hours of computer-security incidents that have materially disrupted or degraded, or is reasonably likely to materially disrupt or degrade its: •ability to carry out banking operations, activities, or processes, or deliver banking products and services to a material portion of its customer base; •business lines, including associated operations, services, functions, and support, that upon failure would result in a material loss of revenue, profit, or franchise value; or •operations, including associated services, functions, and support, the failure or discontinuance of which would pose a threat to the financial stability of the United States.\"" ], "current_body": "The privacy provisions of GLBA generally prohibit financial institutions, including us, from disclosing nonpublic personal financial information of consumer customers to third parties for certain purposes unless customers have the opportunity to opt out of the disclosure. The Fair Credit Reporting Act restricts information sharing among affiliates for marketing purposes. Both the Fair Credit Reporting Act and Regulation V, which are issued by the FRB, govern the use and provision of information to consumer reporting agencies. The federal banking regulators regularly issue guidance regarding cybersecurity intended to enhance cyber risk management standards among financial institutions. Financial institutions are expected to design multiple layers of security controls to establish lines of defense and to ensure that their risk management processes also address the risk posed by compromised customer credentials, including security measures to reliably authenticate customers when accessing internet-based services of the financial institution. Further, a financial institution’s management is expected to maintain sufficient business continuity planning processes to ensure the rapid recovery, resumption and maintenance of the institution’s operations after a cyber-attack involving destructive malware or other compromise of customer data and/or systems. A financial institution is also expected to develop appropriate processes to enable recovery of data and business operations and address rebuilding network capabilities and restoring data if the institution or its critical service providers fall victim to this type of cyber-attack or compromise. If we fail to observe the regulatory guidance, we could be subject to various regulatory sanctions, including financial penalties. For a further discussion of risks related to cybersecurity, see Item 1A “Risk Factors.” A financial institution is also required to notify its primary banking regulator within 36 hours of computer-security incidents that have materially disrupted or degraded, or is reasonably likely to materially disrupt or degrade its: •ability to carry out banking operations, activities, or processes, or deliver banking products and services to a material portion of its customer base; •business lines, including associated operations, services, functions, and support, that upon failure would result in a material loss of revenue, profit, or franchise value; or •operations, including associated services, functions, and support, the failure or discontinuance of which would pose a threat to the financial stability of the United States. In addition, in August 2023, the SEC adopted a final rule that requires the disclosure of material cybersecurity incidents on Form 8-K. Registrants must describe the material aspects of the nature, scope and timing of the incident, as well as the impact of the incident on the registrant. The final rule also requires registrants to describe, on Form 10-K, their processes for assessing, identifying and managing material risks from cybersecurity threats and whether such risks have materially affected the registrant. Registrants must also describe Board oversight of risks from cybersecurity threats and management’s role and expertise in assessing and managing material risks from such threats. See Item 1C “Cybersecurity” for more information. State regulators have also been active in implementing privacy and cybersecurity standards and regulations. Recently, several states have adopted laws and regulations requiring certain financial institutions to implement cybersecurity programs and provide details with respect to these programs. In addition, many states have recently implemented or modified their data breach notification and data privacy requirements. We expect this trend of state-level activity to continue and are continually monitoring developments in the states in which we operate.", "prior_body": "The privacy provisions of GLBA generally prohibit financial institutions, including us, from disclosing nonpublic personal financial information of consumer customers to third parties for certain purposes (primarily marketing) unless customers have the opportunity to opt out of the disclosure. The Fair Credit Reporting Act restricts information sharing among affiliates for marketing purposes. Both the Fair Credit Reporting Act and Regulation V, issued by the FRB, govern the use and provision of information to consumer reporting agencies. The federal banking regulators regularly issue guidance regarding cybersecurity intended to enhance cyber risk management standards among financial institutions. Financial institutions are expected to design multiple layers of security controls to establish lines of defense and to ensure that their risk management processes also address the risk posed by compromised customer credentials, including security measures to reliably authenticate customers’ accessing internet-based services of the financial institution. Further, a financial institution’s management is expected to maintain sufficient business continuity planning processes to ensure the rapid recovery, resumption and maintenance of the institution’s operations after a cyber-attack involving destructive malware. A financial institution is also expected to develop appropriate processes to enable recovery of data and business operations and address rebuilding network capabilities and restoring data if the institution or its critical service providers fall victim to this type of cyber-attack. If we fail to observe the regulatory guidance, we could be subject to various regulatory sanctions, including financial penalties. For a further discussion of risks related to cybersecurity, see Item 1A “Risk Factors.” In November 2021, the federal banking regulators issued a final rule mandating financial institutions to report certain significant cybersecurity incidents to regulators. The final rule requires a financial institution to notify its primary banking regulator within 36 hours of certain significant cybersecurity incidents which has or is reasonably likely to disrupt or degrade its: •ability to carry out banking operations, activities, or processes, or deliver banking products and services to a material portion of its customer base; •business lines, including associated operations, services, functions, and support, that upon failure would result in a material loss of revenue, profit, or franchise value; or •operations, including associated services, functions, and support, the failure or discontinuance of which would pose a threat to the financial stability of the United States. Bank service providers are required to notify at least one designated point of contact at affected banking organization customers as soon as possible after any computer-security incident which has or is reasonably likely to materially disrupt or degrade covered services for four or more hours. The final rule was effective April 1, 2022, with a compliance date of May 1, 2022. In addition, in March 2022, the SEC proposed new rules that would require reporting on Form 8-K of material cybersecurity incidents. State regulators have also been increasingly active in implementing privacy and cybersecurity standards and regulations. Recently, several states have adopted laws and regulations requiring certain financial institutions to implement cybersecurity programs and providing detailed requirements with respect to these programs, including data encryption requirements. For example, the California Consumer Privacy Act, which became effective on January 1, 2020, gives new rights to California residents to require certain businesses to disclose or delete their personal information. In addition, many states have also recently implemented or modified their data breach notification and data privacy requirements. We expect this trend of state-level activity to continue and are continually monitoring developments in the states in which we operate." }, { "status": "MODIFIED", "current_title": "Support of Subsidiary Bank", "prior_title": "Support of Subsidiary Bank", "similarity_score": 0.804, "confidence": "high", "key_changes": [ "Reworded sentence: \"The Parent Company is required to serve as a source of financial and managerial strength to CBNA and, under appropriate conditions, to commit resources to support CBNA.\"" ], "current_body": "The Parent Company is required to serve as a source of financial and managerial strength to CBNA and, under appropriate conditions, to commit resources to support CBNA. This support may be required by the FRB at times when the Parent Company may not have the financial resources to do so, or when doing so may not serve our interests or those of our shareholders or creditors. In addition, any capital loans by a BHC to a subsidiary bank are subordinate in right of payment to deposits and certain other indebtedness of such subsidiary bank. In the event of a BHC’s bankruptcy, any commitment by the BHC to a federal bank regulatory agency to maintain the capital of a subsidiary bank will be assumed by the bankruptcy trustee and entitled to a priority of payment.", "prior_body": "Under Section 616 of the Dodd-Frank Act, which codifies the FRB’s long-standing “source of strength” doctrine, the Parent Company must serve as a source of financial and managerial strength for our depository institution subsidiary. The statute defines “source of financial strength” as the ability to provide financial assistance in the event of the financial distress at the insured depository institution. The FRB may require that the Parent Company provide such support at times even when the Parent Company may not have the financial resources to do so, or when doing so may not serve our interests or those of our shareholders or creditors. In addition, any capital loans by a BHC to its subsidiary bank are subordinate in right of payment to deposits and to certain other indebtedness of such subsidiary bank. In the event of a BHC’s bankruptcy, any commitment by the BHC to a federal bank regulatory agency to maintain the capital of a subsidiary bank will be assumed by the bankruptcy trustee and entitled to a priority of payment." }, { "status": "MODIFIED", "current_title": "Diversity, Equity and Inclusion", "prior_title": "Diversity, Equity and Inclusion", "similarity_score": 0.789, "confidence": "high", "key_changes": [ "Reworded sentence: \"Development programs are designed to build a strong pipeline of emerging talent, including diverse talent, internally, and have been effective in increasing the development of our overall colleague base as well as increasing the number of women and people of color in senior leader roles.\"", "Reworded sentence: \"Each BRG is sponsored by a member of the executive team and approximately 3,500 colleagues belonged to at least one BRG as of December 31, 2023.\"" ], "current_body": "We foster a culture where all stakeholders feel respected, valued, and heard. Our DE&I strategy is focused on creating an environment of inclusion and belonging, building a more diverse workforce and evaluating the effectiveness of our initiatives. Development programs are designed to build a strong pipeline of emerging talent, including diverse talent, internally, and have been effective in increasing the development of our overall colleague base as well as increasing the number of women and people of color in senior leader roles. We also partner with external organizations to offer additional resources for reskilling and upskilling colleagues, including diverse colleagues. We acknowledge that there are opportunities to further increase the representation of women and people of color, particularly in leadership roles, and we continue to develop strong partnerships with business and community organizations to help identify diverse candidates for roles within every segment of our organization. In addition, we ensure that interview slates for senior openings include candidates with diverse backgrounds and perspectives. An internal dashboard is used to monitor our progress across multiple DE&I metrics. Information regarding our workforce demographics can be found in our Environmental Social Governance Report and on our website, which includes a link to our most recently filed EEO-1 report. Various resources are used by management to understand what drives a sense of inclusion and belonging and to identify what actions will be effective in attracting and retaining diverse colleagues. Analytics are used to help prioritize initiatives, including responses to our OHS, which we segment by various colleague populations to provide additional insights. In addition, we have seven business resource groups (“BRGs”), which are integral to identifying and formulating solutions to DE&I issues that are most important to customers, colleagues, and the community. Our BRGs include Citizens WIN (Women’s Impact Network), Citizens Elev8 (Rising Professionals), Prism (Multicultural), Citizens Pride (LGBTQ+), Citizens Veterans, and Citizens Awake (Disability Awareness). In 2023, we launched an additional BRG, Caring for Citizens (Caregivers). Each BRG is sponsored by a member of the executive team and approximately 3,500 colleagues belonged to at least one BRG as of December 31, 2023. We also offer education programs focused on embedding inclusive behaviors in our culture designed for colleagues at all levels of leadership.", "prior_body": "We foster a culture where all stakeholders feel respected, valued, and heard. Our DE&I strategy is focused on creating an environment of inclusion and belonging, building a more diverse workforce and evaluating the effectiveness of our initiatives. We are committed to increasing the representation of women and people of color, particularly in leadership roles. To that end, we have continued to develop strong partnerships with business and community organizations to help identify qualified diverse candidates for roles within every segment of our organization. In addition, through our diverse hiring commitment, we aim to have at least 50% of candidates interviewed for mid-to-senior openings be women or people of color. Internal diversity scorecards are used to measure our progress across multiple DE&I metrics. As of December 31, 2022, approximately 58% of our colleagues were women and approximately 32% were people of color. In addition, approximately 31% of the members of our Board of Directors are women and approximately 15% are people of color. More detail regarding our workforce demographics can be found on our website and in our Corporate Responsibility Report. Development programs are designed to build a strong pipeline of diverse emerging talent internally. Development efforts have been effective in increasing the number of women and people of color considered “ready now” succession candidates. We also partner with external organizations to offer additional resources for reskilling and upskilling diverse colleagues. We also offer education programs focused on embedding inclusive behaviors in our culture to all colleagues. We require all colleagues to attend inclusion training and there is additional targeted inclusion training specifically for colleagues in manager roles. We use various resources to understand what drives a sense of inclusion and belonging and to identify what actions will be effective in attracting and retaining diverse colleagues. Analytics are used to help prioritize initiatives, including answers to OHI survey items, which we segment by various colleague populations to provide additional insights. In addition, we have seven business resource groups (“BRGs”), which are an extension of the business and are integral to identifying and formulating solutions to DE&I issues that are most important to customers, colleagues, and the community. Citizens BRGs include Citizens WIN (Women’s Impact Network), Citizens Elev8 (Rising Professionals), Prism (Multicultural), Citizens Pride (LGBTQ+), Citizens Veterans, and Citizens Awake (Disability Awareness). In 2023, we launched an additional BRG, Caring for Citizens (Caregivers). Each BRG is sponsored by a member of the executive team and, as of December 31, 2022, approximately 3,200 colleagues belonged to at least one BRG." }, { "status": "MODIFIED", "current_title": "Business Segments", "prior_title": "Business Segments", "similarity_score": 0.789, "confidence": "high", "key_changes": [ "Reworded sentence: \"We manage our business through two primary business segments: Consumer Banking and Commercial Banking.\"", "Removed sentence: \"Our activities outside these segments are classified as “Other” and include treasury activities, wholesale funding activities, the securities portfolio, community development assets, and other unallocated assets, liabilities, capital, revenues, provision for credit losses and expenses, including income tax expense.\"" ], "current_body": "We manage our business through two primary business segments: Consumer Banking and Commercial Banking. Our activities outside these segments are classified as Non-Core or Other. Non-Core includes our indirect auto and certain purchased consumer loan portfolios that we discontinued the origination of as part of our recently announced balance sheet optimization strategy. Other includes treasury activities, wholesale funding, the securities portfolio, community development assets, and other unallocated assets, liabilities, capital, revenues, provision (benefit) for credit losses and expenses, including income tax expense. For additional information regarding our business segments see the “Business Operating Segments” section of Item 7 and Note 26 in Item 8.", "prior_body": "We manage our business through two business segments: Consumer Banking and Commercial Banking. For additional information regarding our business segments see the “Business Operating Segments” section of Item 7 and Note 26 in Item 8. Our activities outside these segments are classified as “Other” and include treasury activities, wholesale funding activities, the securities portfolio, community development assets, and other unallocated assets, liabilities, capital, revenues, provision for credit losses and expenses, including income tax expense." }, { "status": "MODIFIED", "current_title": "The effects of geopolitical instability may adversely affect us and create significant risks and uncertainties for our business, with the ultimate impact dependent on future developments, which are highly uncertain and unpredictable.", "prior_title": "The effects of geopolitical instability, such as Russia’s invasion of Ukraine, may adversely affect us and create significant risks and uncertainties for our business, with the ultimate impact dependent on future developments, which are highly uncertain and unpredictable.", "similarity_score": 0.785, "confidence": "high", "key_changes": [ "Reworded sentence: \"Ongoing geopolitical instability, such as the wars in Ukraine and the Middle East, has negatively impacted, and could in the future negatively impact, the global and U.S.\"", "Reworded sentence: \"The extent to which such geopolitical instability adversely affects our business, financial condition and results of operations, as well as our liquidity and capital profile, will depend on future developments, which are highly uncertain and unpredictable, including the extent and duration of the wars and the associated immeasurable humanitarian toll inflicted as a result.