{ "ticker": "CFG", "company": "Citizens Financial Group Inc.", "filing_type": "10-K", "year_current": "2026", "year_prior": "2025", "summary": { "added": 2, "removed": 32, "modified": 4, "unchanged": 37, "total_current": 43, "total_prior": 73 }, "source": "SEC EDGAR", "url": "https://riskdiff.com/cfg/2026-vs-2025/", "markdown_url": "https://riskdiff.com/cfg/2026-vs-2025/index.md", "json_url": "https://riskdiff.com/cfg/2026-vs-2025/index.json", "generated": "2026-05-11", "ai_summary": "Citizens Financial Group substantially streamlined its Risk Factors section by removing 32 detailed operational and regulatory disclosures - including segment-specific risks, human capital management components, and granular regulatory categories - while reintroducing Business Strategy and Human Capital Management as consolidated risk items. The company modified four key risks to broaden their scope, particularly consolidating multiple regulatory requirements under a single evolving regulatory environment risk and combining business segment risks into a more general category. These changes reflect a shift from itemized, specific risk disclosure to higher-level, aggregated risk categories across 37 substantially unchanged foundational risks.", "risks": [ { "status": "ADDED", "current_title": "Business Strategy", "prior_title": null, "current_body": "Our vision is to be a top-performing regional bank distinguished by our customer centricity, mindset of continuous improvement, and excellent capabilities. Our strategy is grounded in a “three-legged stool” model consisting of a transformed Consumer Bank, best-positioned Commercial Bank, and premier Private Bank. To achieve our vision, we are executing against five strategic objectives: Grow high-quality deposits and deepen customer relationships: We remain focused on growing high‑quality deposits and strengthening primary banking relationships by delivering a customer‑centric experience grounded in advice, tailored solutions, and our expanded capabilities. We aim to deepen engagement across key customer segments by offering a comprehensive suite of products designed to anticipate and exceed evolving customer needs, through frictionless digital and omni‑channel experiences that make banking easier, more seamless, and more personalized. Through disciplined execution and risk management, and continuous improvement in how we serve customers, we seek to build deeper trust and relationships and drive sustainable, relationship‑driven deposit growth. Drive scale in growth markets, key industries, and high-opportunity businesses: We continue to strengthen our competitive position by expanding in growth markets, deepening our presence in priority industry verticals, and investing in businesses with attractive and sustainable long‑term potential. Through disciplined resource allocation, targeted talent investments, and a focus on relationship‑led growth, we aim to broaden our reach and build scale where we are best positioned to win. By aligning our capabilities with the evolving needs of middle‑market and mid‑corporate clients, and by expanding in high‑opportunity sectors, we seek to deliver differentiated insights, enhance cross‑bank connectivity, and capture a greater share of high‑quality, relationship‑based opportunities. Deliver high-quality solutions and advice: Providing customers and clients with tailored solutions and trusted advice remains central to our strategy. We are enhancing our product suites, investing in digital and data capabilities, and equipping our teams to deliver seamless, omni‑channel experiences. As customer expectations evolve, we continue to modernize our platforms, strengthen treasury and payment capabilities, and advance advisory‑led engagement across Consumer, Commercial, and Private Bank and Private Wealth. By combining expertise, technology, and a customer‑first mindset, we aim to deliver timely, insight‑driven guidance that deepens relationships and distinguishes our value proposition. Continue to optimize balance sheet and business mix: We manage our balance sheet with discipline and a clear focus on generating attractive, risk‑adjusted returns. Our strategy emphasizes thoughtful capital allocation, proactive portfolio management, and deliberate shifts toward relationship‑oriented, higher‑quality businesses. We remain committed to strengthening the durability of our earnings by increasing the mix of attractive deposits, expanding recurring fee‑income streams, and reducing exposure to lower‑return activities. Through ongoing optimization and rigorous risk management, we aim to maintain a strong financial foundation that supports long‑term resilience and sustained growth. Invest in our people and communities: We invest in our colleagues and communities by fostering strong leadership, building future‑ready skills, and creating an inclusive, healthy workplace. Through targeted development, modern learning tools, and a compelling employee value proposition, we support colleague engagement, agility, and long‑term growth. We also remain committed to promoting well‑being, inclusion, and community impact through programs that strengthen resilience and expand opportunity. By empowering our people and contributing meaningfully to the communities we serve, we reinforce our purpose, strengthen our brand, and build the foundation for enduring performance." }, { "status": "ADDED", "current_title": "Human Capital Management", "prior_title": null, "current_body": "We believe long-term success depends on our ability to attract, develop, and retain a high-performing workforce. Our goal is to create an environment where colleagues can thrive personally and professionally and can maximize their potential, and our human capital management strategy is anchored in a skills-based foundation that drives workforce agility and future readiness. Our Board of Directors and its Compensation and Human Resources Committee are responsible for overseeing our human capital management strategy, with senior management providing regular updates to facilitate that oversight. As of December 31, 2025, Citizens had 17,398 full-time equivalent employees, primarily across New England and the Mid-Atlantic. Attracting and Developing Talent Attracting talent with the skills and experience necessary to achieve our strategic objectives remains imperative. We leverage various channels to identify talent with strengths and values aligned with our priorities and culture. We continue to believe that fostering a workforce with diverse backgrounds and experiences is fundamental to driving innovation. Our Hiring Blueprint, introduced in 2025, establishes a process through which the skills, behaviors, and achievements of candidates are evaluated using a consistent framework that provides recruiters and managers with guidance on effectively evaluating candidates. We continue to evolve our hiring processes and explore ways that technology and automation can further improve candidate experience. Our development and learning initiatives are aimed at building capabilities to ensure colleagues excel in their current roles and are valuable contributors in the future. We remain on a multi-year journey to build bold leaders and nurture a culture of learning and innovation, consistently enhancing the resources available to our colleagues in pursuit of these objectives. We recognize that the success of our long-term strategy relies on the strength of our leaders and we remain dedicated to advancing their capabilities. We launched a new leadership development program for frontline managers across the enterprise and are implementing a new leadership framework to further build a culture of inclusive, high-impact leadership. Continuous learning and a growth mindset are essential for colleagues to thrive as part of our organization and to feel a sense of accomplishment and purpose. With the launch of Talent Matters in 2024, colleagues now have access to a talent marketplace that creates personalized experiences to support skill-building and career advancement. In 2025, we launched a new learning operating model that creates a more streamlined learner experience and expands learning solutions across the enterprise. By leveraging artificial intelligence and advanced learning platforms we are accelerating personalized learning and building capacity for skill development. This approach supports our recently expanded educational assistance and robust academy programs, creating learning pathways for critical and emerging skills. Engaging and Rewarding Colleagues Listening to our colleagues’ voices and experiences is important to us and is instrumental in helping us support colleagues and to evolve company culture to best support our business strategy. Colleague feedback is used to refine our focus, address any gaps, and strengthen efforts to improve organizational effectiveness and colleague experience. Our approach to colleague listening is multifaceted, featuring numerous channels and frequent touchpoints, including our annual organizational health survey (“OHS”), an interim pulse survey, and five life-cycle surveys that measure colleague sentiment at key stages. Our latest overall OHS results place us in the top quartile of financial services. We foster a culture where all stakeholders feel respected, valued, and heard. Our dedication to building an inclusive workplace centers on welcoming a wide range of skills, backgrounds, viewpoints, and perspectives. Various resources are used by management to understand what drives a sense of inclusion, including responses to our OHS and input from our seven business resource groups, which assist in identifying and supporting initiatives that are most relevant to customers, colleagues, and the community. While our diversity efforts encompass a broad range of perspectives, we recognize that certain stakeholders maintain an interest in colleague demographic data, which is available in our Sustainability & Impact Report and on our website. We provide comprehensive compensation and benefit programs. We strive to compensate our colleagues fairly based on market data, experience, and performance, and we compare our compensation to other companies in our peer group as well as others in the financial services industry. We are dedicated to ensuring fair and equitable compensation for all employees. To support this commitment, we engage an independent third-party expert annually to conduct a pay equity assessment, which considers factors such as role, performance, and experience that appropriately account for pay differences. Our benefit plans and programs are designed to equip colleagues and their families with resources to navigate various life events and to support various dimensions of well-being including physical, mental, and financial. Our benefits offering is reviewed annually and has expanded in various areas in recent years, including most notably an expansion of resources related to mental well-being. Our