\"" ], "current_body": "Ongoing geopolitical instability, such as the wars in Ukraine and the Middle East, has negatively impacted, and could in the future negatively impact, the global and U.S. economies, including by causing supply chain disruptions, rising prices for oil and other commodities, volatility in capital markets and foreign currency exchange rates, rising interest rates and heightened cybersecurity risks. The extent to which such geopolitical instability adversely affects our business, financial condition and results of operations, as well as our liquidity and capital profile, will depend on future developments, which are highly uncertain and unpredictable, including the extent and duration of the wars and the associated immeasurable humanitarian toll inflicted as a result. If geopolitical instability adversely affects us, it may also have the effect of heightening other risks related to our business.", "prior_body": "Ongoing geopolitical instability, such as Russia’s invasion of Ukraine, has negatively impacted, and could in the future negatively impact, the global and U.S. economies, including by causing supply chain disruptions, rising prices for oil and other commodities, volatility in capital markets and foreign currency exchange rates, rising interest rates and heightened cybersecurity risks. The extent to which such geopolitical instability, such as Russia’s invasion of Ukraine, adversely affects our business, financial condition and results of operations, as well as our liquidity and capital profile, will depend on future developments, which are highly uncertain and unpredictable, including with respect to Russia’s invasion, the extent and duration of the invasion and economic sanctions imposed on Russia, and the immeasurable humanitarian toll inflicted on Ukraine. If geopolitical instability adversely affects us, it may also have the effect of heightening other risks related to our business." }, { "status": "MODIFIED", "current_title": "Unpredictable catastrophic events, including pandemics, terrorist attacks, extreme weather events and other large-scale catastrophes, could have an adverse effect on our business, financial position and results of operations.", "prior_title": "Unpredictable catastrophic events, including pandemics, terrorist attacks, extreme weather events and other large-scale catastrophes, could have an adverse effect on our business, financial position and results of operations.", "similarity_score": 0.757, "confidence": "high", "key_changes": [ "Reworded sentence: \"The occurrence of catastrophic events, including pandemics, terrorists attacks, extreme weather events, such as hurricanes, tropical storms, or tornadoes, and other large-scale catastrophes could adversely affect our business, financial condition or results of operations.\"" ], "current_body": "The occurrence of catastrophic events, including pandemics, terrorists attacks, extreme weather events, such as hurricanes, tropical storms, or tornadoes, and other large-scale catastrophes could adversely affect our business, financial condition or results of operations. Such events could affect the stability of our deposit base, impair the ability of our borrowers to repay outstanding loans, impair the value of collateral securing loans, and cause significant property damage or operational disruptions, resulting in loss of revenue or causing us to incur additional expenses. Furthermore, although we maintain both business continuity and disaster recovery plans, if a terrorist attack, extreme weather event, or other catastrophe rendered our production and recovery data unusable, there can be no assurance that these plans and related capabilities will adequately protect us from such events, and our business, financial condition or results of operations could be adversely affected. While the U.S. economy has generally recovered since the onset of the COVID disruption, a resurgence of pandemic conditions could reintroduce, or intensify, these impacts and adversely affect our business, financial condition and results of operations, as well as our liquidity and capital profile.", "prior_body": "The occurrence of catastrophic events, including pandemics, such as COVID-19, terrorists attacks, extreme weather events, such as hurricanes, tropical storms, or tornadoes, and other large-scale catastrophes could adversely affect our business, financial condition or results of operations, including by affecting the stability of our deposit base, impairing the ability of our borrowers to repay outstanding loans, impairing the value of collateral securing loans, causing significant property damage or operational disruptions, resulting in loss of revenue or causing us to incur additional expenses. For example, the COVID-19 pandemic has in the past negatively affected, and could in the future negatively affect, the global and U.S. economies, including by increasing unemployment levels, disrupting supply chains and businesses in many industries, lowering equity market valuations, decreasing liquidity in fixed income markets, and creating significant volatility and disruption in financial markets. This has in the past resulted in, and could in the future result in, higher and more volatile provisions for credit losses and has in the past adversely affected, and could in the future adversely affect, our noninterest income. The extent to which the COVID-19 pandemic could adversely affect our business, financial condition and results of operations, as well as our liquidity and capital profile, will depend on future developments, which are highly uncertain and cannot be predicted, including the scope and duration of the pandemic, any resurgence of COVID-19 cases and the emergence of new variants, the widespread availability, use and effectiveness of vaccines, actions taken by governmental authorities and other third parties in response to the pandemic and the direct and indirect impact of the pandemic on us, our clients and customers, our service providers and other market participants. As the COVID-19 pandemic adversely affects us, it may also have the effect of heightening many of the other risks described herein. Furthermore, although we maintain both business continuity and disaster recovery plans, if a terrorist attack, extreme weather event, or other catastrophe rendered both our production data center in Rhode Island and our recovery data center in North Carolina unusable, there can be no assurance that these plans and related capabilities will adequately protect us from such events, and our business, financial condition or results of operations could be adversely affected." }, { "status": "MODIFIED", "current_title": "The financial services industry, including the banking sector, continues to make technological enhancements to meet customer preferences, as well as meet legal and regulatory requirements, and we may not be able to compete effectively as a result of these changes.", "prior_title": "The financial services industry, including the banking sector, is undergoing rapid technological change as a result of changes in customer behavior, competition and changes in the legal and regulatory framework, and we may not be able to compete effectively as a result of these changes.", "similarity_score": 0.735, "confidence": "medium", "key_changes": [ "Reworded sentence: \"Technology within the financial services industry continues to evolve and new, unexpected technological changes could have a transformative effect on the way banks offer products and services.\"", "Reworded sentence: \"Regulatory guidance continues to be focused on the need for financial institutions to perform appropriate due diligence and ongoing monitoring of third-party vendor relationships, thus increasing the scope of management involvement and decreasing the efficiency otherwise resulting from our relationships with third-party technology providers.\"", "Reworded sentence: \"Also, see “Supervisory requirements and expectations on us as a financial holding company and a bank holding company and any regulator-imposed limits on our activities could adversely affect our ability to implement our strategic plan, expand our business, continue to improve our financial performance and make capital distributions to our stockholders.”\"" ], "current_body": "Technology within the financial services industry continues to evolve and new, unexpected technological changes could have a transformative effect on the way banks offer products and services. We believe our success depends, to a great extent, on our ability to utilize technology to offer products and services that address the needs of our customers and to create efficiencies in our operations. However, we may not be able to, among other things, keep up with the rapid pace of technological changes, effectively implement new technology-driven products and services, or be successful in marketing these products and services to our customers. As a result, our ability to compete effectively to attract or retain business may be impaired, and our business, financial condition or results of operations may be adversely affected. In addition, changes in the legal and regulatory framework under which we operate require us to update our information systems to ensure compliance. Our need to review and evaluate the impact of ongoing rule proposals, final rules and implementation guidance from regulators further complicates the development and implementation of new information systems for our business. Regulatory guidance continues to be focused on the need for financial institutions to perform appropriate due diligence and ongoing monitoring of third-party vendor relationships, thus increasing the scope of management involvement and decreasing the efficiency otherwise resulting from our relationships with third-party technology providers. Given the significant number of ongoing regulatory reform initiatives, it is possible that we incur higher than expected information technology costs in order to comply with current and impending regulations. Also, see “Supervisory requirements and expectations on us as a financial holding company and a bank holding company and any regulator-imposed limits on our activities could adversely affect our ability to implement our strategic plan, expand our business, continue to improve our financial performance and make capital distributions to our stockholders.”", "prior_body": "The financial services industry, including the banking sector, is continually undergoing rapid technological change with frequent introductions of new technology-driven products and services. In addition, new, unexpected technological changes could have a disruptive effect on the way banks offer products and services. We believe our success depends, to a great extent, on our ability to address customer needs by using technology to offer products and services that provide convenience to customers and to create additional efficiencies in our operations. However, we may not be able to, among other things, keep up with the rapid pace of technological changes, effectively implement new technology-driven products and services or be successful in marketing these products and services to our customers. As a result, our ability to compete effectively to attract or retain new business may be impaired, and our business, financial condition or results of operations may be adversely affected. In addition, changes in the legal and regulatory framework under which we operate require us to update our information systems to ensure compliance. Our need to review and evaluate the impact of ongoing rule proposals, final rules and implementation guidance from regulators further complicates the development and implementation of new information systems for our business. Also, recent regulatory guidance has focused on the need for financial institutions to perform increased due diligence and ongoing monitoring of third-party vendor relationships, thus increasing the scope of management involvement and decreasing the efficiency otherwise resulting from our relationships with third-party technology providers. Given the significant number of ongoing regulatory reform initiatives, it is possible that we incur higher than expected information technology costs in order to comply with current and impending regulations. See “—Supervisory requirements and expectations on us as a FHC and a BHC and any regulator-imposed limits on our activities could adversely affect our ability to implement our strategic plan, expand our business, continue to improve our financial performance and make capital distributions to our stockholders.”" }, { "status": "MODIFIED", "current_title": "Volcker Rule", "prior_title": "Volcker Rule", "similarity_score": 0.72, "confidence": "medium", "key_changes": [ "Reworded sentence: \"This statutory provision is commonly called the “Volcker Rule.” Under this rule, we are viewed as having “moderate” trading assets and liabilities, which subjects us to a simplified compliance program requirement that is appropriate for our activities, size, scope, and complexity.\"" ], "current_body": "The Dodd-Frank Act prohibits banks and their affiliates from engaging in proprietary trading and investing in, sponsoring and having certain relationships with private funds such as certain hedge funds or private equity funds. This statutory provision is commonly called the “Volcker Rule.” Under this rule, we are viewed as having “moderate” trading assets and liabilities, which subjects us to a simplified compliance program requirement that is appropriate for our activities, size, scope, and complexity. This Volcker Rule does not have a material impact on Citizens.", "prior_body": "The Dodd-Frank Act prohibits banks and their affiliates from engaging in proprietary trading and investing in, sponsoring and having certain relationships with private funds such as certain hedge funds or private equity funds. The statutory provision is commonly called the “Volcker Rule.” In 2019, the FRB, OCC, FDIC, SEC and CFTC (collectively, the “Volcker Agencies”) finalized amendments to their regulations to tailor the Volcker Rule’s compliance requirements to the amount of a firm’s trading activity, revise the definition of trading account, clarify certain key provisions in the Volcker Rule, and modify the information companies are required to provide the Volcker Agencies. Under those amendments, we are viewed as having “moderate” trading assets and liabilities, and therefore subject to a requirement to have a simplified compliance program that is appropriate for our activities, size, scope, and complexity. In June 2020, the Volcker Agencies finalized other regulations modifying the Volcker Rule’s prohibition on banking entities investing in or sponsoring hedge funds or private equity funds (referred to under the rule as covered funds). We do not expect either of these regulatory amendments to the Volcker Rule to have a material impact on Citizens." }, { "status": "MODIFIED", "current_title": "Resolution Planning", "prior_title": "Resolution Planning", "similarity_score": 0.719, "confidence": "medium", "key_changes": [ "Reworded sentence: \"Category IV firms such as CFG are no longer required to submit resolution plans under section 165(d) of the Dodd-Frank Act.\"", "Added sentence: \"On August 29, 2023, the FDIC issued a proposal that would require IDIs with total assets of $100 billion or more, including CBNA, to submit a more robust resolution plan biennially that includes a comprehensive strategy from the point of failure to liquidation or return of the institution to the private sector.\"", "Added sentence: \"The identified strategy must ensure timely access to insured deposits, maximize value from the sale or disposition of assets, minimize losses realized by creditors, and address potential risks of adverse effects on U.S.\"", "Added sentence: \"economic conditions or financial stability.\"", "Added sentence: \"In addition, the strategy generally expects, but does not require, a default scenario whereby the FDIC, as receiver of the failed institution, operates the institution under a bridge bank.\"" ], "current_body": "Category IV firms such as CFG are no longer required to submit resolution plans under section 165(d) of the Dodd-Frank Act. However, CBNA is required to periodically file an IDI resolution plan with the FDIC. This plan enables the FDIC, as receiver, to resolve the institution under applicable receivership provisions of the FDIA in a manner that ensures that depositors receive access to their insured deposits within one business day of the institution’s failure, maximizes the net present value return from the sale or disposition of the institution’s assets and minimizes the amount of any loss to the institution’s creditors. In 2021, the FDIC issued a Statement on Resolution Plans for IDIs that, among other things, established a three-year filing cycle for banks with $100 billion or more in total assets, such as CBNA, and provided details regarding the content of the resolution plans that filers are required to prepare. CBNA submitted its most recent resolution plan to the FDIC on December 1, 2022. On August 29, 2023, the FDIC issued a proposal that would require IDIs with total assets of $100 billion or more, including CBNA, to submit a more robust resolution plan biennially that includes a comprehensive strategy from the point of failure to liquidation or return of the institution to the private sector. The identified strategy must ensure timely access to insured deposits, maximize value from the sale or disposition of assets, minimize losses realized by creditors, and address potential risks of adverse effects on U.S. economic conditions or financial stability. In addition, the strategy generally expects, but does not require, a default scenario whereby the FDIC, as receiver of the failed institution, operates the institution under a bridge bank. The proposal also enhances how the credibility of resolution plans will be assessed, expands expectations regarding engagement and capabilities testing, and requires IDIs to demonstrate the capability to promptly establish a virtual data room in the run-up to or upon failure. The proposal provides that IDIs submit their initial resolution plan no earlier than 270 days from the effective date of the amended rule. Comments on the proposal were due by November 30, 2023. We are in the process of evaluating the impact of the proposal on our business.", "prior_body": "Category IV firms are no longer required to submit resolution plans to the FRB and FDIC. However, CBNA is required to file periodically a separate resolution plan with the FDIC that should enable the FDIC, as receiver, to resolve the institution under applicable receivership provisions of the FDIA in a manner that ensures that depositors receive access to their insured deposits within one business day of the institution’s failure, maximizes the net present value return from the sale or disposition of its assets and minimizes the amount of any loss to the institution’s creditors. In June 2021, the FDIC issued a Statement on Resolution Plans for Insured Depository Institutions that, among other things, established a three-year filing cycle for banks with $100 billion or more in total assets, such as CBNA, and provides details regarding the content of the resolution plans that filers are required to prepare. CBNA submitted its most recent resolution plan to the FDIC on December 1, 2022." }, { "status": "MODIFIED", "current_title": "Our regulators may impose restrictions or limitations on our operations.", "prior_title": "We may be unable to disclose some restrictions or limitations on our operations imposed by our regulators.", "similarity_score": 0.706, "confidence": "medium", "key_changes": [ "Reworded sentence: \"In addition, as part of our regular examination process, our regulators may advise us to conduct significant remediation activities or operate under various restrictions as a prudential matter.\"", "Reworded sentence: \"As a result, such supervisory actions or restrictions, if and in whatever manner imposed, could have a material adverse effect on our business and results of operations.\"" ], "current_body": "From time to time, bank regulatory agencies take supervisory actions that restrict or limit a financial institution’s activities and lead it to raise capital or subject it to other requirements. In addition, as part of our regular examination process, our regulators may advise us to conduct significant remediation activities or operate under various restrictions as a prudential matter. Any such actions or restrictions, if and in whatever manner imposed, could adversely affect our costs and revenues. Moreover, efforts to comply with any such nonpublic supervisory actions or restrictions may require material investments in additional resources and systems, as well as a significant commitment of managerial time and attention. As a result, such supervisory actions or restrictions, if and in whatever manner imposed, could have a material adverse effect on our business and results of operations.", "prior_body": "From time to time, bank regulatory agencies take supervisory actions that restrict or limit a financial institution’s activities and lead it to raise capital or subject it to other requirements. Directives issued to enforce such actions may be confidential and thus, in some instances, we are not permitted to publicly disclose these actions. In addition, as part of our regular examination process, our regulators may advise us to operate under various restrictions as a prudential matter. Any such actions or restrictions, if and in whatever manner imposed, could adversely affect our costs and revenues. Moreover, efforts to comply with any such nonpublic supervisory actions or restrictions may require material investments in additional resources and systems, as well as a significant commitment of managerial time and attention. As a result, such supervisory actions or restrictions, if and in whatever manner imposed, could have a material adverse effect on our business and results of operations; and, in certain instances, we may not be able to publicly disclose these matters." }, { "status": "MODIFIED", "current_title": "Bank and Financial Holding Company Regulation", "prior_title": "Bank and Financial Holding Company Regulation", "similarity_score": 0.697, "confidence": "medium", "key_changes": [ "Reworded sentence: \"To maintain FHC status, a BHC and all of its depository institution subsidiaries must remain “well capitalized” and “well managed,” as described below under “Federal Deposit Insurance Act.” If a BHC fails to meet these regulatory standards, the FRB could place limitations on its ability to conduct the broader financial activities permissible for FHCs or impose limitations or conditions on the conduct or activities of the BHC or its affiliates.\"", "Reworded sentence: \"As noted above, FRB approval is generally not required for BHCs to acquire a company engaged in activities that are financial in nature or incidental to activities that are financial in nature, as determined by the FRB.\"", "Reworded sentence: \"banking or financial system; the companies’ compliance with anti-money laundering laws and regulations; the convenience and needs of the communities to be served; and the performance record of the IDIs involved in the transaction under the CRA.\"" ], "current_body": "As a FHC, we may engage in a broader range of activities than a BHC that is not also a FHC. These activities include securities underwriting and dealing, insurance underwriting and brokerage, merchant banking and other activities that are determined by the FRB, in coordination with the Treasury Department, to be “financial in nature or incidental thereto” or that the FRB determines unilaterally to be “complementary” to financial activities. In addition, a FHC may commence new permissible financial activities or acquire non-bank financial companies engaged in such activities, in either case, with after-the-fact notice to the FRB. To maintain FHC status, a BHC and all of its depository institution subsidiaries must remain “well capitalized” and “well managed,” as described below under “Federal Deposit Insurance Act.” If a BHC fails to meet these regulatory standards, the FRB could place limitations on its ability to conduct the broader financial activities permissible for FHCs or impose limitations or conditions on the conduct or activities of the BHC or its affiliates. If the deficiencies persisted, the FRB could order the BHC to divest any subsidiary bank or to cease engaging in any activities permissible for FHCs that are not permissible for BHCs, or the BHC could elect to conform its non-banking activities to those permissible for a BHC that is not also a FHC. In addition, the CRA requires U.S. banks to help serve the needs of their communities. If a depository institution subsidiary of a BHC were to receive a CRA rating of less than “satisfactory”, the BHC would be prohibited from engaging in certain activities or acquisitions (see “Community Reinvestment Act” below). Federal and state laws impose notice and approval requirements for mergers and acquisitions of other depository institutions or BHCs. As noted above, FRB approval is generally not required for BHCs to acquire a company engaged in activities that are financial in nature or incidental to activities that are financial in nature, as determined by the FRB. Prior regulatory approval is required, however, before a BHC may acquire or control more than 5% of any class of voting shares or substantially all of the assets of a BHC, including a FHC, or a bank. In considering applications for approval of acquisitions, the banking regulators may take several factors into account, including the competitive effects of the transaction in the relevant geographic markets; the financial and managerial resources and future prospects of companies involved in the transaction; the effect of the transaction on the financial stability of the U.S. banking or financial system; the companies’ compliance with anti-money laundering laws and regulations; the convenience and needs of the communities to be served; and the performance record of the IDIs involved in the transaction under the CRA.", "prior_body": "As a FHC, we may engage in a broader range of activities than a BHC that is not also a FHC. These activities include securities underwriting and dealing, insurance underwriting and brokerage, merchant banking and other activities that are determined by the FRB, in coordination with the Treasury Department, to be “financial in nature or incidental thereto” or that the FRB determines unilaterally to be “complementary” to financial activities. In addition, a FHC may commence new permissible financial activities or acquire non-bank financial companies engaged in such activities, in either case, with after-the-fact notice to the FRB. To maintain our FHC status, a BHC (and all of its depository institution subsidiaries), must remain “well capitalized” and “well managed,” as described below under “Federal Deposit Insurance Act”. If a BHC fails to meet these regulatory standards, the FRB could place limitations on its ability to conduct the broader financial activities permissible for FHCs or impose limitations or conditions on the conduct or activities of the BHC or its affiliates. If the deficiencies persisted, the FRB could order the BHC to divest any subsidiary bank or to cease engaging in any activities permissible for FHCs that are not permissible for BHCs, or the BHC could elect to conform its non-banking activities to those permissible for a BHC that is not also a FHC. In addition, the CRA requires U.S. banks to help serve the needs of their communities. If a depository institution subsidiary of a BHC were to receive a CRA rating of less than “satisfactory”, the BHC would be prohibited from engaging in certain activities or acquisitions (see “Community Reinvestment Act” below). Federal and state laws impose notice and approval requirements for mergers and acquisitions of other depository institutions or BHCs. As noted above, FRB approval is generally not required for us to acquire a company engaged in activities that are financial in nature or incidental to activities that are financial in nature, as determined by the FRB. Prior regulatory approval is required, however, before we may acquire or control more than 5% of any class of voting shares or substantially all of the assets of a BHC (including a FHC) or a bank. In considering applications for approval of acquisitions, the banking regulators may take several factors into account, including the competitive effects of the transaction in the relevant geographic markets; the financial and managerial resources and future prospects of companies involved in the transaction; the effect of the transaction on the financial stability of the U.S. banking or financial system; the companies’ compliance with anti-money laundering laws and regulations; the convenience and needs to the communities to be served; and the records of performance under the CRA of the insured depository institutions involved in the transaction. Capital The U.S. Basel III rules apply to us. These rules establish risk-based and leverage capital requirements. The risk-based requirements are based on a banking organization’s risk-weighted assets, also known as RWA, which reflect the organization’s on- and off-balance sheet exposures, subject to risk weights. The leverage requirements are based on a banking organization’s average consolidated on-balance sheet assets. For more detail on our regulatory capital, see the “Capital and Regulatory Matters” section of Item 7. We calculate RWA using the standardized approach and have made the one-time election to opt-out of recognizing in regulatory capital the impacts of net unrealized gains and losses included within AOCI for debt securities that are available for sale or held to maturity, accumulated net gains and losses on cash flow hedges and certain defined benefit pension plan assets. On January 1, 2020, we adopted the CECL accounting standard. In reaction to the COVID disruption, on September 30, 2020, the federal banking regulators adopted a final rule relative to regulatory capital treatment of the ACL under CECL. This rule allowed electing banking organizations to delay the estimated impact of CECL on regulatory capital for a two-year period ending December 31, 2021, followed by a three-year transition period ending December 31, 2024. The three-year transition period will phase-in the reversal of the aggregate amount of the capital benefit provided during the initial two-year delay. Under the U.S. Basel III rules, the minimum capital ratios are: •4.5% CET1 capital to risk-weighted assets; •6.0% tier 1 capital (that is, CET1 capital plus additional tier 1 capital) to risk-weighted assets; •8.0% total capital (that is, tier 1 capital plus tier 2 capital) to risk-weighted assets; and •4.0% tier 1 capital to total average consolidated assets as defined under U.S. Basel III Standardized approach (known as the “leverage ratio”). For BHCs with $100 billion or more in assets, such as us, the FRB’s capital rules impose a dynamic institution-specific SCB on top of each of the three minimum risk-weighted capital ratios listed above. Banking institutions that fail to meet the effective minimum ratios including the SCB will be subject to constraints on capital distributions, including dividends and share repurchases, and certain discretionary executive compensation. The severity of the constraints depends on the amount of the shortfall and the institution’s “eligible retained income”, defined as the greater of four quarter trailing net income net of distributions and tax effects not reflected in net income, or the average four quarter trailing net income. As a Category IV firm, our SCB is re-calibrated with each biennial supervisory stress test and updated annually to reflect our planned common stock dividends. On August 4, 2022, the FRB announced, based on the results of the 2022 CCAR supervisory stress tests, that our SCB will remain at 3.4% through September 30, 2023. To incorporate the effects of the Investors acquisition on our capital requirements, the FRB will require that we participate in the 2023 CCAR supervisory stress test. For more details, see “—Capital Planning and Stress Testing Requirements” below and the “Capital and Regulatory Matters” section of Item 7. We are also subject to the FRB's risk-based capital requirements for market risk. See the “Market Risk” section of Item 7." }, { "status": "MODIFIED", "current_title": "Liquidity Requirements", "prior_title": "Liquidity Requirements", "similarity_score": 0.693, "confidence": "medium", "key_changes": [ "Reworded sentence: \"The liquidity coverage ratio (“LCR”) is designed to ensure that a covered bank or BHC maintains an adequate level of unencumbered high-quality liquid assets to cover expected net cash outflows over a 30-day time horizon under an acute liquidity stress scenario.\"" ], "current_body": "The liquidity coverage ratio (“LCR”) is designed to ensure that a covered bank or BHC maintains an adequate level of unencumbered high-quality liquid assets to cover expected net cash outflows over a 30-day time horizon under an acute liquidity stress scenario. The NSFR is designed to promote more medium- and long-term funding of the assets and activities of banking organizations over a one-year time horizon. Under the Tailoring Rules, Category IV firms with less than $50 billion in weighted short-term wholesale funding, such as us, are not subject to any LCR or NSFR requirement. We are subject to certain liquidity requirements under the Tailoring Rules including liquidity buffer, stress testing, risk management and reporting requirements. In addition, as a Category IV firm, we are required to calculate collateral positions monthly, establish a set of liquidity risk limits, and monitor certain elements of intraday liquidity risk exposures.", "prior_body": "The federal banking regulators have adopted the Basel III-based U.S. Liquidity Coverage Ratio rule, which is a quantitative liquidity metric designed to ensure that a covered bank or BHC maintains an adequate level of unencumbered high-quality liquid assets to cover expected net cash outflows over a 30-day time horizon under an acute liquidity stress scenario. Under the Tailoring Rules, Category IV firms with less than $50 billion in weighted short-term wholesale funding, including us, are not subject to any Liquidity Coverage Ratio requirement. The Basel III framework also includes a second liquidity standard, the NSFR, which is designed to promote more medium- and long-term funding of the assets and activities of banks over a one-year time horizon. In October 2020, the federal banking regulators issued a final rule to implement the NSFR for large U.S. banking organizations. Under the final rule, Category IV firms with less than $50 billion in weighted short-term wholesale funding, including us, are not subject to the NSFR requirement. Finally, per the liquidity rules included in the FRB’s enhanced prudential standards adopted pursuant to Section 165 of the Dodd-Frank Act, we are also required to maintain a buffer of highly liquid assets based on projected funding needs for 30 days. Under the Tailoring Rules, the liquidity buffer requirements continue to apply to Category IV firms, such as us, and we remain subject to liquidity risk management requirements. However, these requirements are now tailored such that we are required to: •calculate collateral positions monthly, as opposed to weekly; •establish a more limited set of liquidity risk limits than was previously required; and •monitor fewer elements of intraday liquidity risk exposures than were previously monitored. We are also now subject to liquidity stress testing quarterly, rather than monthly, and are required to report liquidity data on a monthly basis." }, { "status": "MODIFIED", "current_title": "Changes in our accounting policies or in accounting standards could materially affect how we report our financial results and condition.", "prior_title": "Changes in our accounting policies or in accounting standards could materially affect how we report our financial results and condition.", "similarity_score": 0.686, "confidence": "medium", "key_changes": [ "Reworded sentence: \"The FASB and SEC periodically change the financial accounting and reporting standards that govern the accounting for our financial results and the preparation of our consolidated financial statements.\"" ], "current_body": "The FASB and SEC periodically change the financial accounting and reporting standards that govern the accounting for our financial results and the preparation of our consolidated financial statements. These changes can be hard to predict and can materially impact how we record and report our financial condition and results of operations. In some cases, we could be required to apply a new or revised standard retroactively, which would result in the recasting of our prior period financial statements.", "prior_body": "From time to time, the FASB and SEC change the financial accounting and reporting standards that govern the accounting for our financial results and the preparation of our financial statements. These changes can be operationally complex to implement and can materially impact how we record and report our financial condition and results of operations. For example, in June 2016, the FASB issued Accounting Standards Update 2016-13, Measurement of Credit Losses on Financial Instruments (“CECL”), that substantially changed the accounting for credit losses on loans and other financial assets held by banks, financial institutions and other organizations. Upon adoption of CECL on January 1, 2020, we recognize credit losses on these assets equal to management’s estimate of credit losses over the full remaining expected life. We consider all relevant information when estimating expected credit losses, including details about past events, current conditions, and reasonable and supportable forecasts. As evidenced in the first half of 2020 due to the impact of COVID-19, the standard introduces heightened volatility in provision for credit losses, given uncertainty in the accuracy of macroeconomic forecasts over longer time horizons, variances in the rate and composition of loan growth, and changes in overall loan portfolio size and mix. As a result, it is possible that our ongoing reported earnings and lending activity could be negatively impacted. For more information regarding CECL, see Note 6 in Item 8." }, { "status": "MODIFIED", "current_title": "Leadership, Talent Development, and Talent Acquisition and Mobility", "prior_title": "Leadership, Talent Development, and Talent Acquisition and Mobility", "similarity_score": 0.668, "confidence": "medium", "key_changes": [ "Reworded sentence: \"During 2023, we continued tailored leadership training and coaching for senior management following the detailed talent assessments conducted the prior year.\"", "Reworded sentence: \"The talent market remains competitive, particularly in emerging skill areas, and we implemented a strategy to fill critical gaps that utilizes a combination of external hiring in critical areas (e.g., technology, digital, cyber, risk, marketing, and data), a strong internal mobility program made possible by the expanded learning and development offerings provided to colleagues, and reliance on temporary workers for short-term or technical projects.\"" ], "current_body": "Our leaders are the catalysts to achieve the culture we want to foster. During 2023, we continued tailored leadership training and coaching for senior management following the detailed talent assessments conducted the prior year. We aim to equip all colleagues with the skills necessary to excel in their current roles and to build capabilities that will enable them to be highly valuable contributors in the future. We expanded our learning academies as well as badging and bootcamp programs focusing on critical skills such as Innovation, Agile, Next Gen Tech, Banking and Credit, and Data & Analytics. Our culture is one of continuous learning, which we believe is crucial for colleagues to thrive as part of our organization and to feel a sense of accomplishment and purpose. The talent market remains competitive, particularly in emerging skill areas, and we implemented a strategy to fill critical gaps that utilizes a combination of external hiring in critical areas (e.g., technology, digital, cyber, risk, marketing, and data), a strong internal mobility program made possible by the expanded learning and development offerings provided to colleagues, and reliance on temporary workers for short-term or technical projects.", "prior_body": "Our leaders are the catalysts to achieve the culture we want to foster. During 2022, we conducted a detailed assessment of the current state of our culture and leadership to inform future areas of focus. As we continue to prepare colleagues for the future, we are building capabilities by upskilling and reskilling colleagues to support new ways of working and operating models. We offer programs that include technical and skills-based programs as well as resources aligned with our leadership competencies. To deepen critical skills, we have expanded our learning academies focusing on Innovation, Agile, Next Gen Tech, Banking and Credit, and Data & Analytics. Through our development programs, we aim to equip colleagues with the skills necessary to excel in their current roles and to build competencies that will enable them to be highly valuable contributors in the future. Our culture is one of continuous learning, which we believe is crucial for colleagues to thrive as part of our organization and to feel a sense of accomplishment and purpose. We continue to expand recruiting efforts across the different levels of the organization, with the goal of building a strong pipeline of future leaders. This includes strengthening opportunities for internal mobility within Citizens through rotational programs and our academies, as well as external partnerships to support our ability to hire critical talent in areas such as technology, digital, cyber, marketing and data." }, { "status": "MODIFIED", "current_title": "Deposit Insurance", "prior_title": "Deposit Insurance", "similarity_score": 0.667, "confidence": "medium", "key_changes": [ "Reworded sentence: \"The DIF provides insurance coverage for certain deposits, up to a standard maximum deposit insurance amount of $250,000 per depositor based on ownership right and capacity category codes and is funded through assessments on IDIs based on the risk each institution poses to the DIF.\"", "Reworded sentence: \"Our payment of dividends to our stockholders is subject to oversight by the FRB.\"", "Reworded sentence: \"See “Capital and Stress Testing Requirements” above.\"", "Reworded sentence: \"Under the recent earnings test, a dividend may not be paid if the total of all dividends declared during any calendar year exceeds the sum of current year net income and retained net income of the two preceding years, less any required transfers to surplus, unless the national bank obtains the approval of the OCC.