Credo calls for us to perform our best every day to help our customers, colleagues, and communities reach their potential. We encourage colleague volunteerism in our communities, which we support by providing colleagues with paid time off for volunteer events and a community service sabbatical program. Sustainability Our integrated, enterprise-wide Sustainability & Impact strategy helps us build a better future for all those we serve. Led by robust corporate governance, this strategy helps guide the decisions we make. It means serving our customers and clients, engaging shareholders, monitoring our environmental impact, and empowering our colleagues and communities to thrive. Our four focus areas include robust corporate governance, the workforce of the future, fostering strong communities, and positive climate impact, which speak to what we believe are the strengths of our company and how we are driving growth and having a positive impact on our business, society, and the planet. For more details regarding our sustainability efforts, go to our website." }, { "status": "REMOVED", "current_title": null, "prior_title": "Business Segments", "prior_body": "We manage our business through two primary business segments: Consumer Banking and Commercial Banking. Our activities outside these segments are classified as Non-Core or Other. Non-Core includes our indirect auto and certain purchased consumer loan portfolios that we discontinued the origination of in 2023 as part of our balance sheet optimization strategy. Other includes treasury activities, wholesale funding, the securities portfolio, community development assets, and other unallocated assets, liabilities, capital, revenues, provision (benefit) for credit losses and expenses, including income tax expense. For additional information regarding our business segments see the “Business Operating Segments” section of Item 7 and Note 26 in Item 8." }, { "status": "REMOVED", "current_title": null, "prior_title": "Consumer Banking Segment", "prior_body": "Consumer Banking serves consumer customers and small businesses, with products and services that include deposits, mortgage and home equity lending, credit cards, small business loans, and wealth management and investment services largely across our 14-state traditional banking footprint. We also offer education and point-of-sale finance loans in addition to select digital deposit products nationwide. Citizens Private Bank integrates wealth management and banking services to serve high- and ultra-high-net-worth individuals and families, as well as businesses. Consumer Banking operates a multi-channel distribution network with a workforce of approximately 5,000 branch colleagues, 1,000 branches, including 143 in-store locations, and 3,100 ATMs. Our network includes approximately 1,000 specialists covering lending, savings and investment needs as well as a broad range of small business products and services. We serve customers on a national basis through telephone service centers and our online and mobile platforms where we offer customers the convenience of depositing funds, paying bills and transferring money between accounts and from person to person, as well as a host of other everyday transactions." }, { "status": "REMOVED", "current_title": null, "prior_title": "Business Strategy", "prior_body": "Our mission is to help our customers, colleagues and communities reach their potential, and our vision is to become a top-performing bank distinguished by our customer-centric culture, mindset of continuous improvement, product innovation, and excellent capabilities. We strive to understand customer and client needs so we can tailor advice and solutions to help make them more successful. Our business strategy is designed to maximize the full potential of our business, drive sustainable growth and enhance profitability. Our success rests on our ability to distinguish ourselves as follows: Maintain a high-performing, customer-centric organization: We continually strive to enhance our “customer-first” culture by emphasizing the “voice of the customer” to deliver the best possible banking experience. We seek to deepen relationships with our customers by offering a full suite of products designed to meet their unique needs. In addition, we are taking talent management to the next level, with a goal of attracting, developing and retaining great people, while ensuring strong leadership, teamwork, and a sense of empowerment, accountability and urgency. Develop differentiated value propositions to acquire, deepen, and retain core customer segments: Our focus is on select customer segments where we believe we are well positioned to compete. In Consumer Banking, we focus on serving mass affluent and affluent customers, small businesses and high-net-worth individuals. Our Private Bank serves high- and ultra-high-net-worth individuals, family offices, private equity/venture capital firms, and business clients through integrated wealth management and banking services. In Commercial Banking, we focus on serving customers in the middle-market, mid-corporate, and select industry verticals. By developing differentiated and targeted value propositions, building our fee-based businesses and developing innovative product solutions, we believe we can attract new customers, deepen relationships with existing customers and deliver an enhanced customer experience. Build excellent capabilities designed to help us stand out from competitors: We strive to deliver seamless, omni-channel experiences that allow customers to interact with us when, where and how they choose. We are enhancing capabilities in key areas including technology, payments, data and analytics, private bank and wealth, collections and fraud, and digital (mobile/online banking and omni-channel servicing). We are on a multi-year digital transformation journey across our Consumer and Commercial organizations to digitize end-to-end customer experiences and transform our marketing to drive consumer-direct acquisition in order to satisfy rapidly changing customer preferences. We strive to use advanced data analytics and artificial intelligence for personalization and to provide timely, insight-driven, tailored advice in order to deliver solutions to consumer and commercial customers throughout their lifecycles. Operate with financial discipline and a mindset of continuous improvement to self-fund investments: We believe that continued focus on operational efficiency is critical to our future profitability and ability to continue to reinvest to drive future growth. We launched the first Tapping our Potential (“TOP”) initiative in 2014 and have launched additional programs in subsequent years. These programs are designed to transform how we operate and to improve the effectiveness, efficiency, and competitiveness of our franchise. Our TOP 9 program was completed in 2024, and we launched a TOP 10 program in 2025 to allow us to continue to self-fund investments. Prudently grow and optimize our balance sheet: We operate with a strong balance sheet with regard to capital and liquidity, coupled with a well-defined and prudent risk appetite. We continue to focus on thoughtfully growing our balance sheet by actively managing capital and resource allocations towards relationships-oriented growth to generate attractive risk-adjusted returns. Our goal is to be good stewards of our resources and continue to rigorously evaluate our execution. Modernize our technology and operational models to improve delivery, organizational agility and speed to market: We are continuing to modernize our technology environment by strengthening our infrastructure and migrating applications to the cloud. We have deployed and scaled an agile operating model to improve our speed-to-market, deliver innovative products and services and strengthen collaboration across teams. We also continue to actively incubate new innovative ideas and harness external innovation through FinTech partnerships and access to venture capital firms to help deliver differentiated value-added experiences for our customers. We continue to experiment with and deploy transformative technologies like Machine Learning (ML) and Artificial Intelligence (AI/Gen AI) across our customer-facing businesses and functions to drive value-add impact and improved experiences for our colleagues and customers. Embed risk management within our culture and operations: Given that the quality of our risk management program directly affects our ability to execute our strategy, we continue to work to further strengthen our risk management culture. Moreover, we are committed to continuously enhancing our processes and talent, and to making improvements in the platform including ongoing investments in risk technology and frameworks. These actions are designed to support and enhance our risk management capabilities and regulatory profile." }, { "status": "REMOVED", "current_title": null, "prior_title": "Human Capital Management", "prior_body": "We believe that our long-term success depends on our ability to attract, develop, and retain a high-performing workforce. Our goal is to create an environment where colleagues can thrive personally and professionally and can maximize their potential. As of December 31, 2024, Citizens had 17,287 full-time equivalent employees, primarily across New England and the Mid-Atlantic. Our Board of Directors and its Compensation and Human Resources Committee are responsible for overseeing our human capital management strategy, with senior management providing regular updates to facilitate that oversight." }, { "status": "REMOVED", "current_title": null, "prior_title": "Leadership, Talent Development, and Talent Acquisition and Internal Mobility", "prior_body": "We are on a multi-year journey to build bold leaders at every level and to foster a culture of learning and innovation. We facilitate programs aimed at developing leadership capabilities and building capabilities to ensure colleagues excel in their current roles and are valuable contributors in the future. Citizens Talent Matters, launched in 2024, is a talent marketplace that creates personalized experiences to support skill-building and career advancement for colleagues. We have also expanded educational assistance and educational pathways for emerging and critical skills through our academies, which focus on areas such as Innovation, Agile, Next Gen Tech, Banking and Credit, and Data & Analytics. Continuous learning and a growth mindset are essential for colleagues to thrive as part of our organization and to feel a sense of accomplishment and purpose. Attracting and retaining talent with the skills and experience necessary to drive our long-term priorities remains integral to achieving our strategic plan. We evaluate candidates on their holistic portfolio of skills and experiences. Ongoing competition for talent in high-volume roles and emerging skill areas persists, and we have