\"" ], "current_body": "The DIF provides insurance coverage for certain deposits, up to a standard maximum deposit insurance amount of $250,000 per depositor based on ownership right and capacity category codes and is funded through assessments on IDIs based on the risk each institution poses to the DIF. CBNA accepts customer deposits insured by the DIF and, therefore, must pay insurance premiums. The FDIC may increase CBNA’s insurance premiums based on various factors, including the FDIC’s assessment of its risk profile. The FDIC also requires large depository institutions, including CBNA, to maintain enhanced deposit account recordkeeping and related information technology system capabilities to facilitate prompt calculation of insured deposits if such an institution was taken into FDIC receivership. The FDIC, as required under the FDIA, established a plan in September 2020 to restore the DIF reserve ratio, 1.13% as of September 30, 2023, to meet or exceed the statutory minimum of 1.35% within eight years. This plan did not include an increase in the deposit insurance assessment rate. During 2022, the FDIC determined that the DIF reserve ratio was at risk of not reaching the statutory minimum by the statutory deadline of September 30, 2028, absent an increase in assessment rates. In October 2022, the FDIC adopted a final rule to increase initial base deposit insurance assessment rates by 2 basis points, beginning with the first quarterly assessment period of 2023. This increase in assessment rates was intended to improve the likelihood that the DIF reserve ratio will reach the required minimum by the statutory deadline of September 30, 2028. In November 2023, the FDIC approved a final rule to impose special assessments to recover the loss to the DIF arising from the protection of uninsured depositors in connection with the systemic risk determination announced on March 12, 2023, following the closures of Silicon Valley Bank and Signature Bank, as required by the FDIA. Under the final rule, the special assessment is levied on an IDI’s assessment base, which is equal to estimated uninsured deposits as reported on the institution’s December 31, 2022 Call Report, excluding the first $5 billion in estimated uninsured deposits. The special assessment is imposed at an annual rate of approximately 13.4 basis points and will be collected over eight quarterly assessment periods beginning with the first quarter of 2024. The FDIC’s current estimate of the loss attributable to this systemic risk determination is $16.3 billion. This estimate will be periodically adjusted as assets are sold, liabilities are satisfied, and receivership expenses are incurred. The FDIC would cease collection of special assessments before the end of the initial eight-quarter collection period if they expect the loss to be less than expected assessment collections. The FDIC also reserves the right to impose an extended special assessment collection period after the initial eight-quarter period to collect the difference between losses and amounts collected, and impose a one-time final shortfall special assessment after both receiverships terminate. Based on the final rule and related accounting guidance, CBNA’s special assessment is approximately $225 million and was recognized in other operating expense in the Company’s Consolidated Statement of Operations for the year ended December 31, 2023. CBNA’s special assessment is subject to change if the eventual loss to the DIF differs from the FDIC’s current estimate. Dividends Various federal statutory provisions and regulations, as well as regulatory expectations, limit the amount of dividends that we and our subsidiaries may pay. Our payment of dividends to our stockholders is subject to oversight by the FRB. In particular, the FRB reviews the dividend policies and share repurchases of a large BHC based on capital plans submitted as part of the CCAR process and the results of stress tests, as discussed above. In addition to other limitations, our ability to make any capital distributions, including dividends and share repurchases, is subject to the prior approval of the FRB if we are required to resubmit our capital plan. See “Capital and Stress Testing Requirements” above. Dividends payable by CBNA, as a national bank subsidiary, are limited to the lesser of the amount calculated under a “recent earnings” test and an “undivided profits” test. Under the recent earnings test, a dividend may not be paid if the total of all dividends declared during any calendar year exceeds the sum of current year net income and retained net income of the two preceding years, less any required transfers to surplus, unless the national bank obtains the approval of the OCC. Under the undivided profits test, a dividend may not be paid in excess of the entity’s “undivided profits” (generally accumulated net profits that have not been paid out as dividends or transferred to surplus). Federal banking regulatory agencies have issued policy statements that provide that FDIC-insured depository institutions and their holding companies should generally pay dividends only out of current operating earnings.", "prior_body": "The FDIA requires CBNA to pay deposit insurance assessments. FDIC assessment rates for large institutions are calculated based on one of two scorecards: one for most large institutions that have more than $10 billion in assets, such as CBNA, and another for “highly complex” institutions that have over $50 billion in assets and are fully owned by a parent with over $500 billion in assets. Each scorecard has a performance score and a loss-severity score that are combined to produce a total score, which is translated into an initial assessment rate. In calculating these scores, the FDIC utilizes the CAMELS ratings and forward-looking financial measures to assess an institution’s ability to withstand asset-related stress and funding-related stress. The FDIC may make discretionary adjustments to the total score, based upon significant risk factors that are not adequately captured in the scorecard. The total score is then translated to an initial base assessment rate on a non-linear, sharply increasing scale. The deposit insurance assessment is calculated based on average consolidated total assets less average tangible equity of the insured depository institution during the assessment period. Deposit insurance assessments are also affected by the minimum reserve ratio with respect to the DIF. The FDIA established a minimum DIF reserve ratio of 1.15% prior to September 2020 and 1.35% thereafter. As of September 30, 2022, the reserve ratio of the DIF was 1.26%. On October 18, 2022, the FDIC finalized a rule that will increase initial base deposit insurance assessment rates by 2 basis points, beginning with the first quarterly assessment period of 2023. The FDIC, as required under the FDIA, established a plan in September 2020 to restore the DIF reserve ratio to meet or exceed the statutory minimum of 1.35% within eight years. The increased assessment is intended to improve the likelihood that the DIF reserve ratio would reach the required minimum by the statutory deadline of September 30, 2028. Dividends Various federal statutory provisions and regulations, as well as regulatory expectations, limit the amount of dividends that we and our subsidiaries may pay. Our payment of dividends to our stockholders is subject to the oversight of the FRB. In particular, the FRB reviews the dividend policies and share repurchases of a large BHC based on capital plans submitted as part of the CCAR process and on the results of stress tests, as discussed above. In addition to other limitations, our ability to make any capital distributions, including dividends and share repurchases, is subject to the prior approval of the FRB if we are required to resubmit our capital plan. See “—Capital” and “—Capital Planning and Stress Testing Requirements” above. Dividends payable by CBNA, as a national bank subsidiary, are limited to the lesser of the amount calculated under a “recent earnings” test and an “undivided profits” test. Under the recent earnings test, a dividend may not be paid if the total of all dividends declared by a bank in any calendar year is in excess of the current year’s net income combined with the retained net income of the two preceding years, less any required transfers to surplus, unless the national bank obtains the approval of the OCC. Under the undivided profits test, a dividend may not be paid in excess of the entity’s “undivided profits” (generally, accumulated net profits that have not been paid out as dividends or transferred to surplus). Federal bank regulatory agencies have issued policy statements that provide that FDIC-insured depository institutions and their holding companies should generally pay dividends only out of their current operating earnings." }, { "status": "MODIFIED", "current_title": "Transactions with Affiliates and Insiders", "prior_title": "Transactions with Affiliates and Insiders", "similarity_score": 0.661, "confidence": "medium", "key_changes": [ "Reworded sentence: \"Sections 23A and 23B of the Federal Reserve Act establish certain quantitative limits and other prudential requirements for loans, purchases of assets, and certain other transactions between a member bank or its subsidiaries and its affiliates.\"" ], "current_body": "Sections 23A and 23B of the Federal Reserve Act establish certain quantitative limits and other prudential requirements for loans, purchases of assets, and certain other transactions between a member bank or its subsidiaries and its affiliates. The term “member bank” includes national banks such as CBNA. Section 23A prohibits a bank from entering a “covered transaction” with an affiliate if, after the transaction, the aggregate amount of the bank’s covered transactions with that affiliate would exceed 10% of the bank’s capital stock and surplus, or the aggregate amount of the bank’s covered transactions with all of its affiliates would exceed 20% of the bank’s capital stock and surplus. Covered transactions include loans and other extensions of credit to an affiliate, investments in the securities of an affiliate, purchases of assets from an affiliate, and certain other transactions that expose the bank to the credit risks of its affiliates. Section 23B of the Federal Reserve Act requires that transactions, including all covered transactions, be on terms substantially the same, or at least as favorable to the bank, as those prevailing at the time for comparable transactions with non-affiliates (the “Market Terms Requirement”). In addition to covered transactions, the Market Terms Requirement applies to certain other transactions between CBNA and its affiliates, including services between CBNA and the Parent Company and loans to CBNA from the Parent Company. Under sections 22(g) and (h) of the Federal Reserve Act and the FRB’s Regulation O, we are also subject to quantitative restrictions on extensions of credit to executive officers, directors, principal stockholders and their related interests. These extensions of credit may not exceed certain quantitative limits, must be made on substantially the same terms as those currently prevailing in the market for comparable transactions with third parties, and must not involve more than the normal risk of repayment or present other unfavorable features. Certain extensions of credit also require the approval of our Board.", "prior_body": "Sections 23A and 23B of the Federal Reserve Act and related FRB rules, including Regulation W, restrict CBNA from extending credit to, or engaging in certain other transactions with, the Parent Company and its non-bank subsidiaries. These restrictions place limits on certain specified “covered transactions” between bank subsidiaries and their affiliates, which must be limited to 10% of a bank’s capital and surplus for any one affiliate and 20% for all affiliates. Furthermore, within the foregoing limitations as to amount, certain covered transactions must meet specified collateral requirements ranging from 100% to 130%. Covered transactions are defined to include, among other things, a loan or extension of credit, as well as a purchase of securities issued by an affiliate, a purchase of assets (unless otherwise exempted by the FRB) from the affiliate, the acceptance of securities issued by the affiliate as collateral for a loan, derivatives transactions and securities lending transactions where the bank has credit exposure to an affiliate, and the issuance of a guarantee, acceptance or letter of credit on behalf of an affiliate. All covered transactions, including certain additional transactions (such as transactions with a third party in which an affiliate has a financial interest), must be conducted on market terms. The FRB enforces these restrictions, and we are audited for compliance. Section 23B prohibits an institution from engaging in certain transactions with affiliates unless the transactions are on terms substantially the same, or at least as favorable to the bank, as those prevailing at the time for comparable transactions with non-affiliated companies. Transactions between a bank and any of its subsidiaries that are engaged in certain financial activities may be subject to the affiliated transaction limits. The FRB also may designate banking subsidiaries as affiliates. Pursuant to FRB Regulation O, we are also subject to quantitative restrictions on extensions of credit to executive officers, directors, principal stockholders and their related interests. In general, such extensions of credit may not exceed certain dollar limitations, must be made on substantially the same terms, including interest rates and collateral, as those prevailing at the time for comparable transactions with third parties and must not involve more than the normal risk of repayment or present other unfavorable features. Certain extensions of credit also require the approval of our Board." }, { "status": "MODIFIED", "current_title": "Health, Well-Being, and Flexibility", "prior_title": "Health, Well-Being, and Workplace Flexibility", "similarity_score": 0.631, "confidence": "medium", "key_changes": [ "Reworded sentence: \"Our benefit programs are designed to support colleagues’ physical, mental, and financial well-being and we have added several resources in recent years.\"" ], "current_body": "We prioritize the health and well-being of our colleagues and their loved ones. Our benefit programs are designed to support colleagues’ physical, mental, and financial well-being and we have added several resources in recent years. In an effort to greater support each colleague’s unique journey, we enhanced our partnership with our BRGs by providing subject matter experts to share their experience and expertise with all BRG members, as well as increasing awareness of available tools and resources. In late 2022, we enhanced our Parental Leave Policy to six weeks of paid time off for all permanent colleagues who become parents; birth mothers are eligible for an additional 10 weeks, for a total of 16 weeks. In 2023, we increased paid bereavement leave, added several mental health resources, and provided each colleague an extra day of paid time-off to be used as a wellness day. In recognition of the impact of inflation on colleagues there were also no increases to colleague premiums, co-pays or deductibles for medical, dental, and vision coverage for 2023. We continue to embrace flexibility and manage our hybrid workforce in a manner that ensures colleagues are working in ways that best support our customers, foster engagement and innovation, and maintain our company culture.", "prior_body": "We prioritize the health and well-being of our colleagues and their loved ones. Our benefit programs are designed to support colleagues’ physical, mental, and financial well-being and we have added several resources in recent years, including additional mental and emotional health resources and emergency back-up child and adult care. We also recently enhanced our Parental Leave Policy to six weeks of paid time off for all permanent colleagues who become parents; birth mothers are eligible for an additional 10 weeks, for a total of 16 weeks. We added an ESG fund to our 401(k) plan investment options and there were no increases to colleague premiums, co-pays or deductibles for medical, dental, and vision coverage for 2023 in recognition of the impact of inflation on colleagues. We implemented a return to office strategy which incorporates flexibility for colleagues. As part of that strategy, non-branch roles have been assigned to various categories including fully remote, hybrid, or fully in the office, based on the responsibilities of each role. This approach has allowed us to balance colleague flexibility with in-person collaboration, which we believe is key to maintaining our Company values and culture." }, { "status": "MODIFIED", "current_title": "Changes in interest rates may have an adverse effect on our liquidity and profitability.", "prior_title": "Changes in interest rates may have an adverse effect on our profitability.", "similarity_score": 0.594, "confidence": "low", "key_changes": [ "Reworded sentence: \"Changes in interest rates can have a material impact on the value of our securities, a primary objective of which is to provide a ready source of contingent liquidity.\"" ], "current_body": "Changes in interest rates can have a material impact on the value of our securities, a primary objective of which is to provide a ready source of contingent liquidity. An increase in rates could lower the collateral value of these securities, reducing the amount we could borrow, and lead to losses in the event of their sale. Since our earning assets are primarily in the form of loans and debt securities, changes in interest rates can have a material impact our net interest income, net interest margin, fee income, and credit costs. Changes in interest rates can affect our net interest income and margin as our asset yields and funding costs may not rise or fall in parallel, causing our net interest income to increase or decrease and our margin to expand or contract. If our funding costs rise faster than our asset yields, or if our asset yields fall faster than our funding costs, our net interest income could decrease, and our margin could contract. An increase in interest rates could cause lower demand for loans by customers, reducing our net interest income due to lower loan balances and origination-related fee income due to lower production volume, and could also have an adverse impact on our credit costs, as borrowers may have difficulty in making higher interest payments. Additionally, an increase in rates could cause recognition of losses on the debt securities in our AFS portfolio if the securities needed to be sold. Similarly, a decrease in interest rates could lower our net interest income, net interest margin and fee income. We may be adversely affected by a prolonged period of low interest rates as it may result in us holding lower yielding loans and securities should rates rise rapidly after the period of low interest rates. Changes in the spread between short-term and long-term interest rates (i.e., the yield curve) can also have a material impact on our net interest income and net interest margin. Typically, the yield curve is upward sloping, with short-term rates being lower than long-term rates. When the yield curve flattens or inverts, our net interest income and net interest margin may decrease if the cost of our short-term funding increases relative to the yield we can earn on our long-term assets. Interest rates and the yield curve are highly sensitive to many factors that are beyond our control, including general economic conditions and the policies of various governmental and regulatory agencies and, in particular, the Federal Open Market Committee. Although we have policies and procedures designed to manage our interest rate risks, as further discussed in the “Risk Governance” section in Item 7, there can be no assurance that these policies and procedures will be effective in avoiding material adverse effects on our profitability.", "prior_body": "Net interest income historically has been, and we anticipate that it will remain, a significant component of our total revenue. This is due to the fact that a high percentage of our assets and liabilities have been and will likely continue to be in the form of interest-bearing or interest-related instruments. Changes in interest rates can have a material effect on many areas of our business, including net interest income, deposit costs, loan volume and delinquency, and the value of our mortgage servicing rights. Interest rates are highly sensitive to many factors that are beyond our control, including general economic conditions and policies of various governmental and regulatory agencies and, in particular, the Federal Open Market Committee. Changes in monetary policy, including changes in interest rates, could influence not only the interest we receive on loans and securities and the amount of interest we pay on deposits and borrowings, but such changes could also affect our ability to originate loans and obtain deposits and the fair value of our financial assets and liabilities. If the interest rates on our interest-bearing liabilities increase at a faster pace than the interest rates on our interest earning assets, our net interest income may decline and, with it, a decline in our earnings may occur. Our net interest income and our earnings would be similarly affected if the interest rates on our interest earning assets declined at a faster pace than the interest rates on our interest-bearing liabilities. We cannot control or predict with certainty changes in interest rates. Global, national, regional and local economic conditions, competitive pressures and the policies of regulatory authorities, including monetary policies of the FRB, affect interest income and interest expense. Although we have policies and procedures designed to manage the risks associated with changes in market interest rates, as further discussed under the “Risk Governance” section in Item 7, changes in interest rates still may have an adverse effect on our profitability. If our ongoing assumptions regarding borrower or depositor behavior or overall economic conditions are significantly different than we anticipate, then our risk mitigation may be insufficient to protect against interest rate risk and our net income would be adversely affected." }, { "status": "MODIFIED", "current_title": "Our ability to meet our obligations, and the cost of funds to do so, depend on our ability to access identified sources of liquidity at a reasonable cost.", "prior_title": "Our ability to meet our obligations, and the cost of funds to do so, depend on our ability to access identified sources of liquidity at a reasonable cost.", "similarity_score": 0.574, "confidence": "low", "key_changes": [ "Reworded sentence: \"Liquidity risk is the risk arising from the inability to meet our obligations when they come due.