implemented new processes to improve the efficiency of the hiring process. Talent selection will continue to have broad impacts on culture, leadership, and productivity at all levels and focus remains on expanding capabilities to attract, select, and retain talent." }, { "status": "REMOVED", "current_title": null, "prior_title": "Employee Engagement", "prior_body": "Listening to our colleagues’ voices and experiences is important to us and is instrumental in helping management evolve company culture to best support our business strategy. Colleague feedback is used to refine our focus, address gaps, and strengthen efforts to improve our organizational effectiveness and colleague experience. We have enhanced our colleague listening efforts to include multiple channels and more frequent touch points, including our annual organizational health survey as well as an interim pulse survey and five life-cycle surveys measuring colleague sentiment at different stages." }, { "status": "REMOVED", "current_title": null, "prior_title": "Culture of Inclusion", "prior_body": "We aim to foster a culture where all stakeholders feel respected, valued, and heard. Development programs are designed to build a strong pipeline of emerging talent and have been effective in increasing the development of our colleague base. We also partner with external organizations to offer additional resources for reskilling and upskilling colleagues as we build the workforce of the future. An area of focus is the development of partnerships with businesses and community organizations to help identify candidates with diverse backgrounds and perspectives. Information regarding our workforce demographics can be found in our Environmental Social Governance Report and on our website, which includes a link to our most recently filed EEO-1 report. Various resources are used by management to understand what drives a sense of inclusion and belonging. Analytics are used to help prioritize initiatives, including responses to our Organizational Health Survey, which we segment by various colleague populations to provide additional insights. In addition, we have seven business resource groups (“BRGs”), which we believe are important to enhancing our culture while supporting our enterprise inclusion strategy. They also help to identify and support initiatives that are most important to customers, colleagues, and the community. Our BRGs, which are open to all employees, include Citizens WIN (Women’s Impact Network), Citizens Elev8 (Rising Professionals), Prism (Multicultural), Citizens Pride (LGBTQ+), Citizens Veterans, Citizens Awake (Disability Awareness), and Caring for Citizens (Caregivers). Each BRG is sponsored by a member of the executive team and approximately 3,700 colleagues belonged to at least one BRG as of December 31, 2024." }, { "status": "REMOVED", "current_title": null, "prior_title": "Health, Well-Being, and Flexibility", "prior_body": "We prioritize the health and well-being of our colleagues and their loved ones, offering benefit programs and other resources that support colleagues in all aspects of their lives. We review our offerings on a regular basis and have expanded resources in recent years, with a particular focus on colleague well-being. In 2024, we launched a colleague podcast that explores well-being from the perspectives of different company leaders and colleagues, and began curating monthly content on our intranet aimed at encouraging colleagues to make their well-being a priority. In addition, we introduced Citizens CARES, a colleague emergency assistance program designed to provide financial assistance to team members navigating personal hardships. In recognition of the continued impact of inflation on colleagues, we have absorbed most of the increase to medical plan premiums and kept colleague deductibles and out-of-pocket maximums flat for all medical plans/tiers for 2025. We embrace flexibility and manage our hybrid workforce in a manner that ensures colleagues are working in ways that best support our customers, foster engagement and innovation, and maintain our company culture." }, { "status": "REMOVED", "current_title": null, "prior_title": "Fair and Equitable Compensation", "prior_body": "We strive to compensate our colleagues fairly based on market data, experience, and performance, and we compare our compensation to other companies in our peer group as well as others in the financial services industry. Part of our commitment to building and fostering a diverse, inclusive, high-performing culture includes ensuring our compensation and benefits are fair and competitive for all colleagues. We engage an independent third-party expert firm to conduct an annual pay equity analysis, accounting for factors that appropriately explain differences in pay such as role, performance, and experience. Additional information about this analysis, including our most recent results, can be found in our Environmental Social Governance Report and on our website." }, { "status": "REMOVED", "current_title": null, "prior_title": "Sustainability", "prior_body": "Our integrated, enterprise-wide Sustainability & Impact strategy helps us build a better future for all those we serve and, led by robust corporate governance, helps guide the decisions we make. Our strategy means serving our customers and clients, engaging shareholders, monitoring our environmental impact and empowering our colleagues and communities to thrive. Our four focus areas include robust corporate governance, positive climate impact, the workforce of the future, and fostering strong communities, which speak to what we believe are the strengths of our company and how we are driving growth and having a positive impact on our business, society, and the planet. In 2023, we announced a $50 billion Sustainable Finance Target, including $5 billion in green financing, by 2030. As part of this announcement, we committed to engage corporate clients in high-emitting sectors on climate-related topics and to achieving operational carbon neutrality by 2035. For more details regarding our sustainability efforts, go to our website." }, { "status": "REMOVED", "current_title": null, "prior_title": "Enhanced Prudential Standards and Regulatory Tailoring Rules", "prior_body": "As a BHC with over $100 billion in total consolidated assets, we are currently subject to enhanced prudential standards and associated capital and liquidity rules (“Tailoring Rules”). The Tailoring Rules assign each BHC, including its bank subsidiaries, to one of four categories based on its size and certain risk-based indicators. CFG and CBNA are each subject to Category IV standards, the least restrictive of the requirements under the Tailoring Rules." }, { "status": "REMOVED", "current_title": null, "prior_title": "Bank and Financial Holding Company Regulation", "prior_body": "As a FHC, we may engage in a broader range of activities than a BHC that is not also a FHC. These activities include securities underwriting and dealing, insurance underwriting and brokerage, merchant banking and other activities that are determined by the FRB, in coordination with the Treasury Department, to be “financial in nature or incidental thereto” or that the FRB determines unilaterally to be “complementary” to financial activities. In addition, a FHC may commence new permissible financial activities or acquire non-bank financial companies engaged in such activities, in either case, with after-the-fact notice to the FRB. To maintain FHC status, a BHC and all of its depository institution subsidiaries must remain “well capitalized” and “well managed,” as described below under “Federal Deposit Insurance Act.” If a BHC fails to meet these regulatory standards, the FRB could place limitations on its ability to conduct the broader financial activities permissible for FHCs or impose limitations or conditions on the conduct or activities of the BHC or its affiliates. If the deficiencies persisted, the FRB could order the BHC to divest any subsidiary bank or to cease engaging in any activities permissible for FHCs that are not permissible for BHCs, or the BHC could elect to conform its non-banking activities to those permissible for a BHC that is not also a FHC. In addition, the CRA requires U.S. banks to help serve the needs of their communities. If a depository institution subsidiary of a BHC were to receive a CRA rating of less than “satisfactory”, the BHC would be prohibited from engaging in certain activities or acquisitions (see “Community Reinvestment Act” below). Federal and state laws impose notice and approval requirements for mergers and acquisitions of other depository institutions or BHCs. As noted above, FRB approval is generally not required for BHCs to acquire a company engaged in activities that are financial in nature or incidental to activities that are financial in nature, as determined by the FRB. Prior regulatory approval is required, however, before a BHC may acquire or control more than 5% of any class of voting shares or substantially all of the assets of a BHC, including a FHC, or a bank. In considering applications for approval of acquisitions, the banking regulators may take several factors into account, including the competitive effects of the transaction in the relevant geographic markets; the financial and managerial resources and future prospects of companies involved in the transaction; the effect of the transaction on the financial stability of the U.S. banking or financial system; the companies’ compliance with anti-money laundering laws and regulations; the convenience and needs of the communities to be served; and the performance record of the IDIs involved in the transaction under the CRA." }, { "status": "REMOVED", "current_title": null, "prior_title": "Capital and Stress Testing Requirements", "prior_body": "We are required to comply with the U.S. Basel III rules, which establish risk-based and leverage capital requirements. The risk-based requirements are based on a banking organization’s RWA, which is inclusive of the organization’s on- and off-balance sheet exposures. We calculate RWA using the standardized approach and have made the AOCI opt-out election, permitting us to exclude components of AOCI from regulatory capital. The leverage requirements are based on a banking organization’s average consolidated on-balance sheet assets. Under the U.S. Basel III rules, the minimum capital ratios are: •CET1 capital ratio of 4.5%; •Tier 1 capital ratio of 6.0%; •Total capital ratio of 8.0%; and •Tier 1 leverage ratio of 4.0%. For BHCs with $100 billion or more in assets, such as us, the FRB’s capital rules impose an institution-specific SCB on top of each of the three minimum risk-based capital ratios listed above. Banking institutions that fail to meet the effective minimum ratios including the SCB will be subject to constraints on capital distributions, including dividends and share repurchases, and certain discretionary