\"" ], "current_body": "Liquidity risk is the risk arising from the inability to meet our obligations when they come due. We must maintain adequate funding to meet current and future obligations, including customer loan requests, customer deposit maturities and withdrawals, debt service, equipment and premises leases, and other cash commitments, under both normal operating conditions and under periods of company-specific and/or market stress. We primarily rely on customer deposits to be a relatively stable and low-cost source of funding. In addition to customer deposits, our funding sources also include our ability to securitize loans in secondary markets, raise funds in the debt and equity capital markets, pledge loans and/or securities for borrowing from the FHLB, pledge securities as collateral for borrowing under repurchase agreements, and sell AFS securities. Our ability to meet our obligations and support our operations could be materially affected by a variety of conditions, including market-wide illiquidity or disruption, a loss of market or customer confidence in the financial services industry generally or in the Company specifically, or reductions in one or more of our credit ratings. This could limit our ability to retain our deposits, securitize or sell assets, access the debt or equity capital markets, or otherwise borrow money at a reasonable cost. Additionally, these conditions, among others, if severe enough, could create unanticipated material outflows of cash due to, among other factors, draws on unfunded commitments or deposit attrition, which could have significant adverse impact on our liquidity. Further, changes to the FHLB’s or the FRB’s underwriting guidelines for wholesale borrowings or lending policies may limit or restrict our ability to borrow, and therefore could have a significant adverse impact on our liquidity.", "prior_body": "Liquidity risk is the risk that we will not be able to meet our obligations, including funding commitments, as they come due. This risk is inherent in our operations and can be heightened by a number of factors, including an over-reliance on a particular source of funding (including, for example, secured FHLB advances), changes in credit ratings or market-wide phenomena such as market dislocation and major disasters. Like many banking groups, our reliance on customer deposits to meet a considerable portion of our funding has grown over recent years, and we continue to seek to increase the proportion of our funding represented by customer deposits. However, these deposits are subject to fluctuation due to certain factors outside our control, such as increasing competitive pressures for retail or corporate customer deposits, changes in interest rates and returns on other investment classes, or a loss of confidence by customers in us or in the banking sector generally which could result in a significant outflow of deposits within a short period of time. To the extent there is heightened competition among U.S. banks for retail customer deposits, this competition may increase the cost of procuring new deposits and/or retaining existing deposits, and otherwise negatively affect our ability to grow our deposit base. An inability to grow, or any material decrease in, our deposits could have a material adverse effect on our ability to satisfy our liquidity needs. Maintaining a diverse and appropriate funding strategy for our assets consistent with our wider strategic risk appetite and plan remains challenging, and any tightening of credit markets could have a material adverse impact on us. In particular, there is a risk that corporate and financial institution counterparties may seek to reduce their credit exposures to banks and other financial institutions (for example, reductions in unsecured deposits supplied by these counterparties), which may cause funding from these sources to no longer be available. Under these circumstances, we may need to seek funds from alternative sources, potentially at higher costs than has previously been the case, or may be required to consider disposals of other assets not previously identified for disposal, in order to reduce our funding commitments." }, { "status": "MODIFIED", "current_title": "Employee Engagement", "prior_title": "Employee Engagement", "similarity_score": 0.565, "confidence": "low", "key_changes": [ "Reworded sentence: \"As part of our ongoing efforts to develop a high performing workforce and make Citizens a great place to work and build a career, we conduct an annual organizational health survey (“OHS”).\"" ], "current_body": "As part of our ongoing efforts to develop a high performing workforce and make Citizens a great place to work and build a career, we conduct an annual organizational health survey (“OHS”). The results of our survey are instrumental in helping management prioritize areas of change that are most important to colleagues. Survey results are used to refine our focus, address gaps, and strengthen efforts to improve our organizational effectiveness and colleague experience. Between our initial public offering and 2022, we had a 19-point increase in our overall survey score and achieved top quartile status within McKinsey’s global benchmarks. In 2023, with an eye toward continuing to evolve our strategy and culture, we transitioned to a new OHS tool. In 2023, 87% of colleagues participated in the OHS, which is our all-time highest participation rate.", "prior_body": "As part of our ongoing efforts to develop a high performing workforce and make Citizens a great place to work and build a career, we have used McKinsey & Company’s Organizational Health Index (“OHI”) since our 2014 initial public offering to understand colleagues’ viewpoints about Citizens on a range of topics. OHI results are used to refine our focus, address gaps, and strengthen efforts to improve our organizational effectiveness and colleague experience. Since our inaugural survey, our overall OHI score has increased nearly 20 points to 77 in 2022 and is now within the first quartile of McKinsey’s global benchmarks. The results of our OHI surveys have been instrumental in helping management prioritize areas of change that are most important to colleagues. In 2023, we are transitioning to a new listening platform, which will include a colleague survey tool aimed at providing additional insights as we continue to evolve our strategy and culture." }, { "status": "MODIFIED", "current_title": "Our financial performance may be adversely affected by deterioration in borrower credit quality.", "prior_title": "Our financial performance may be adversely affected by deterioration in borrower credit quality, particularly in the New England, Mid-Atlantic and Midwest regions, where our operations are predominately concentrated.", "similarity_score": 0.488, "confidence": "low", "key_changes": [ "Reworded sentence: \"Risks arising from actual or perceived changes in credit quality and uncertainty over the recoverability of amounts due from borrowers is inherent in our businesses.\"" ], "current_body": "Risks arising from actual or perceived changes in credit quality and uncertainty over the recoverability of amounts due from borrowers is inherent in our businesses. If the economic environment were to deteriorate, more of our borrowers may have difficulty in repaying their loans which could result in higher credit losses and increased loan loss provision expense. Further, our credit risk and credit losses may increase to the extent our loans are concentrated by loan type, industry segment, collateral type, borrower type, or location of the collateral or borrower. A significant portion of our earnings assets are in the form of loans to borrowers across the U.S., primarily for residential, commercial and industrial, commercial real estate, education, auto and other retail purposes. A deterioration in economic conditions or changes in consumer or business behavior that negatively impacts home property or commercial property values could, in event of the borrower’s default, result in materially higher credit losses. Similarly, higher unemployment levels and higher interest rates can adversely affect our customers’ ability to repay their loans, which can negatively impact our credit performance. The credit quality of our borrowers may deteriorate for a number of reasons that are outside our control, including prevailing economic and market conditions and collateral valuations. The trends and risks affecting borrower credit quality have caused, and in the future may cause, us to experience credit losses, impairment charges, increased repurchase demands, higher recovery costs, and an inability to engage in routine funding transactions, which could have a material adverse effect on our business, financial condition and results of operations.", "prior_body": "We have exposure to many different industries and risks arising from actual or perceived changes in credit quality and uncertainty over the recoverability of amounts due from borrowers is inherent in our businesses. Our exposure may be exacerbated by the geographic concentration of our operations, which are predominately located in the New England, Mid-Atlantic and Midwest regions. The credit quality of our borrowers may deteriorate for a number of reasons that are outside our control, including as a result of prevailing economic and market conditions and asset valuation. The trends and risks affecting borrower credit quality, particularly in the New England, Mid-Atlantic and Midwest regions, have caused, and in the future may cause, us to experience impairment charges, increased repurchase demands, higher costs, additional write-downs and losses and an inability to engage in routine funding transactions, which could have a material adverse effect on our business, financial condition and results of operations." }, { "status": "MODIFIED", "current_title": "Community Reinvestment Act", "prior_title": "Community Reinvestment Act", "similarity_score": 0.468, "confidence": "low", "key_changes": [ "Reworded sentence: \"The CRA requires CBNA’s primary federal bank regulatory agency, the OCC, to evaluate the bank’s record in meeting the credit needs of the communities it serves, including low- and moderate-income neighborhoods and individuals.\"" ], "current_body": "The CRA requires CBNA’s primary federal bank regulatory agency, the OCC, to evaluate the bank’s record in meeting the credit needs of the communities it serves, including low- and moderate-income neighborhoods and individuals. Institutions are assigned one of four ratings: “Outstanding,” “Satisfactory,” “Needs to Improve,” or “Substantial Noncompliance.” A bank’s CRA record is considered by regulatory agencies in evaluating mergers, acquisitions and applications to open a branch or facility. In addition, the CRA record of a subsidiary bank of a FHC is considered if a FHC wishes to commence certain new financial activities or to acquire a company engaged in such activities, which requires a rating of at least “satisfactory.” CBNA received an “Outstanding” rating on its most recent CRA evaluation. On October 24, 2023, the federal banking regulators issued a joint final rule that revises the agencies’ CRA regulations. The primary provisions of the final rule, along with the most significant changes from the existing CRA regulatory framework, are outlined below: •a tiered evaluation framework is established based on a bank’s asset size, similar to the existing CRA regulatory framework; •the geographic area in which banks may be evaluated for performance is expanded to include areas outside of where they have physical locations in order to capture the varied activities a bank conducts, such as online and mobile banking, and the communities in which it operates; •bank retail lending and community development financing will be evaluated using a new metrics-based approach; and •clarifies eligible CRA activities, such as affordable housing. The final rule takes effect on April 1, 2024, with staggered compliance dates of January 1, 2026, and January 1, 2027 for certain reporting requirements. We are in the process of evaluating the impact of the final rule on our business.", "prior_body": "The CRA requires banking regulators to evaluate the Parent Company and CBNA in meeting the credit needs of our local communities, including providing credit to individuals residing in low- and moderate- income neighborhoods. The CRA also requires each appropriate federal bank regulatory agency, in connection with its examination of a depository institution, to assess such institution’s record in assessing and meeting the credit needs of the community served by that institution and assign ratings. The regulatory agency’s evaluation of the institution’s record and ratings are made public. These CRA performance evaluations are also considered by regulatory agencies in evaluating mergers, acquisitions and applications to open a branch or facility, and, in the case of a BHC that has elected FHC status, a CRA rating of at least “satisfactory” is required to commence certain new financial activities or to acquire a company engaged in such activities. CBNA received a rating of “outstanding” in our most recent CRA evaluation. On May 5, 2022, the FRB, OCC and FDIC jointly issued a notice of proposed rulemaking proposing revisions to the agencies’ CRA regulations, including with respect to the delineation of assessment areas, the overall evaluation framework and performance standards and metrics, the definition of community development activities, and data collection and reporting. The proposed rule would adjust CRA evaluations based on bank size and type, with many of the proposed changes applying only to banks with over $2 billion in assets and several applying only to banks with over $10 billion in assets, such as CBNA. We will continue to evaluate the impact of any changes to the regulations implementing the CRA." }, { "status": "UNCHANGED", "current_title": "Compliance with anti-money laundering and anti-terrorism financing rules involves significant cost and effort.", "prior_title": "Compliance with anti-money laundering and anti-terrorism financing rules involves significant cost and effort.", "current_body": "We are subject to rules and regulations regarding money laundering and the financing of terrorism. Monitoring compliance with anti-money laundering and anti-terrorism financing rules can put a significant financial burden on banks and other financial institutions and poses significant technical challenges. Although we believe our current policies and procedures are sufficient to comply with applicable rules and regulations, we cannot guarantee that our anti-money laundering and anti-terrorism financing policies and procedures completely prevent situations of money laundering or terrorism financing. Any such failure events may have severe consequences, including sanctions, fines and reputational consequences, which could have a material adverse effect on our business, financial condition or results of operations." }, { "status": "UNCHANGED", "current_title": "We are subject to capital adequacy and liquidity standards, and if we fail to meet these standards our financial condition and operations would be adversely affected.", "prior_title": "We are subject to capital adequacy and liquidity standards, and if we fail to meet these standards our financial condition and operations would be adversely affected.", "current_body": "We are subject to several capital adequacy and liquidity standards. To the extent that we are unable to meet these standards, our ability to make distributions of capital will be limited and we may be subject to additional supervisory actions and limitations on our activities. See “Regulation and Supervision” in Item 1 and the “Capital and Regulatory Requirements” and “Liquidity” sections in Item 7, for further discussion of the regulations to which we are subject." }, { "status": "UNCHANGED", "current_title": "“Anti-takeover” provisions and the regulations to which we are subject may make it more difficult for a third party to acquire control of us, even if the change in control would be beneficial to stockholders.", "prior_title": "“Anti-takeover” provisions and the regulations to which we are subject may make it more difficult for a third party to acquire control of us, even if the change in control would be beneficial to stockholders.", "current_body": "We are a BHC incorporated in the state of Delaware. Anti-takeover provisions in Delaware law and our restated certificate of incorporation and amended and restated bylaws, as well as regulatory approvals that would be required under federal law, could make it more difficult for a third party to take control of us and may prevent stockholders from receiving a premium for their shares of our common stock. These provisions could adversely affect the market price of our common stock and could reduce the amount that stockholders might get if we are sold. Furthermore, banking laws impose notice, approval and ongoing regulatory requirements on any stockholder or other party that seeks to acquire direct or indirect “control” of an FDIC-insured depository institution. These laws include the Bank Holding Company Act and the Change in Bank Control Act." }, { "status": "UNCHANGED", "current_title": "Intellectual Property", "prior_title": "Intellectual Property", "current_body": "In the highly competitive banking industry in which we operate, trademarks, service marks and logos are important to the success of our business. We own and license a variety of trademarks, service marks, logos and pending registrations and are spending significant resources to develop our stand-alone brands." }, { "status": "UNCHANGED", "current_title": "The Parent Company could be required to act as a “source of strength” to CBNA, which would have a material adverse effect on our business, financial condition and results of operations.", "prior_title": "The Parent Company could be required to act as a “source of strength” to CBNA, which would have a material adverse effect on our business, financial condition and results of operations.", "current_body": "FRB policy historically required BHCs to act as a source of financial and managerial strength to their subsidiary banks. The Dodd-Frank Act codified this policy as a statutory requirement. This support may be required by the FRB at times when we might otherwise determine not to provide it or when doing so is not otherwise in the interests of CFG or our stockholders or creditors, and may include one or more of the following: •The Parent Company may be compelled to contribute capital to CBNA, including by engaging in a public offering to raise such capital. Furthermore, any extensions of credit from the Parent Company to CBNA that are included in CBNA’s capital would be subordinate in right of payment to depositors and certain other indebtedness of CBNA. •In the event of a BHC’s bankruptcy, any commitment that the BHC had been required to make to a federal bank regulatory agency to maintain the capital of a subsidiary bank will be assumed by the bankruptcy trustee and entitled to priority of payment. •In the event of impairment of the capital stock of CBNA, the Parent Company, as CBNA’s stockholder, could be required to pay such deficiency." }, { "status": "UNCHANGED", "current_title": "We are exposed to reputational risk and the risk of damage to our brands and the brands of our affiliates.", "prior_title": "We are exposed to reputational risk and the risk of damage to our brands and the brands of our affiliates.", "current_body": "Our success and results depend on our reputation and the strength of our brands. We are vulnerable to adverse market perception as we operate in an industry where integrity, customer trust and confidence are paramount. We are exposed to the risk that litigation, employee misconduct, operational failures, the outcome of regulatory or other investigations or actions, press speculation and negative publicity, perception of our environmental, social and governance practices and disclosures, among other factors, could damage our brands or reputation. Our brands and reputation could also be harmed if we sell products or services that do not perform as expected or customers’ expectations for the product are not satisfied." }, { "status": "UNCHANGED", "current_title": "Our stock price may be volatile, and you could lose all or part of your investment as a result.", "prior_title": "Our stock price may be volatile, and you could lose all or part of your investment as a result.", "current_body": "You should consider an investment in our common stock to be risky, and you should invest in our common stock only if you can withstand a significant loss and wide fluctuation in the market value of your investment. The market price of our common stock could be subject to wide fluctuations in response to, among other things, the factors described in this “Risk Factors” section, and other factors, some of which are beyond our control. These factors include: •quarterly variations in our results of operations or the quarterly financial results of companies perceived to be similar to us; •changes in expectations as to our future financial performance, including financial estimates by securities analysts and investors; •our announcements or our competitors’ announcements regarding new products or services, enhancements, significant contracts, acquisitions or strategic investments; •fluctuations in the market valuations of companies perceived by investors to be comparable to us; •failures of financial institutions perceived to be similar to us; •future sales of our common stock; •additions or departures of members of our senior management or other key personnel; •changes in industry conditions or perceptions; and •changes in applicable laws, rules or regulations and other dynamics. Furthermore, the stock markets have experienced price and volume fluctuations that have affected and continue to affect the market price of equity securities of many companies. These fluctuations have often been unrelated or disproportionate to the operating performance of these companies. These broad market fluctuations, as well as general economic, systemic, political and market conditions, such as recessions, loss of investor confidence, interest rate changes or international currency fluctuations, may negatively affect the market price of our common stock. If any of the foregoing occurs, it could cause our stock price to fall and may expose us to securities class action litigation that, even if unsuccessful, could be costly to defend and a distraction to management." }, { "status": "UNCHANGED", "current_title": "The Parent Company depends on CBNA for substantially all of its revenue, and restrictions on dividends and other distributions by CBNA could affect its liquidity and ability to fulfill our obligations.", "prior_title": "The Parent Company depends on CBNA for substantially all of its revenue, and restrictions on dividends and other distributions by CBNA could affect its liquidity and ability to fulfill our obligations.", "current_body": "As a BHC, the Parent Company is a separate and distinct legal entity from CBNA, our banking subsidiary. The Parent Company typically receives substantially all of its revenue from dividends from CBNA. These dividends are the principal source of funds to pay dividends on our equity and interest and principal on our debt. Various federal and/or state laws and regulations, as well as regulatory expectations, limit the amount of dividends that CBNA may pay to the Parent Company. Also, our right to participate in a distribution of assets upon a subsidiary’s liquidation or reorganization is subject to the prior claims of the subsidiary’s creditors. In the event CBNA is unable to pay dividends to the Parent Company, it may not be able to service debt, pay obligations or pay dividends on its common stock. The inability to receive dividends from CBNA could have a material adverse effect on our business, financial condition and results of operations. See the “Regulation and Supervision” section in Item 1 and the “Capital and Regulatory Matters” section in Item 7." }, { "status": "UNCHANGED", "current_title": "Supervisory requirements and expectations on us as a financial holding company and a bank holding company and any regulator-imposed limits on our activities could adversely affect our ability to implement our strategic plan, expand our business, continue to improve our financial performance and make capital distributions to our stockholders.", "prior_title": "Supervisory requirements and expectations on us as a financial holding company and a bank holding company and any regulator-imposed limits on our activities could adversely affect our ability to implement our strategic plan, expand our business, continue to improve our financial performance and make capital distributions to our stockholders.", "current_body": "Our operations are subject to extensive regulation, supervision and examination by the federal banking regulators, as well as the CFPB. As part of the supervisory and examination process, if we are unsuccessful in meeting the requirements and expectations that apply to us, regulatory agencies may from time to time take supervisory actions against us that may not be publicly disclosed. Such actions may include restrictions on our activities or the activities of our subsidiaries, informal (nonpublic) or formal (public) supervisory actions or public enforcement actions, including the payment of civil money penalties, which could increase our costs and limit our ability to implement our strategic plans and expand our business, and as a result could have a material adverse effect on our business, financial condition or results of operations. See the “Regulation and Supervision” section in Item 1 for further information." }, { "status": "UNCHANGED", "current_title": "Climate change manifesting as physical or transition risks could adversely affect our operations, businesses and customers.", "prior_title": "Climate change manifesting as physical or transition risks could adversely affect our operations, businesses and customers.", "current_body": "There is increasing global concern over the risks of climate change and related environmental sustainability matters. The physical risks of climate change include discrete events, such as flooding and wildfires, and longer-term shifts in climate patterns, such as extreme heat, sea level rise, and more frequent and prolonged drought. Such events could disrupt our operations or those of our clients, customers, or service providers, including through direct damage to assets and indirect impacts from supply chain disruption and market volatility. We are also exposed to risks associated with the transition to a lower-carbon economy in response to concerns around climate change. Such risks may result from changes in policies, laws and regulations, technologies, or market preferences that are intended to address climate change. These changes could materially and negatively impact our or our customers’ business, results of operations, financial condition and reputation. This could occur as a result of our or our customers’ involvement in, or decision not to participate in, certain industries or projects associated with exacerbating climate change, as well as any decisions we make to continue to conduct or change our activities in response to considerations related to climate change. Ongoing legislative or regulatory uncertainties and changes regarding climate risk management and practices may result in higher regulatory, compliance, credit and reputational risks and costs." }, { "status": "UNCHANGED", "current_title": "We may not repurchase shares or pay cash dividends on our common stock.", "prior_title": "We may not repurchase shares or pay cash dividends on our common stock.", "current_body": "Holders of our common stock are only entitled to receive such dividends as our Board may declare out of funds legally available for such payments. Although we have historically declared cash dividends on our common stock, we are not required to do so and may reduce or eliminate our common stock dividend in the future, which could adversely affect the market price of our common stock. Also, as a BHC, our ability to repurchase shares and declare and pay dividends is dependent on certain federal regulatory considerations, including the rules of the FRB regarding capital adequacy and dividends. Additionally, we are also generally required to receive the FRB’s approval for any dividends, share repurchases, or redemption of capital securities if we are required to resubmit our capital plan. Further, if we are unable to satisfy the capital requirements applicable to us for any reason, we may be limited in our ability to repurchase shares and declare and pay dividends on our capital stock. See the “Regulation and Supervision” section in Item 1 and the “Capital and Regulatory Matters” section in Item 7 for further discussion of the regulations to which we are subject." }, { "status": "UNCHANGED", "current_title": "We operate in an industry that is highly competitive, which could result in losing business or margin declines and have a material adverse effect on our business, financial condition and results of operations.", "prior_title": "We operate in an industry that is highly competitive, which could result in losing business or margin declines and have a material adverse effect on our business, financial condition and results of operations.", "current_body": "We operate in a highly competitive industry, which could become even more competitive as a result of legislative, regulatory and technological changes, as well as continued consolidation. We face aggressive competition from other domestic and foreign lending institutions and from numerous other providers of financial services, including non-banking financial institutions that are not subject to the same regulatory restrictions as banks and BHCs, securities firms and insurance companies, and competitors that may have greater financial resources. With respect to non-banking financial institutions, technology and other changes have lowered barriers to entry and made it possible for non-banks to offer products and services traditionally provided by banks. For example, consumers can maintain funds that would have historically been held as bank deposits in brokerage accounts or mutual funds. Consumers can also complete transactions such as paying bills and/or transferring funds directly without the assistance of banks. In addition, the emergence, adoption and evolution of new technologies that do not require intermediation, including distributed ledgers such as digital assets and blockchain, as well as advances in robotic process automation, could significantly affect the competition for financial services. The process of eliminating banks as intermediaries, known as “disintermediation,” could result in the loss of fee income, as well as the loss of customer deposits and the related income generated from those deposits. Some of our non-bank competitors are not subject to the same extensive regulations we are and, therefore, may have greater flexibility in competing for business. As a result of these and other sources of competition, we could lose business to competitors or be forced to price products and services on less advantageous terms to retain or attract clients, either of which would adversely affect our profitability." }, { "status": "UNCHANGED", "current_title": "The regulatory environment in which we operate continues to be subject to significant and evolving regulatory requirements that could have a material adverse effect on our business and earnings.", "prior_title": "The regulatory environment in which we operate continues to be subject to significant and evolving regulatory requirements that could have a material adverse effect on our business and earnings.", "current_body": "We are heavily regulated by multiple banking, consumer protection, securities and other regulatory authorities at the federal and state levels. This regulatory oversight is primarily established to protect depositors, the DIF, consumers of financial products, and the financial system as a whole, not for the protection of shareholders or other investors. Changes to statutes, regulations, rules or policies, including their interpretation, implementation or enforcement, could affect us in substantial and unpredictable ways, including by, for example, subjecting us to additional costs, limiting the types of financial services and other products we may offer, limiting our ability to pursue acquisitions and increasing the ability of third parties, including non-banks, to offer competing financial services and products. In recent years, we, together with the rest of the financial services industry, have faced particularly intense scrutiny, with many new regulatory initiatives and vigorous oversight and enforcement on the part of numerous regulatory and governmental authorities. Legislatures and regulators have pursued a broad array of initiatives intended to promote the safety and soundness of financial institutions, financial market stability, the transparency and liquidity of financial markets, and consumer and investor protection. Certain regulators and law enforcement authorities have also recently required admissions of wrongdoing and, in some cases, criminal pleas as part of the resolutions of matters brought by them against financial institutions. Any such resolution of a matter involving us could lead to increased exposure to civil litigation, could adversely affect our reputation, could result in penalties or limitations on our ability to do business or engage in certain activities and could have other negative effects. In addition, a single event or issue may give rise to numerous and overlapping investigations and proceedings, including by multiple federal and state regulators and other governmental authorities. We are also subject to laws and regulations relating to the privacy of the information of our customers, employees, counterparties and others, and any failure to comply with these laws and regulations could expose us to liability and/or reputational damage. As new privacy-related laws and regulations are implemented, the time and resources needed for us to comply with those laws and regulations, as well as our potential liability for non-compliance and our reporting obligations in the case of data breaches, may significantly increase. While there have been significant revisions to the laws and regulations applicable to us that have been finalized in recent years, there are other rules to implement changes that have yet to be proposed or enacted by our regulators. The final timing, scope and impact of these changes to the regulatory framework applicable to financial institutions remains uncertain. For more information on regulations to which we are subject and recent initiatives to reform financial institution regulation, see the “Regulation and Supervision” section in Item 1." }, { "status": "UNCHANGED", "current_title": "From time-to-time, we may become or are subject to regulatory actions that may have a material impact on our business.", "prior_title": "From time-to-time, we may become or are subject to regulatory actions that may have a material impact on our business.", "current_body": "We may become or are involved, from time to time, in reviews, investigations and proceedings (both formal and informal) by governmental and self-regulatory agencies regarding our business. These regulatory actions involve accounting, compliance and operational matters, among others, some of which may result in adverse judgments, settlements, fines, penalties, injunctions or other relief that may require changes to our business or otherwise materially impact our business. In regulatory actions, such as those referred to above, it is inherently difficult to determine whether any loss is probable or whether it is possible to reasonably estimate the amount of any loss. We cannot predict with certainty if, how or when such proceedings will be resolved or what the eventual fine, penalty or other relief, conditions or restrictions, if any, may be, particularly for actions that are in their early stages of investigation. We may be required to make significant restitution payments to CBNA customers arising from certain compliance issues and also may be required to pay civil money penalties in connection with certain of these issues. This uncertainty makes it difficult to estimate probable losses which, in turn, can lead to substantial disparities between the reserves we may establish for such proceedings and the eventual settlements, fines, or penalties. Adverse regulatory actions could have a material adverse effect on our business, financial condition and results of operations." }, { "status": "UNCHANGED", "current_title": "We are and may be subject to litigation that may have a material impact on our business.", "prior_title": "We are and may be subject to litigation that may have a material impact on our business.", "current_body": "Our operations are diverse and complex and we operate in legal and regulatory environments that expose us to potentially significant litigation risk. In the normal course of business, we have been named, from time to time, as a defendant in various legal actions, including arbitrations, class actions and other litigation, arising in connection with our activities as a financial services institution, including with respect to alleged unfair or deceptive business practices, mis-selling of certain products, violations of contract or intellectual property rights, and other compliance or operational failures. Certain of the actual or threatened legal actions include claims for substantial compensatory and/or punitive damages or claims for indeterminate amounts of damages. In some cases, the entities that would otherwise be the primary defendants in such cases are bankrupt or in financial distress. Moreover, a number of recent judicial decisions have upheld the right of borrowers to sue lending institutions on the basis of various evolving legal theories, collectively termed “lender liability.” Generally, lender liability is founded on the premise that a lender has either violated a duty, whether implied or contractual, of good faith and fair dealing owed to the borrower or has assumed a degree of control over the borrower resulting in the creation of a fiduciary duty owed to the borrower or its other creditors or stockholders. This could increase the amount of private litigation to which we are subject. For more information regarding ongoing significant legal proceedings in which we may be involved, see Note 19 in Item 8." }, { "status": "UNCHANGED", "current_title": "Regulation of Broker-Dealers", "prior_title": "Regulation of Broker-Dealers", "current_body": "Our subsidiaries, Citizens Securities, Inc., and Citizens JMP Securities, LLC are registered broker-dealers with the SEC and subject to regulation and examination by the SEC as well as FINRA and other self-regulatory organizations. These regulations cover a broad range of matters, including capital requirements; sales and trading practices; use of client funds and securities; the conduct of directors, officers and employees; record-keeping and recording; supervisory procedures to prevent improper trading on material nonpublic information; qualification and licensing of sales personnel; and limitations on the extension of credit in securities transactions. In addition to federal registration, state securities commissions require the registration of certain broker-dealers." }, { "status": "UNCHANGED", "current_title": "Regulation and Supervision", "prior_title": "Regulation and Supervision", "current_body": "Our operations are subject to extensive regulation, supervision and examination under federal and state laws and regulations. These laws and regulations cover all aspects of our business, including lending practices, deposit insurance, customer