executive compensation. The severity of the constraints depends on the amount of the shortfall and the institution’s “eligible retained income”, defined as the greater of four quarter trailing net income net of distributions and tax effects not reflected in net income, or the average four quarter trailing net income. In response to the COVID disruption, the federal banking regulators adopted a final rule relative to regulatory capital treatment of the ACL under CECL. This rule allowed electing banking organizations to delay the estimated impact of CECL on regulatory capital for a two-year period ending December 31, 2021, followed by a three-year transition period ending December 31, 2024. The three-year transition period phased-in the reversal of the aggregate amount of the capital benefit provided during the initial two-year delay. As a Category IV firm under the Tailoring Rules, we are subject to biennial supervisory stress testing and are exempt from company-run stress testing and related disclosure requirements. The FRB supervises Category IV firms on an ongoing basis, including evaluating the capital adequacy and capital planning processes of firms during off-cycle years. We are required to develop, maintain and submit an annual capital plan for review and approval by our Board of Directors, or one of its committees, as well as FR Y-14 reporting requirements. In July 2023, the federal banking regulators issued a proposal to implement the final components of the Basel III capital framework. The proposal, commonly referred to as Basel III “Endgame,” would significantly revise the capital requirements applicable to large banking organizations with total assets of $100 billion or more, including the Company and CBNA as Category IV firms. Under the proposal, the Company and CBNA would become subject to the same capital treatment regarding the inclusion of AOCI, deductions, and rules for minority interest as Category I and II firms. The proposal would also replace the existing models-based approaches for credit and operational risk, which currently apply to only Category I and II firms, with two new approaches applicable to Category I through IV firms. The first approach would use the existing standardized approach and a proposed revised market risk capital rule, and the second approach would use a new expanded risk-based approach, consisting of new non-models-based approaches for credit, operational, and credit valuation adjustment risk, as well as the proposed revised market risk capital rule. The approach resulting in the lower ratio would establish the binding ratio for purposes of satisfying regulatory capital requirements and buffers, including the SCB. The Company and CBNA would also be required to calculate counterparty credit exposure relating to derivative transactions using the standardized approach for counterparty credit risk and would become subject to the supplementary leverage ratio and the countercyclical capital buffer. As of December 31, 2024, the Company and CBNA expect to remain above the current minimum capital and buffer requirements if the proposal were adopted in its current form. The FRB has indicated that it expects to work with the other federal banking regulators in 2025 on a revised proposal. We are also subject to the FRB's risk-based capital requirements for market risk. See the “Market Risk” section of Item 7 for additional details. For more details regarding our regulatory capital and SCB, and the AOCI impact of the Basel III Endgame proposal on our regulatory capital, see the “Capital and Regulatory Matters” section of Item 7." }, { "status": "REMOVED", "current_title": null, "prior_title": "Liquidity Requirements", "prior_body": "The liquidity coverage ratio (“LCR”) is designed to ensure that a covered bank or BHC maintains an adequate level of unencumbered high-quality liquid assets to cover expected net cash outflows over a 30-day time horizon under an acute liquidity stress scenario. The NSFR is designed to promote more medium- and long-term funding of the assets and activities of banking organizations over a one-year time horizon. Under the Tailoring Rules, Category IV firms with less than $50 billion in weighted short-term wholesale funding, such as us, are not subject to any LCR or NSFR requirement. We are subject to certain liquidity requirements under the Tailoring Rules including liquidity buffer, stress testing, risk management and reporting requirements. In addition, as a Category IV firm, we are required to calculate collateral positions monthly, establish a set of liquidity risk limits, and monitor certain elements of intraday liquidity risk exposures." }, { "status": "REMOVED", "current_title": null, "prior_title": "Resolution Planning", "prior_body": "Category IV firms such as CFG are no longer required to submit resolution plans under section 165(d) of the Dodd-Frank Act. However, CBNA is required to periodically file an IDI resolution plan with the FDIC. This plan enables the FDIC, as receiver, to resolve the institution under applicable receivership provisions of the FDIA in a manner that ensures that depositors receive access to their insured deposits within one business day of the institution’s failure, maximizes the net present value return from the sale or disposition of the institution’s assets and minimizes the amount of any loss to the institution’s creditors. CBNA submitted its most recent resolution plan to the FDIC on December 1, 2022 in accordance with the FDIC’s Statement on Resolution Plans for IDIs issued in 2021. On June 20, 2024, the FDIC adopted a final rule that requires IDIs with $100 billion or more in average total assets that are not affiliates of U.S. global systemically important banking organizations, including CBNA, to submit full resolution plans triennially that include a comprehensive strategy from the point of failure to liquidation or return of the institution to the private sector. The identified strategy must ensure timely access to insured deposits, maximize value from the sale or disposition of assets, minimize losses realized by creditors, and address potential risks of adverse effects on U.S. economic conditions or financial stability. In addition, the resolution strategy must utilize the formation and stabilization of a bridge depository institution that continues operation through the completion of the resolution and exit from the bridge depository institution, unless the IDI determines and demonstrates why another strategy would be more appropriate, could be executed across a range of likely failure scenarios, and best addresses the credibility criteria. The final rule also includes criteria for the FDIC to assess the credibility of resolution plans and expands expectations regarding capabilities testing. CBNA’s initial resolution plan submission under the final rule is due on or before July 1, 2025." }, { "status": "REMOVED", "current_title": null, "prior_title": "Long-Term Debt Requirements", "prior_body": "In August 2023, the federal banking regulators issued a proposal that would require large bank holding companies and IDIs with total assets of $100 billion or more, such as CFG and CBNA, to maintain a minimum amount of long-term debt. The joint agency proposal aims to increase the resolvability and resiliency of large banking organizations by mandating a long-term debt requirement to provide the regulatory agencies additional resources to resolve failed banking organizations, foster depositor confidence, and decrease costs to the DIF in the event of a large banking organization failure. Under the proposal, large bank holding companies and IDIs would each be required to maintain a minimum amount of eligible long-term debt equal to the greater of 6 percent of RWA, 3.5 percent of average total consolidated assets, and 2.5 percent of total leverage exposure for those banks subject to the supplementary leverage ratio. The proposal also prohibits large banking organizations from engaging in certain activities that could complicate their resolution and discourages them from holding long-term debt issued by other banks to reduce interconnectedness. The proposal provides for a three-year transition period, with 25 percent of the long-term debt requirement to be met one year after the rule is finalized, 50 percent after two years, and 100 percent after three years." }, { "status": "REMOVED", "current_title": null, "prior_title": "Standards for Safety and Soundness", "prior_body": "The FDIA requires the federal banking regulators to prescribe operational and managerial standards for all IDIs, including CBNA. Regulations and interagency guidelines adopted by these agencies set forth the safety and soundness standards used to identify and address problems at IDIs before capital becomes impaired. If an agency determines that a bank fails to satisfy any standard, it may require the bank to submit an acceptable plan to achieve compliance, consistent with deadlines for the submission and review of such safety and soundness compliance plans. If, after being notified to submit a compliance plan, an institution fails to submit an acceptable compliance plan or fails in any material respect to implement an acceptable compliance plan, the agency must issue an order directing action to correct the deficiency and may issue an order directing other types of actions that an undercapitalized institution is subject to under the FDIA as discussed in “Federal Deposit Insurance Act” below. If an institution fails to comply with such an order, the agency may seek to enforce such order in judicial proceedings and to impose civil money penalties." }, { "status": "REMOVED", "current_title": null, "prior_title": "Federal Deposit Insurance Act", "prior_body": "The FDIA requires, among other things, that federal banking regulators take “prompt corrective action” with respect to IDIs that do not meet minimum capital requirements, as described above in “Capital and Stress Testing Requirements.” The FDIA sets forth the following five capital categories: “well-capitalized,” “adequately capitalized,” “undercapitalized,” “significantly undercapitalized” and “critically undercapitalized.” An IDI’s capital category is determined based on how its capital levels compare with various relevant capital measures and certain other factors that are established by regulation. The federal banking regulators must take certain mandatory supervisory actions, and are authorized to take other discretionary actions, with respect to institutions that are undercapitalized, significantly undercapitalized or critically undercapitalized, with the actions becoming more restrictive and punitive the lower the institution’s capital category. Under existing rules, an IDI that is not an advanced approaches institution, such as CBNA, is deemed to be “well capitalized” if it has a CET1 ratio of at least 6.5%, a tier 1 capital ratio of at least 8%, a total capital ratio of at least 10%, and a