privacy and cybersecurity, capital adequacy and planning, liquidity, safety and soundness, consumer protection and disclosure, permissible activities and investments, and certain transactions with affiliates. These laws and regulations are intended primarily for the protection of customers, depositors, the DIF and the banking system as a whole and not for the protection of shareholders or other investors. The discussion below outlines the material elements of selected laws and regulations applicable to us and our subsidiaries. Changes in applicable law or regulation, and in their interpretation and application by regulatory agencies and other governmental authorities, cannot be predicted, but may have a material effect on our business, financial condition or results of operations. We are subject to examinations by federal banking regulators, as well as the SEC, FINRA and various state insurance and securities regulators. In some cases, regulatory agencies may take supervisory actions that may not be publicly disclosed, and such actions may restrict or limit our activities or activities of our subsidiaries. As part of our regular examination process, regulators may advise us to operate under various restrictions as a prudential matter. We have periodically received requests for information from regulatory authorities at the federal and state level, including from banking, securities and insurance regulators, state attorneys general, federal agencies or law enforcement authorities, and other regulatory authorities, concerning our business practices. Such requests are considered incidental to the normal conduct of business. For a further discussion of how regulatory actions may impact our business, see Item 1A “Risk Factors.” For additional information regarding regulatory matters, see Note 25 in Item 8. Overview We are a BHC under the Bank Holding Company Act and have elected to be treated as a FHC under amendments to this Act as effected by GLBA. As such, we are subject to the supervision, examination and reporting requirements of the Bank Holding Company Act and the regulations of the FRB, including through the Federal Reserve Bank of Boston. Under the system of “functional regulation” established under the Bank Holding Company Act, the FRB serves as the primary regulator of our consolidated organization. The OCC serves as the primary regulator for CBNA, and the SEC and FINRA serve as the primary regulators of our broker-dealer subsidiaries. The federal banking regulators have authority to approve or disapprove mergers, acquisitions, consolidations, the establishment of branches and similar corporate actions. These banking regulators also have the power to prevent the continuance or development of unsafe or unsound banking practices or other violations of law. Federal law governs the activities in which CBNA engages, including the investments it makes and the aggregate amount of available credit that it may grant to one borrower. Various consumer and compliance laws and regulations also affect its operations. The actions the FRB takes to implement monetary policy also affect us. In addition, CBNA is subject to regulation, supervision and examination by the CFPB with respect to consumer protection laws and regulations. The CFPB has broad authority to regulate the offering and provision of consumer financial products by depository institutions, such as CBNA, with more than $10 billion in total assets. The CFPB may promulgate rules under a variety of consumer financial protection statutes, including the Truth in Lending Act, the Equal Credit Opportunity Act, the Electronic Funds Transfer Act and the Real Estate Settlement Procedures Act." }, { "status": "UNCHANGED", "current_title": "Our framework for managing risks may not be effective in mitigating risk and loss.", "prior_title": "Our framework for managing risks may not be effective in mitigating risk and loss.", "current_body": "Our risk management framework is made up of various processes and strategies to manage our risk exposure. The framework to manage risk, including the framework’s underlying assumptions, may not be effective under all conditions and circumstances. If the risk management framework proves ineffective, we could suffer unexpected losses and could be materially adversely affected. One of the main types of risks inherent in our business is credit risk. An important feature of our credit risk management system is to employ an internal credit risk control system through which we identify, measure, monitor and mitigate the existing and emerging credit risk of our customers. This process involves a detailed analysis of the customer or credit risk, taking into account both quantitative and qualitative factors, and is inherently subject to human error. In exercising their judgment, our employees may not always be able to assign an accurate credit rating to a customer or credit risk, which may result in our exposure to higher credit risks than indicated by our risk rating system. In addition, we have undertaken certain actions to enhance our credit policies and guidelines to address potential risks associated with particular industries or types of customers. However, we may not be able to effectively implement these initiatives, or consistently follow and refine our credit risk management system. If any of the foregoing were to occur, it may result in an increase in the level of nonaccrual loans and a higher risk exposure for us, which could have a material adverse effect on us." }, { "status": "UNCHANGED", "current_title": "Any deterioration in national economic conditions could have a material adverse effect on our business, financial condition and results of operations.", "prior_title": "Any deterioration in national economic conditions could have a material adverse effect on our business, financial condition and results of operations.", "current_body": "Our business is affected by national economic conditions, as well as perceptions of those conditions and future economic prospects. Changes in such economic conditions are not predictable and cannot be controlled. Adverse economic conditions, such as recent inflationary pressures, could require us to charge off a higher percentage of loans and increase the provision for credit losses, which would reduce our net income and otherwise have a material adverse effect on our business, financial condition and results of operations." }, { "status": "UNCHANGED", "current_title": "Commercial Banking Segment", "prior_title": "Commercial Banking Segment", "current_body": "Commercial Banking primarily serves companies and institutions with annual revenues of $25 million to more than $3.0 billion and strives to be a trusted advisor to our clients and preferred provider for their banking needs. We offer a broad complement of financial products and solutions, including lending and leasing, deposit and treasury management services, foreign exchange, interest rate and commodity risk management solutions, as well as syndicated loans, corporate finance, mergers and acquisitions, and debt and equity capital markets capabilities. Commercial Banking is organized around client segments and their banking needs. Corporate Banking, Commercial Real Estate, Capital Markets and Advisory, and Treasury Solutions work together to understand client needs and provide comprehensive solutions to meet those needs. We acquire new clients through a coordinated approach to the market, leveraging deep industry knowledge in specialized banking groups and a geographic coverage model. Corporate Banking serves commercial and industrial clients with annual gross revenues of $25 million to $500 million, and corporate clients with annual revenues of $500 million to more than $3.0 billion in the United States. In several areas, such as Aerospace, Defense and Government Services, Communications, Transportation and Logistics, Food and Restaurants, Human Capital Management, and Gaming we offer a more dedicated and tailored approach to better meet the unique needs of these client segments. Commercial Real Estate provides customized debt capital solutions for middle-market operators, institutional developers, investors, and REITs. Commercial Real Estate provides financing for projects primarily in the multi-family, office, industrial, retail, healthcare and hospitality sectors. Capital Markets and Advisory serves clients through key product groups including Corporate Finance, Capital Markets, and Global Markets. Corporate Finance provides advisory services to middle-market and mid-corporate clients, including mergers and acquisitions and capital structure advice. The team works closely with industry-sector specialists within capital markets to advise our clients. Corporate Finance also provides acquisition and follow-on financing for new and recapitalized portfolio companies of key sponsors, with services meeting the unique and time-sensitive needs of private equity firms, management companies and funds, and underwriting and portfolio management expertise for leveraged transactions and relationships. Capital Markets originates, structures and underwrites credit and equity facilities targeting middle-market, mid-corporate and private equity sponsors. They focus on offering value-added ideas to optimize their capital structures, including advising on and facilitating mergers and acquisitions, valuations, tender offers, financial restructurings, bond and equity underwriting, asset sales, divestitures and other corporate reorganizations and business combinations. Capital Markets also provides sales and trading across loan, fixed income and equity products, as well as other brokerage services including equity research. Global Markets provides foreign exchange, interest rate and commodities risk management services. The Treasury Solutions product group supports Commercial Banking and certain small business clients with treasury management solutions, including domestic and international products and services related to receivables, payables, information reporting and liquidity management, as well as commercial credit cards and trade finance." }, { "status": "UNCHANGED", "current_title": "Fair and Equitable Compensation", "prior_title": "Fair and Equitable Compensation", "current_body": "We strive to compensate our colleagues fairly based on market data, experience, and performance, and we compare our compensation to other companies in our peer group as well as others in the financial services industry. Part of our commitment to building and fostering a diverse, inclusive, high-performing culture includes ensuring our compensation and benefits are fair and competitive for all colleagues. We engage an independent third-party expert firm to conduct an annual pay equity analysis, accounting for factors that appropriately explain differences in pay such as role, performance, and experience. Additional information about this analysis, including our most recent results, can be found in our Environmental Social Governance Report and on our website." }, { "status": "UNCHANGED", "current_title": "Operational risks are inherent in our businesses.", "prior_title": "Operational risks are inherent in our businesses.", "current_body": "Our operations depend on our ability to process a very large number of transactions efficiently and accurately while complying with applicable laws and regulations. Operational risk and losses can result from internal and external fraud; improper conduct or errors by employees or third parties; failure to document transactions properly or to obtain proper authorization; failure to comply with applicable legal and regulatory requirements and business conduct rules; equipment failures, including those caused by natural disasters or by electrical, telecommunications or other essential utility outages; business continuity and data security system failures, including those caused by computer viruses, cyber-attacks against us or our vendors, or unforeseen problems encountered while implementing new computer systems or upgrades to existing systems; or the inadequacy or failure of systems and controls, including those of our suppliers or counterparties. Although we implement risk controls and loss mitigation actions and devote substantial resources to developing efficient procedures, identifying and rectifying weaknesses in existing procedures and training staff, it is not possible to be certain that such actions have been or will be effective in controlling each of the operational risks we face. Any weakness in these systems or controls, or any breaches or alleged breaches of such laws or regulations, could result in increased regulatory supervision, enforcement actions and other disciplinary action, and have an adverse impact on our business, applicable authorizations and licenses, reputation and results of operations." }, { "status": "UNCHANGED", "current_title": "Federal Deposit Insurance Act", "prior_title": "Federal Deposit Insurance Act", "current_body": "The FDIA requires, among other things, that federal banking regulators take “prompt corrective action” with respect to IDIs that do not meet minimum capital requirements, as described above in “Capital and Stress Testing Requirements.” The FDIA sets forth the following five capital categories: “well-capitalized,” “adequately capitalized,” “undercapitalized,” “significantly undercapitalized” and “critically undercapitalized.” An IDI’s capital category is determined based on how its capital levels compare with various relevant capital measures and certain other factors that are established by regulation. The federal banking regulators must take certain mandatory supervisory actions, and are authorized to take other discretionary actions, with respect to institutions that are undercapitalized, significantly undercapitalized or critically undercapitalized, with the actions becoming more restrictive and punitive the lower the institution’s capital category. Under existing rules, an IDI that is not an advanced approaches institution, such as CBNA, is deemed to be “well capitalized” if it has a CET1 ratio of at least 6.5%, a tier 1 capital ratio of at least 8%, a total capital ratio of at least 10%, and a tier 1 leverage ratio of at least 5%. The FRB’s regulations which are applicable to BHCs, such as the Parent Company, separately define “well capitalized”as having a tier 1 capital ratio of at least 6% and a total capital ratio of at least 10%. As described above under “Bank and Financial Holding Company Regulation”, a FHC that is not well capitalized and well managed (or whose bank subsidiaries are not well capitalized and well managed) under applicable prompt corrective action standards may be restricted in certain of its activities and ultimately may lose FHC status. As of December 31, 2023, both the Parent Company and CBNA were well-capitalized. The FDIA prohibits insured banks from accepting brokered deposits or offering interest rates on any deposits significantly higher than the prevailing rate in the bank’s normal market area or nationally, depending upon where the deposits are solicited, unless it is “well-capitalized,” or it is “adequately capitalized” and receives a waiver from the FDIC. A bank that is “adequately capitalized” and accepts brokered deposits under a waiver from the FDIC may not pay an interest rate on any deposit in excess of 75 basis points over certain prevailing market rates. The FDIA imposes no such restrictions on a bank that is “well-capitalized.”" }, { "status": "UNCHANGED", "current_title": "Consumer Financial Protection Regulations", "prior_title": "Consumer Financial Protection Regulations", "current_body": "The retail activities of banks are subject to a variety of statutes and regulations designed to protect consumers and promote lending to various sectors of the economy and population. These laws include, but are not limited to, the Equal Credit Opportunity Act, the Fair Debt Collection Practices Act, the Fair Credit Reporting Act, the Truth in Lending Act, the Home Mortgage Disclosure Act, the Service Members Civil Relief Act, the Expedited Funds Availability Act, the Right to Financial Privacy Act, the Truth in Savings Act, the Electronic Funds Transfer Act, and their respective federal regulations and state law counterparts. In addition to these federal laws and regulations, the guidance and interpretations of the various federal agencies charged with the responsibility of implementing such regulations also influence loan and deposit operations. The CFPB has broad rulemaking, supervisory, examination and enforcement authority over various consumer financial protection laws, including those referenced above, fair lending laws and certain other statutes. The CFPB also has examination and primary enforcement authority with respect to depository institutions with $10 billion or more in assets, including the authority to prevent unfair, deceptive or abusive acts or practices in connection with the offering of consumer financial products. The OCC also examines our retail activities. The Dodd-Frank Act permits states to adopt stricter consumer protection laws and standards than those adopted at the federal level, and in certain circumstances allows state attorneys general to enforce compliance with both the state and federal laws and regulations on banks like us." }, { "status": "UNCHANGED", "current_title": "Anti-Money Laundering", "prior_title": "Anti-Money Laundering", "current_body": "The Bank Secrecy Act (“BSA”) and the Patriot Act contain anti-money laundering (“AML”) and financial transparency provisions intended to detect and prevent the use of the U.S. financial system for money laundering and terrorist financing activities. The BSA, as amended by the Patriot Act, requires depository institutions and their holding companies to maintain an AML program, verify the identity of customers and certain beneficial owners for legal entity customers, monitor for and report suspicious transactions, report on cash transactions exceeding specified thresholds, and respond to requests for information by regulatory authorities and law enforcement agencies. We are also required to provide our employees with AML training, designate an AML compliance officer, and undergo an annual, independent audit to assess the effectiveness of our AML program. We have implemented policies, procedures, and internal controls that are designed to comply with these AML requirements. Financial services regulators are focusing their examinations on AML compliance, and we continue to monitor and augment, where necessary, our AML compliance programs. The federal banking agencies are required, when reviewing bank and bank holding company acquisition or merger applications, to take into account the effectiveness of the AML activities of the applicants. The Anti-Money Laundering Act of 2020 (“AMLA”), enacted in January 2021 as part of the National Defense Authorization Act, requires the U.S. Treasury Department to issue National Anti-Money Laundering and Countering the Financing of Terrorism Priorities and conduct studies and issue regulations that may, over the next few years, significantly alter some of the due diligence, recordkeeping and reporting requirements that the BSA and the Patriot Act impose on financial institutions. The AMLA also increases penalties for violations of the BSA and significantly expands a whistleblower award program both of which could increase the prospect of regulatory enforcement. In 2021, the Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Treasury Department, issued the priorities for AML and countering the financing of terrorism policy, as required under the AMLA. These priorities include corruption, cybercrime, terrorist financing, fraud, transnational crime, drug trafficking, human trafficking and proliferation financing." }, { "status": "UNCHANGED", "current_title": "Competition", "prior_title": "Competition", "current_body": "The financial services industry is highly competitive. Our branch footprint is predominantly in the New England, Mid-Atlantic and Midwest regions, though certain lines of business serve national markets. Within these markets, we face competition from community banks, super-regional and national financial institutions, credit unions, savings and loan associations, mortgage banking firms, consumer finance companies, securities brokerage firms, insurance companies, money market funds, hedge funds and private equity firms. Some of our larger competitors may make available to their customers a broader array of products, pricing and structure alternatives while some smaller competitors may have more liberal lending policies and processes. In addition, some of our competitors may not be subject to the same regulatory requirements as we are and, therefore, may have lower costs they can pass on to customers in the form of more favorable terms. Competition among providers of financial products and services continues to increase, with consumers having the opportunity to select from a growing variety of traditional and nontraditional alternatives. The ability of non-banking financial institutions, including FinTech companies, to provide services previously limited to commercial banks has also intensified competition. In Consumer Banking, the industry has become increasingly dependent on and oriented toward technology-driven delivery systems, permitting transactions to be conducted through online and mobile channels. In addition, technology has lowered barriers to entry and made it possible for non-bank institutions to attract funds and provide lending and other financial products and services. The emergence of digital-only banking models has increased and we expect this trend to continue. Given their lower cost structure, these models are often, on average, able to offer higher rates on deposit products than retail banking institutions with a traditional branch footprint. The primary factors driving competition for loans and deposits are interest rates, fees charged, tailored value propositions to different customer segments, customer service levels, convenience, including branch locations and hours of operation, and the range of products and services offered. In Commercial Banking, we face competition in all our client segments from a variety of industry participants including traditional banking institutions, particularly large regional banks, as well as commercial finance companies, leasing companies, other non-bank lenders, and institutional investors, including collateralized loan obligation managers, hedge funds and private equity firms. Some larger competitors, including certain national banks that compete in our market area, may offer a broader array of products and, due to their asset size, may be in a position to hold more exposure on their balance sheet. We compete on a number of factors including providing innovative corporate finance solutions, quality of customer service and execution, range of products offered, price and reputation." }, { "status": "UNCHANGED", "current_title": "The conditions of other financial institutions or of the financial services industry could adversely affect our operations and financial condition.", "prior_title": "The conditions of other financial institutions or of the financial services industry could adversely affect our operations and financial condition.", "current_body": "Financial services institutions are typically interconnected as a result of trading, investment, liquidity management, clearing, counterparty and other relationships. Within the financial services industry, the default by any one institution could lead to defaults by other institutions. Concerns about, or a default by, one institution could lead to significant market and customer perception of the risk of similar problems at other institutions. This perception of risk could, in and of itself, lead to adverse impacts on liquidity. Liquidity problems and losses or defaults by other institutions, as the financial soundness of financial institutions is closely related as a result of these credit, trading, clearing and other relationships. Even the perceived lack of creditworthiness of, or questions about, a counterparty may lead to market-wide liquidity problems and losses or defaults by various institutions. This systemic risk may adversely affect financial intermediaries, such as clearing agencies, banks and exchanges with which we interact on a daily basis, or key funding providers such as the FHLBs, any of which could have a material adverse effect on our access to liquidity or otherwise have a material adverse effect on our business, financial condition and results of operations." }, { "status": "UNCHANGED", "current_title": "Business Strategy", "prior_title": "Business Strategy", "current_body": "Our mission is to help our customers, colleagues and communities reach their potential, and our vision is to become a top-performing bank distinguished by our customer-centric culture, mindset of continuous improvement, product innovation, and excellent capabilities. We strive to understand customer and client needs, so we can tailor advice and solutions to help make them more successful. Our business strategy is designed to maximize the full potential of our businesses, drive sustainable growth and enhance profitability. Our success rests on our ability to distinguish ourselves as follows: Maintain a high-performing, customer-centric organization: We continually strive to enhance our “customer-first” culture by emphasizing the “voice of the customer” to deliver the best possible banking experience. We seek to deepen relationships with our customers by offering a full suite of products designed to meet their unique needs. In addition, we are taking talent management to the next level, with a goal of attracting, developing and retaining great people, while ensuring strong leadership, teamwork, and a sense of empowerment, accountability and urgency. Develop differentiated value propositions to acquire, deepen, and retain core customer segments: Our focus is on select customer segments where we believe we are well positioned to compete. In Consumer Banking, we focus on serving mass affluent and affluent customers, small businesses and high-net-worth individuals and families. In 2023, we launched the Private Bank, which seeks to serve high-net-worth individuals and families, as well as commercial clients, to integrate our wealth management and banking services. In Commercial Banking, we focus on serving customers in the middle-market, mid-corporate, and select industry verticals. We have integrated the Investors acquisition and HSBC transaction and are focused on improving branch productivity and deepening relationships with those customers. By developing differentiated and targeted value propositions, building our fee-based businesses and developing innovative product solutions, we believe we can attract new customers, deepen relationships with existing customers and deliver an enhanced customer experience. Build excellent capabilities designed to help us stand out from competitors: We strive to deliver seamless, multi-channel experiences that allow customers to interact with us when, where and how they choose. We are enhancing capabilities in key areas including consumer lending, wealth, capital markets and payments. We are on a multi-year digital transformation journey across our Consumer and Commercial organizations to digitize end-to-end customer experiences and transform our marketing to drive consumer-direct acquisition in order to satisfy rapidly changing customer preferences. We strive to use advanced data analytics and artificial intelligence for personalization and to provide timely, insight-driven, tailored advice in order to deliver solutions to consumer and commercial customers throughout their lifecycles. Operate with financial discipline and a mindset of continuous improvement to self-fund investments: We believe that continued focus on operational efficiency is critical to our future profitability and ability to continue to reinvest to drive future growth. We launched the first Tapping our Potential (“TOP”) initiative in 2014 and have launched additional programs in subsequent years. These programs are designed to transform how we operate and to improve the effectiveness, efficiency, and competitiveness of our franchise. Our TOP 8 program was completed in 2023, and we launched a TOP 9 program to allow us to continue to self-fund investments. Prudently grow and optimize our balance sheet: We operate with a strong balance sheet with regard to capital and liquidity, coupled with a well-defined and prudent risk appetite. We continue to focus on thoughtfully growing our balance sheet by actively managing capital and resource allocations towards relationships-oriented growth to generate attractive risk-adjusted returns. Our goal is to be good stewards of our resources and continue to rigorously evaluate our execution. Modernize our technology and operational models to improve delivery, organizational agility and speed to market: We are continuing to modernize our technology environment by strengthening our infrastructure and migrating applications to the cloud. We have deployed and scaled an agile operating model to improve our speed-to-market, deliver innovative products and services and strengthen collaboration across teams. We will also continue to actively incubate new innovative ideas and harness external innovation through FinTech partnerships to help deliver differentiated value-added experiences for our customers. Embed risk management within our culture and operations: Given that the quality of our risk management program directly affects our ability to execute our strategy, we continue to work to further strengthen our risk management culture. Moreover, we are committed to continuously enhancing our processes and talent, and to making improvements in the platform including ongoing investments in risk technology and frameworks. These actions are designed to support and enhance our risk management capabilities and regulatory profile." }, { "status": "UNCHANGED", "current_title": "We rely heavily on communications and information systems to conduct our business.", "prior_title": "We rely heavily on communications and information systems to conduct our business.", "current_body": "Any failure, interruption or breach in the security of our communication and information systems, including due to cyber-attacks or our failure to adequately maintain and manage our systems or implement system changes and upgrades, could result in failures or disruptions in our customer relationship management, general ledger, deposit, loan and other systems. Although our policies and procedures are designed to prevent or limit the effect of the possible failure, interruption or security breach of our information systems, there can be no assurance that these policies and procedures will be successful and that any such failure, interruption or security breach will not occur or, if they do occur, that they will be adequately addressed. The occurrence of any failure, interruption or security breach of our information systems could require us to devote substantial resources to recovery and response efforts, damage our reputation, result in a loss of customer business, subject us to additional regulatory scrutiny or expose us to civil litigation and possible financial liability. Although we maintain insurance coverage for information security events, we may incur losses as a result of such events that are not insured against or not fully covered by our insurance." }, { "status": "UNCHANGED", "current_title": "As a financial holding company and a bank holding company, we are subject to comprehensive regulation that could have a material adverse effect on our business and results of operations.", "prior_title": "As a financial holding company and a bank holding company, we are subject to comprehensive regulation that could have a material adverse effect on our business and results of operations.", "current_body": "As a FHC and a BHC, we are subject to comprehensive regulation, supervision and examination by the FRB. In addition, CBNA is subject to comprehensive regulation, supervision and examination by the OCC. Our regulators supervise us through regular examinations and other means that allow them to gauge management’s ability to identify, assess and control risk in all areas of operations in a safe and sound manner and to ensure compliance with laws and regulations. In the course of their supervision and examinations, our regulators may require improvements in various areas. We may be required to devote substantial resources to meet supervisory expectations or remediate supervisory findings. In addition, the failure to meet supervisory expectations can result in practical limitations on the ability of a bank, BHC or FHC to engage in new activities, pursue growth opportunities, engage in acquisitions, return capital to shareholders through repurchases or dividends, or continue to conduct existing activities. If we are unable to implement and maintain any required actions in a timely and effective manner, we could become subject to informal (nonpublic) or formal (public) supervisory actions and public enforcement orders that could lead to significant restrictions on our existing business or on our ability to engage in any new business. Such forms of supervisory action could include, without limitation, written agreements, cease and desist orders, and consent orders and may, among other things, result in restrictions on our ability to pay dividends, requirements to increase capital, restrictions on our activities, the imposition of civil monetary penalties, and enforcement of such actions through injunctions or restraining orders. We could also be required to dispose of certain assets and liabilities within a prescribed period. The terms of any such supervisory or enforcement action could have a material adverse effect on our business, financial condition and results of operations. We are a BHC that has elected to become a FHC pursuant to the Bank Holding Company Act. FHCs are allowed to engage in certain financial activities in which a BHC is not otherwise permitted to engage. However, to maintain FHC status, a BHC and all of its depository institution subsidiaries must be “well capitalized” and “well managed.” If a BHC ceases to meet these capital and management requirements, there are many penalties it would be faced with, including the imposition of limitations or conditions on the conduct of its activities by the FRB, as well as the inability to undertake any of the broader financial activities permissible for FHCs or to acquire a company engaged in such financial activities without prior approval of the FRB. If a company does not return to compliance within 180 days, which period may be extended, the FRB may require divestiture of the company’s depository institutions. If we fail to meet FHC requirements and remediate deficiencies in a timely manner, there could be a material adverse effect on our business, financial condition and results of operations." }, { "status": "UNCHANGED", "current_title": "Standards for Safety and Soundness", "prior_title": "Standards for Safety and Soundness", "current_body": "The FDIA requires the federal banking regulators to prescribe operational and managerial standards for all IDIs, including CBNA. Regulations and interagency guidelines adopted by these agencies set forth the safety and soundness standards used to identify and address problems at IDIs before capital becomes impaired. If an agency determines that a bank fails to satisfy any standard, it may require the bank to submit an acceptable plan to achieve compliance, consistent with deadlines for the submission and review of such safety and soundness compliance plans. If, after being notified to submit a compliance plan, an institution fails to submit an acceptable compliance plan or fails in any material respect to implement an acceptable compliance plan, the agency must issue an order directing action to correct the deficiency and may issue an order directing other types of actions that an undercapitalized institution is subject to under the FDIA as discussed in “Federal Deposit Insurance Act” below. If an institution fails to comply with such an order, the agency may seek to enforce such order in judicial proceedings and to impose civil money penalties." }, { "status": "UNCHANGED", "current_title": "Human Capital Management", "prior_title": "Human Capital Management", "current_body": "We believe that our long-term success depends on our ability to attract, develop, and retain a high-performing workforce. Our goal is to create an environment where colleagues can thrive personally and professionally and can maximize their potential. As of December 31, 2023, Citizens had 17,570 full-time equivalent employees, primarily across New England and the Mid-Atlantic. Our Board of Directors and its Compensation and Human Resources Committee are responsible for overseeing our human capital management strategy, with senior management providing regular updates to facilitate that oversight." }, { "status": "UNCHANGED", "current_title": "We could fail to attract, retain or motivate highly-skilled and qualified personnel, including our senior management, other key employees or members of our Board, which could impair our ability to successfully execute our strategic plan and otherwise adversely affect our business.", "prior_title": "We could fail to attract, retain or motivate highly skilled and qualified personnel, including our senior management, other key employees or members of our Board, which could impair our ability to successfully execute our strategic plan and otherwise adversely affect our business.", "current_body": "Our ability to implement our strategic plan and our future success depends on our ability to attract, retain and motivate highly-skilled and qualified personnel, including our senior management and other key employees and directors. The marketplace for skilled personnel continues to be competitive, which means the cost of hiring, incentivizing and retaining skilled personnel may continue to rise. The failure to attract and retain highly skilled and qualified personnel could place us at a significant competitive disadvantage and impair our ability to implement our strategic plan successfully and achieve our performance targets, which could have a material adverse effect on our business, financial condition and results of operations. Limitations on the manner in which regulated financial institutions, such as us, can compensate their officers and employees, including those contained in pending rule proposals implementing the requirements of Section 956 of the Dodd-Frank Act, may make it more difficult for such institutions to compete for talent with financial institutions and other companies not subject to these or similar limitations. If we are unable to compete effectively, our business, financial condition and results of operations could be adversely affected, perhaps materially." }, { "status": "UNCHANGED", "current_title": "Compensation", "prior_title": "Compensation", "current_body": "Our compensation practices are subject to oversight by the federal banking regulators. Guidance issued by the federal banking regulators is designed to ensure that incentive compensation arrangements take into account risk and are consistent with safe and sound practices. The guidance sets forth the following three key principles with respect to incentive compensation arrangements: •the arrangements should provide employees with incentives that appropriately balance risk and financial results in a manner that does not encourage employees to expose their organizations to imprudent risk; •the arrangements should be compatible with effective controls and risk management; and •the arrangements should be supported by strong corporate governance. The U.S. financial regulators, including the FRB, the OCC and the SEC, jointly proposed regulations in 2011 and again in 2016 to implement the incentive compensation requirements of Section 956 of the Dodd-Frank Act. These regulations have not been finalized." }, { "status": "UNCHANGED", "current_title": "Office of Foreign Assets Control Regulation", "prior_title": "Office of Foreign Assets Control Regulation", "current_body": "The U.S. has imposed economic sanctions that affect transactions with designated foreign countries, nationals and others, that are administered by OFAC. OFAC-administered sanctions targeting countries take many different forms and generally contain one or more of the following elements: •restrictions on trade with or investment in a sanctioned country, including prohibitions against direct or indirect imports from and exports to a sanctioned country and prohibitions on U.S. persons engaging in financial transactions relating to, making investments in, or providing investment-related advice or assistance to, a sanctioned country; and •a blocking of assets in which the government or specially designated nationals of the sanctioned country have an interest, by prohibiting transfers of property subject to U.S. jurisdiction, including property in the possession or control of U.S. persons. Blocked assets (e.g., property and bank deposits) cannot be paid out, withdrawn, set off or transferred in any manner without a license from OFAC. Lists including the names of individuals and organizations suspected of aiding, harboring or engaging in terrorist acts, including the Specially Designated Nationals and Blocked Persons, is published and routinely updated by OFAC. We are responsible for, among other things, blocking accounts of, and transactions with, such targets and countries, prohibiting unlicensed trade and financial transactions with them and reporting blocked transactions after they occur. If we identify a name on any transaction, account or wire transfer that is on an OFAC list we must freeze the associated account, file a suspicious activity report and notify the appropriate authorities. Failure to comply with these sanctions could have serious legal and reputational consequences." } ] }