tier 1 leverage ratio of at least 5%. The FRB’s regulations which are applicable to BHCs, such as the Parent Company, separately define “well capitalized” as having a tier 1 capital ratio of at least 6% and a total capital ratio of at least 10%. As described above under “Bank and Financial Holding Company Regulation”, a FHC that is not well capitalized and well managed (or whose bank subsidiaries are not well capitalized and well managed) under applicable prompt corrective action standards may be restricted in certain of its activities and ultimately may lose FHC status. As of December 31, 2024, both the Parent Company and CBNA were well-capitalized. The FDIA prohibits insured banks from accepting brokered deposits or offering interest rates on any deposits significantly higher than the prevailing rate in the bank’s normal market area or nationally, depending upon where the deposits are solicited, unless it is “well-capitalized,” or it is “adequately capitalized” and receives a waiver from the FDIC. A bank that is “adequately capitalized” and accepts brokered deposits under a waiver from the FDIC may not pay an interest rate on any deposit in excess of 75 basis points over certain prevailing market rates. The FDIA imposes no such restrictions on a bank that is “well-capitalized.”" }, { "status": "REMOVED", "current_title": null, "prior_title": "Deposit Insurance", "prior_body": "The DIF provides insurance coverage for certain deposits, up to a standard maximum deposit insurance amount of $250,000 per depositor based on ownership right and capacity category codes and is funded through assessments on IDIs based on the risk each institution poses to the DIF. CBNA accepts customer deposits insured by the DIF and, therefore, must pay insurance premiums. The FDIC may increase CBNA’s insurance premiums based on various factors, including the FDIC’s assessment of its risk profile. The FDIC also requires large depository institutions, including CBNA, to maintain enhanced deposit account recordkeeping and related information technology system capabilities to facilitate prompt calculation of insured deposits if such an institution was taken into FDIC receivership. The FDIC, as required under the FDIA, established a plan in September 2020 to restore the DIF reserve ratio, 1.25% as of September 30, 2024, to meet or exceed the statutory minimum of 1.35% within eight years. This plan did not include an increase in the deposit insurance assessment rate. During 2022, the FDIC determined that the DIF reserve ratio was at risk of not reaching the statutory minimum by the statutory deadline of September 30, 2028, absent an increase in assessment rates. In October 2022, the FDIC adopted a final rule to increase initial base deposit insurance assessment rates by 2 basis points, beginning with the first quarterly assessment period of 2023. This increase in assessment rates was intended to improve the likelihood that the DIF reserve ratio will reach the required minimum by the statutory deadline of September 30, 2028. In November 2023, the FDIC approved a final rule to impose special assessments to recover the loss to the DIF arising from the protection of uninsured depositors in connection with the systemic risk determination announced on March 12, 2023, following the closures of Silicon Valley Bank and Signature Bank, as required by the FDIA. Under the final rule, the special assessment was levied on an IDI’s estimated uninsured deposits as reported on its December 31, 2022 Call Report, excluding the first $5 billion in estimated uninsured deposits. The special assessment was imposed at an annual rate of approximately 13.4 basis points to be collected over eight quarterly assessment periods beginning with the first quarter of 2024. The FDIC’s current estimate of the loss attributable to this systemic risk determination is $18.9 billion. This estimate will be periodically adjusted as assets are sold, liabilities are satisfied, and receivership expenses are incurred. The FDIC would cease collection of special assessments before the end of the initial eight-quarter collection period if they expect the loss to be less than expected assessment collections. The FDIC also reserves the right to impose an extended special assessment collection period after the initial eight-quarter period to collect the difference between losses and amounts collected, and impose a one-time final shortfall special assessment after both receiverships terminate. As of September 30, 2024, the FDIC projects that the special assessment will be collected for an additional two quarters beyond the initial eight-quarter collection period, at an estimated quarterly rate of 1.69 basis points. Based on the final rule and related accounting guidance, CBNA’s special assessment is approximately $256 million, with $31 million and $225 million, respectively, recognized in other operating expense in the Company’s Consolidated Statements of Operations for the years ended December 31, 2024 and 2023. CBNA’s special assessment is subject to change if the eventual loss to the DIF differs from the FDIC’s current estimate. Dividends Various federal statutory provisions and regulations, as well as regulatory expectations, limit the amount of dividends that we and our subsidiaries may pay. Our payment of dividends to our stockholders is subject to oversight by the FRB. In particular, the FRB reviews the dividend policies and share repurchases of a large BHC based on capital plans submitted as part of the CCAR process and the results of stress tests, as discussed under “Capital and Stress Testing Requirements” above. In addition to other limitations, our ability to make any capital distributions, including dividends and share repurchases, is subject to the prior approval of the FRB if we are required to resubmit our capital plan. Dividends payable by CBNA, as a national bank subsidiary, are limited to the lesser of the amount calculated under a “recent earnings” test and an “undivided profits” test. Under the recent earnings test, a dividend may not be paid if the total of all dividends declared during any calendar year exceeds the sum of current year net income and retained net income of the two preceding years, less any required transfers to surplus, unless the national bank obtains the approval of the OCC. Under the undivided profits test, a dividend may not be paid in excess of the entity’s “undivided profits” (generally accumulated net profits that have not been paid out as dividends or transferred to surplus). Federal banking regulatory agencies have issued policy statements that provide that FDIC-insured depository institutions and their holding companies should generally pay dividends only out of current operating earnings." }, { "status": "REMOVED", "current_title": null, "prior_title": "Support of Subsidiary Bank", "prior_body": "The Parent Company is required to serve as a source of financial and managerial strength to CBNA and, under appropriate conditions, to commit resources to support CBNA. This support may be required by the FRB at times when the Parent Company may not have the financial resources to do so, or when doing so may not serve our interests or those of our shareholders or creditors. In addition, any capital loans by a BHC to a subsidiary bank are subordinate in right of payment to deposits and certain other indebtedness of such subsidiary bank. In the event of a BHC’s bankruptcy, any commitment by the BHC to a federal bank regulatory agency to maintain the capital of a subsidiary bank will be assumed by the bankruptcy trustee and entitled to a priority of payment." }, { "status": "REMOVED", "current_title": null, "prior_title": "Transactions with Affiliates and Insiders", "prior_body": "Sections 23A and 23B of the Federal Reserve Act and the FRB’s Regulation W establish certain quantitative limits and other prudential requirements for loans, purchases of assets, and certain other transactions between a member bank, including CBNA, or its subsidiaries and its affiliates. Section 23A prohibits a bank from entering a “covered transaction” with an affiliate if, after the transaction, the aggregate amount of the bank’s covered transactions with that affiliate would exceed 10% of the bank’s capital stock and surplus, or the aggregate amount of the bank’s covered transactions with all of its affiliates would exceed 20% of the bank’s capital stock and surplus. Covered transactions include loans and other extensions of credit to an affiliate, investments in the securities of an affiliate, purchases of assets from an affiliate, and certain other transactions that expose the bank to the credit risks of its affiliates. Section 23B requires that transactions, including all covered transactions, be on terms substantially the same, or at least as favorable to the bank, as those prevailing at the time for comparable transactions with non-affiliates (the “Market Terms Requirement”). In addition to covered transactions, the Market Terms Requirement applies to certain other transactions between CBNA and its affiliates, including services between CBNA and the Parent Company and loans to CBNA from the Parent Company. Under sections 22(g) and (h) of the Federal Reserve Act and the FRB’s Regulation O, we are also subject to quantitative restrictions on extensions of credit to executive officers, directors, principal stockholders and their related interests. These extensions of credit may not exceed certain quantitative limits, must be made on substantially the same terms as those currently prevailing in the market for comparable transactions with third parties, and must not involve more than the normal risk of repayment or present other unfavorable features. Certain extensions of credit also require the approval of our Board." }, { "status": "REMOVED", "current_title": null, "prior_title": "Volcker Rule", "prior_body": "The Dodd-Frank Act prohibits banks and their affiliates from engaging in proprietary trading and investing in, sponsoring and having certain relationships with private funds such as certain hedge funds or private equity funds. This statutory provision is commonly called the “Volcker Rule.” Under this rule, we are viewed as having “moderate” trading assets and liabilities, which subjects us to a simplified compliance program requirement that is appropriate for our activities, size, scope, and complexity. This rule does not have a material impact on Citizens." }, { "status": "REMOVED", "current_title": null, "prior_title": "Regulation of Derivatives", "prior_body": "Title VII of the Dodd-Frank Act establishes a regulatory framework with respect to OTC derivatives, including swaps and security-based swaps. This framework requires registration of certain market participants as swap dealers and security-based swap dealers, and central clearing and trade execution of certain swaps and security-based swaps on regulated exchanges or execution facilities. CBNA has registered as a swap dealer with the CFTC and is subject to the CFTC’s regulatory regime, including business conduct standards, recordkeeping, and transaction and financial reporting requirements. CBNA also is subject to regulation by the National Futures Association, a self-regulatory organization. In addition, CBNA is subject to the OCC’s rules that mandate the exchange of initial margin and variation margin for swaps and security-based swaps between CBNA and specified counterparties that are not centrally cleared through a regulated clearing house. The amount of margin required varies based on the relative risk of the associated swap." }, { "status": "REMOVED", "current_title": null, "prior_title": "Consumer Financial Protection Regulations", "prior_body": "The retail activities of banks are subject to a variety of statutes and regulations designed to protect consumers and promote lending to various sectors of the economy and population. These laws include, but are not limited to, the Equal Credit Opportunity Act, the Fair Debt Collection Practices Act, the Fair Credit Reporting Act, the Truth in Lending Act, the Home Mortgage Disclosure Act, the Service Members Civil Relief Act, the Expedited Funds Availability Act, the Right to Financial Privacy Act, the Truth in Savings Act, the Electronic Funds Transfer Act, and their respective federal regulations and state law counterparts. In addition to these federal laws and regulations, the guidance and interpretations of the various federal agencies charged with the responsibility of implementing such regulations also influence loan and deposit operations. The CFPB has broad rulemaking, supervisory, examination and enforcement authority over various consumer financial protection laws, including those referenced above, fair lending laws and certain other statutes. The CFPB also has examination and primary enforcement authority with respect to depository institutions with $10 billion or more in assets, such as CBNA, including the authority to prevent unfair, deceptive or abusive acts or practices in connection with the offering of consumer financial products. Under the Dodd-Frank Act, the Federal Reserve adopted rules applicable to banks with $10 billion or more in assets, such as CBNA, that establish standards for debit card interchange fees and prohibit network exclusivity and routing restrictions. These rules establish a maximum permissible interchange fee that banks may charge for many types of debit card transactions. In October 2023, the Federal Reserve proposed amendments to these rules that would reduce this maximum permissible interchange fee and establish automatic updates to the fee every other year based on a survey of debit card issuers. We will continue to monitor the proposed changes to these rules. The Dodd-Frank Act permits states to adopt stricter consumer protection laws and standards than those adopted at the federal level, and in certain circumstances allows state attorneys general to enforce compliance with both the state and federal laws and regulations on banks like us." }, { "status": "REMOVED", "current_title": null, "prior_title": "Protection of Customer Personal Information and Cybersecurity", "prior_body": "The privacy provisions of GLBA generally prohibit financial institutions, including us, from disclosing nonpublic personal financial information of consumer customers to third parties for certain purposes unless customers have the opportunity to opt out of the disclosure. The Fair Credit Reporting Act restricts information sharing among affiliates for marketing purposes. Both the Fair Credit Reporting Act and Regulation V, which are issued by the FRB, govern the use and provision of information to consumer reporting agencies. In October 2024, the CFPB adopted a rule regarding personal financial data rights that applies to financial institutions that offer consumer deposit accounts, such as CBNA. Covered financial institutions are required to provide consumers electronic access to 24 months of transaction data and certain account information and are prohibited from imposing any fees or charges for maintaining or providing access to such data. The rule also imposes data accuracy, retention and other obligations. For banks with total assets between $10 billion and $250 billion, compliance with the rule is required by April 1, 2027. The federal banking regulators regularly issue guidance regarding cybersecurity intended to enhance cyber risk management standards among financial institutions. Financial institutions are expected to design multiple layers of security controls to establish lines of defense and to ensure that their risk management processes also address the risk posed by compromised customer credentials, including security measures to reliably authenticate customers when accessing internet-based services of the financial institution. Further, a financial institution’s management is expected to maintain sufficient business continuity planning processes to ensure the rapid recovery, resumption and maintenance of the institution’s operations after a cyber-attack involving destructive malware or other compromise of customer data and/or systems. A financial institution is also expected to develop appropriate processes to enable recovery of data and business operations and address rebuilding network capabilities and restoring data if the institution or its critical service providers fall victim to this type of cyber-attack or compromise. If we fail to observe the regulatory guidance, we could be subject to various regulatory sanctions, including financial penalties. For further discussion of risks related to cybersecurity, see Item 1A “Risk Factors.” A financial institution is also required to notify its primary banking regulator within 36 hours of computer-security incidents that have materially disrupted or degraded, or is reasonably likely to materially disrupt or degrade its: •ability to carry out banking operations, activities, or processes, or deliver banking products and services to a material portion of its customer base; •business lines, including associated operations, services, functions, and support, that upon failure would result in a material loss of revenue, profit, or franchise value; or •operations, including associated services, functions, and support, the failure or discontinuance of which would pose a threat to the financial stability of the United States. In addition, the SEC requires registrants to disclose material cybersecurity incidents on Form 8-K, which must describe the material aspects of the nature, scope and timing of the incident, as well as the impact of the incident on the registrant. In Form 10-K filings, registrants are required to describe their processes for assessing, identifying and managing material risks from cybersecurity threats and whether such risks have materially affected the registrant. Registrants must also describe Board oversight of risks from cybersecurity threats and management’s role and expertise in assessing and managing material risks from such threats. See Item 1C “Cybersecurity” for more information. State regulators have also been active in implementing privacy and cybersecurity standards and regulations. Several states have adopted laws and regulations requiring certain financial institutions to implement cybersecurity programs and provide details with respect to these programs. In addition, many states have implemented or modified their data breach notification and data privacy requirements. We expect this trend of state-level activity to continue and are continually monitoring developments in the states in which we operate." }, { "status": "REMOVED", "current_title": null, "prior_title": "Climate-Related Laws and Regulations", "prior_body": "On March 6, 2024, the SEC adopted a final rule to require registrants to disclose certain climate-related information in their registration statements and annual reports. On April 4, 2024, the SEC issued an order staying its final rule pending completion of the judicial review of certain petitions challenging the rule. Several states in which we operate have also enacted or proposed statutes or regulations addressing climate-related issues. For example, California has enacted laws that impose climate-related disclosure requirements on certain companies doing business in California, while some states have enacted, or proposed to enact, divergent or sometimes conflicting statutes, including those that prohibit financial institutions from denying or canceling products or services on the basis of social credit scores and certain other factors. We will continue to monitor developments on these laws and regulations." }, { "status": "REMOVED", "current_title": null, "prior_title": "Community Reinvestment Act", "prior_body": "The CRA requires CBNA’s primary federal bank regulatory agency, the OCC, to evaluate the bank’s record in meeting the credit needs of the communities it serves, including low- and moderate-income neighborhoods and individuals. Institutions are assigned one of four ratings: “Outstanding,” “Satisfactory,” “Needs to Improve,” or “Substantial Noncompliance.” A bank’s CRA record is considered by regulatory agencies in evaluating mergers, acquisitions and applications to open a branch or facility. In addition, the CRA record of a subsidiary bank of a FHC is considered if a FHC wishes to commence certain new financial activities or to acquire a company engaged in such activities, which requires a rating of at least “satisfactory.” CBNA received an “Outstanding” rating on its most recent CRA evaluation. In October 2023, the federal banking regulators issued a joint final rule that revises the agencies’ CRA regulations. The primary provisions of the final rule, along with the most significant changes from the existing CRA regulatory framework, are outlined below: •a tiered evaluation framework is established based on a bank’s asset size, similar to the existing CRA regulatory framework; •the geographic area in which banks may be evaluated for performance is expanded to include areas outside of where they have physical locations in order to capture the varied activities a bank conducts, such as online and mobile banking, and the communities in which it operates; •bank retail lending and community development financing will be evaluated using a new metrics-based approach; and •clarifies eligible CRA activities, such as affordable housing. The final rule took effect on April 1, 2024, with most of its requirements effective January 1, 2026, and certain reporting requirements effective January 1, 2027. A court has issued a preliminary injunction enjoining the federal banking regulators from enforcing the revised regulations pending resolution of the lawsuit challenging the regulations. We will continue to monitor the outcome of this preliminary injunction." }, { "status": "REMOVED", "current_title": null, "prior_title": "Compensation", "prior_body": "Our compensation practices are subject to oversight by the federal banking regulators. Guidance issued jointly by the federal banking regulators is designed to ensure that incentive compensation arrangements take into account risk and are consistent with safe and sound practices. The guidance sets forth the following three key principles with respect to incentive compensation arrangements: •the arrangements should provide employees with incentives that appropriately balance risk and financial results in a manner that does not encourage employees to expose their organizations to imprudent risk; •the arrangements should be compatible with effective controls and risk management; and •the arrangements should be supported by strong corporate governance. The U.S. financial regulators, including the FRB, the OCC and the SEC, jointly proposed regulations in 2011 and again in 2016 to implement the incentive compensation requirements of Section 956 of the Dodd-Frank Act. Regulations implementing the requirements of Section 956 of the Dodd-Frank Act have not been finalized and future implementation remains uncertain." }, { "status": "REMOVED", "current_title": null, "prior_title": "Anti-Money Laundering", "prior_body": "The Bank Secrecy Act (“BSA”) and the Patriot Act contain anti-money laundering (“AML”) and financial transparency provisions intended to detect and prevent the use of the U.S. financial system for money laundering and terrorist financing activities. The BSA, as amended by the Patriot Act, requires depository institutions and their holding companies to maintain an AML program, verify the identity of customers and certain beneficial owners for legal entity customers, monitor for and report suspicious transactions, report on cash transactions exceeding specified thresholds, and respond to requests for information by regulatory authorities and law enforcement agencies. We are also required to provide our employees with AML training, designate an AML compliance officer, and undergo an annual, independent audit to assess the effectiveness of our AML program. We have implemented policies, procedures, and internal controls that are designed to comply with these AML requirements. Financial services regulators are focusing their examinations on AML compliance, and we continue to monitor and augment, where necessary, our AML compliance programs. The federal banking agencies are required, when reviewing bank and bank holding company acquisition or merger applications, to take into account the effectiveness of the AML activities of the applicants. The Anti-Money Laundering Act of 2020 (“AMLA”), enacted in 2021 as part of the National Defense Authorization Act, requires the U.S. Treasury Department to issue National Anti-Money Laundering and Countering the Financing of Terrorism Priorities and conduct studies and issue regulations that may, over the next few years, significantly alter some of the due diligence, recordkeeping and reporting requirements that the BSA and the Patriot Act impose on financial institutions. The AMLA also increases penalties for violations of the BSA and significantly expands a whistleblower award program both of which could increase the prospect of regulatory enforcement. In 2021, the Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Treasury Department, issued the priorities for AML and countering the financing of terrorism policy, as required under the AMLA. These priorities include corruption, cybercrime, terrorist financing, fraud, transnational crime, drug trafficking, human trafficking and proliferation financing." }, { "status": "REMOVED", "current_title": null, "prior_title": "Office of Foreign Assets Control Regulation", "prior_body": "The U.S. has imposed economic sanctions that affect transactions with designated foreign countries, nationals and others, that are administered by OFAC. OFAC-administered sanctions targeting countries take many different forms and generally contain one or more of the following elements: •restrictions on trade with or investment in a sanctioned country, including prohibitions against direct or indirect imports from and exports to a sanctioned country and prohibitions on U.S. persons engaging in financial transactions relating to, making investments in, or providing investment-related advice or assistance to, a sanctioned country; and •a blocking of assets in which the government or specially designated nationals of the sanctioned country have an interest, by prohibiting transfers of property subject to U.S. jurisdiction, including property in the possession or control of U.S. persons. Blocked assets (e.g., property and bank deposits) cannot be paid out, withdrawn, set off or transferred in any manner without a license from OFAC. Lists including the names of individuals and organizations suspected of aiding, harboring or engaging in terrorist acts, including the Specially Designated Nationals and Blocked Persons, is published and routinely updated by OFAC. We are responsible for, among other things, blocking accounts of, and transactions with, such targets and countries, prohibiting unlicensed trade and financial transactions with them and reporting blocked transactions after they occur. If we identify a name on any transaction, account or wire transfer that is on an OFAC list we must freeze the associated account, file a suspicious activity report and notify the appropriate authorities. Failure to comply with these sanctions could have serious legal and reputational consequences." }, { "status": "REMOVED", "current_title": null, "prior_title": "Regulation of Broker-Dealers", "prior_body": "Our subsidiaries, Citizens Securities, Inc., and Citizens JMP Securities, LLC are registered broker-dealers with the SEC and subject to regulation and examination by the SEC as well as FINRA and other self-regulatory organizations. These regulations cover a broad range of matters, including capital requirements; sales and trading practices; use of client funds and securities; the conduct of directors, officers and employees; record-keeping and recording; supervisory procedures to prevent improper trading on material nonpublic information; qualification and licensing of sales personnel; and limitations on the extension of credit in securities transactions. In addition to federal registration, state securities commissions require the registration of certain broker-dealers." }, { "status": "REMOVED", "current_title": null, "prior_title": "Heightened Risk Governance Standards", "prior_body": "CBNA is subject to OCC guidelines that impose heightened risk governance standards on large national banks with average total consolidated assets of $50 billion or more. The guidelines set forth minimum standards for the design and implementation of a bank’s risk governance framework and its associated oversight by a bank’s board of directors. The guidelines are intended to protect the safety and soundness of covered banks and improve the ability of bank examiners to assess compliance with the OCC’s expectations. Under the guidelines, a bank may use the risk governance framework of its parent company if it meets the minimum standards and the risk profiles of the parent company and the covered bank are substantially the same, along with certain other conditions. CBNA has elected to use the Parent Company’s risk governance framework. A bank’s board of directors is required to have two members who are independent of bank and parent company management, ensure that the risk governance framework meets the appropriate standards, provide active oversight and a credible challenge to management’s recommendations and decisions, and ensure that decisions made by the parent company do not jeopardize the safety and soundness of the bank." }, { "status": "MODIFIED", "current_title": "The regulatory environment in which we operate continues to be subject to evolving regulatory requirements that could have a material adverse effect on our business and earnings.", "prior_title": "The regulatory environment in which we operate continues to be subject to significant and evolving regulatory requirements that could have a material adverse effect on our business and earnings.", "similarity_score": 0.877, "confidence": "high", "key_changes": [ "Reworded sentence: \"We are regulated by multiple banking, consumer protection, securities, and other regulatory authorities at the federal and state levels.\"", "Reworded sentence: \"Changes to statutes, regulations, rules, or policies, including their interpretation, implementation, or enforcement, could affect us in substantial and unpredictable ways, including by, for example, subjecting us to additional costs, limiting the types of financial services and other products we may offer, limiting our ability to pursue acquisitions, and increasing the ability of third parties, including non-banks, to offer competing financial services and products.\"", "Reworded sentence: \"We are also subject to laws and regulations relating to the privacy of the information of our customers, employees, counterparties, and others, and any failure to comply with these laws and regulations could expose us to liability and/or reputational damage.\"", "Reworded sentence: \"Uncertainty exists with respect to the enactment of new laws and regulations, or changes in the interpretation or enforcement of existing laws and regulations, including potential deregulation in some areas.\"", "Reworded sentence: \"For more information on regulations to which we are subject, see the “Regulation and Supervision” section in Item 1.\"" ], "current_body": "We are regulated by multiple banking, consumer protection, securities, and other regulatory authorities at the federal and state levels. This regulatory oversight is primarily established to protect depositors, the DIF, consumers of financial products, and the financial system as a whole, not for the protection of shareholders or other investors. Changes to statutes, regulations, rules, or policies, including their interpretation, implementation, or enforcement, could affect us in substantial and unpredictable ways, including by, for example, subjecting us to additional costs, limiting the types of financial services and other products we may offer, limiting our ability to pursue acquisitions, and increasing the ability of third parties, including non-banks, to offer competing financial services and products. Certain regulators and law enforcement authorities have required admissions of wrongdoing and, in some cases, criminal pleas as part of the resolutions of matters brought by them against financial institutions. Any such resolution of a matter involving us could lead to increased exposure to civil litigation, could adversely affect our reputation, could result in penalties or limitations on our ability to do business or engage in certain activities, and could have other negative effects. In addition, a single event or issue may give rise to numerous and overlapping investigations and proceedings, including by multiple federal and state regulators and other governmental authorities. We are also subject to laws and regulations relating to the privacy of the information of our customers, employees, counterparties, and others, and any failure to comply with these laws and regulations could expose us to liability and/or reputational damage. As new privacy-related laws and regulations are implemented, the time and resources needed for us to comply with those laws and regulations, as well as our potential liability for non-compliance and our reporting obligations in the case of data breaches, may significantly increase. Uncertainty exists with respect to the enactment of new laws and regulations, or changes in the interpretation or enforcement of existing laws and regulations, including potential deregulation in some areas. In addition, litigation challenging actions or regulations by federal or state authorities could, depending on the outcome, significantly affect the regulatory and supervisory framework affecting our operations. For more information on regulations to which we are subject, see the “Regulation and Supervision” section in Item 1.", "prior_body": "We are heavily regulated by multiple banking, consumer protection, securities and other regulatory authorities at the federal and state levels. This regulatory oversight is primarily established to protect depositors, the DIF, consumers of financial products, and the financial system as a whole, not for the protection of shareholders or other investors. Changes to statutes, regulations, rules or policies, including their interpretation, implementation or enforcement, could affect us in substantial and unpredictable ways, including by, for example, subjecting us to additional costs, limiting the types of financial services and other products we may offer, limiting our ability to pursue acquisitions and increasing the ability of third parties, including non-banks, to offer competing financial services and products. In recent years, we, together with the rest of the financial services industry, have faced particularly intense scrutiny, with many new regulatory initiatives and vigorous oversight and enforcement on the part of numerous regulatory and governmental authorities. Legislatures and regulators have pursued a broad array of initiatives intended to promote the safety and soundness of financial institutions, financial market stability, the transparency and liquidity of financial markets, and consumer and investor protection. Certain regulators and law enforcement authorities have also recently required admissions of wrongdoing and, in some cases, criminal pleas as part of the resolutions of matters brought by them against financial institutions. Any such resolution of a matter involving us could lead to increased exposure to civil litigation, could adversely affect our reputation, could result in penalties or limitations on our ability to do business or engage in certain activities and could have other negative effects. In addition, a single event or issue may give rise to numerous and overlapping investigations and proceedings, including by multiple federal and state regulators and other governmental authorities. We are also subject to laws and regulations relating to the privacy of the information of our customers, employees, counterparties and others, and any failure to comply with these laws and regulations could expose us to liability and/or reputational damage. As new privacy-related laws and regulations are implemented, the time and resources needed for us to comply with those laws and regulations, as well as our potential liability for non-compliance and our reporting obligations in the case of data breaches, may significantly increase. While there have been significant revisions to the laws and regulations applicable to us that have been finalized in recent years, there are other rules to implement changes that have yet to be proposed or enacted by our regulators. The final timing, scope and impact of these changes to the regulatory framework applicable to financial institutions remains uncertain. Uncertainty exists with respect to new laws or regulations or changes in the interpretation or enforcement of existing laws or regulations, including potential deregulation in some areas. In addition, litigation challenging actions or regulations by federal or state authorities could, depending on the outcome, significantly affect the regulatory and supervisory framework affecting our operations. For more information on regulations to which we are subject and recent initiatives to reform financial institution regulation, see the “Regulation and Supervision” section in Item 1." }, { "status": "MODIFIED", "current_title": "Business Segments", "prior_title": "Commercial Banking Segment", "similarity_score": 0.82, "confidence": "high", "key_changes": [ "Reworded sentence: \"We manage our business through two primary business segments: Consumer Banking and Commercial Banking.\"", "Reworded sentence: \"Middle Market & Midcorporate - Commercial & Industrial, Commercial Real Estate, Capital Markets and Advisory, and Treasury & Wholesale Payments work together to understand client needs and provide comprehensive solutions to meet those needs.\"", "Reworded sentence: \"Middle Market & Midcorporate - Commercial & Industrial serves commercial and industrial clients based in the United States.\"", "Reworded sentence: \"Corporate Finance primarily provides advisory services to middle-market and mid-corporate clients, including mergers and acquisitions and capital structure advice.\"", "Reworded sentence: \"Corporate Finance also provides acquisition and follow-on financing for new and recapitalized portfolio companies of key sponsors, with services meeting the unique and time-sensitive needs of private equity firms, management companies, and funds, and underwriting and portfolio management expertise for leveraged transactions and relationships.\"" ], "current_body": "We manage our business through two primary business segments: Consumer Banking and Commercial Banking. Our activities outside these segments are classified as Other and primarily includes treasury and community development operations, along with other unallocated assets, liabilities, capital, revenues, provision (benefit) for credit losses, and expenses, including income tax expense (benefit). For additional information regarding our business segments see the “Business Segments” section of Item 7 and Note 24 in Item 8. Consumer Banking Segment Consumer Banking serves consumer customers and small businesses, with products and services that include deposits, mortgage and home equity lending, credit cards, small business loans, and wealth management solutions largely across our 14-state traditional banking footprint. We also offer education and point-of-sale finance loans in addition to select digital deposit products nationwide. Citizens Private Bank and Private Wealth integrate banking services and wealth management solutions to serve high- and ultra-high-net-worth individuals and families, as well as investors, entrepreneurs, and businesses. Consumer Banking operates a multi-channel distribution network with a workforce of approximately 5,100 branch colleagues, 1,000 branches, including 117 in-store locations, and 3,100 ATMs. Our network includes approximately 1,500 specialists covering lending, savings, and wealth management needs as well as a broad range of small business products and services. We serve customers on a national basis through telephone service centers and our online and mobile platforms where we offer customers the convenience of depositing funds, paying bills, and transferring money between accounts and from person to person, as well as a host of other everyday transactions. Commercial Banking Segment Commercial Banking primarily serves companies and institutions and strives to be a trusted advisor to our clients and preferred provider for their banking needs. We offer a broad complement of financial products and solutions, including lending and leasing, deposit and treasury management services, foreign exchange, interest rate and commodity risk management solutions, as well as loan syndication, corporate finance, merger and acquisition, and debt and equity capital markets capabilities. Commercial Banking is organized around client segments and their banking needs. Middle Market & Midcorporate - Commercial & Industrial, Commercial Real Estate, Capital Markets and Advisory, and Treasury & Wholesale Payments work together to understand client needs and provide comprehensive solutions to meet those needs. We acquire new clients through a coordinated approach to the market, leveraging deep industry knowledge in specialized banking groups and a geographic coverage model. Middle Market & Midcorporate - Commercial & Industrial serves commercial and industrial clients based in the United States. To better meet the unique needs of these client segments we offer a more dedicated and tailored approach and cover a group of targeted industry sectors. Commercial Real Estate provides customized debt capital solutions for middle-market operators, institutional developers, investors, and real estate investment trusts. Commercial Real Estate provides financing for projects primarily in the multifamily, office, industrial, retail, healthcare, and hospitality sectors. Capital Markets and Advisory serves clients through key product groups including Corporate Finance, Capital Markets, and Global Markets. Corporate Finance primarily provides advisory services to middle-market and mid-corporate clients, including mergers and acquisitions and capital structure advice. The team works closely with industry-sector specialists within capital markets to advise our clients. Corporate Finance also provides acquisition and follow-on financing for new and recapitalized portfolio companies of key sponsors, with services meeting the unique and time-sensitive needs of private equity firms, management companies, and funds, and underwriting and portfolio management expertise for leveraged transactions and relationships. Capital Markets originates, structures, and underwrites credit and equity facilities targeting middle-market, mid-corporate, and private equity sponsors. They focus on offering value-added ideas to optimize their capital structures, including advising on and facilitating mergers and acquisitions, valuations, tender offers, financial restructurings, bond and equity underwriting, asset sales, divestitures, and other corporate reorganizations and business combinations. Capital Markets also provides sales and trading across loan, fixed income, and equity products, as well as other brokerage services including equity research. Global Markets provides foreign exchange, interest rate, and commodities risk management services. Treasury & Wholesale Payments supports Commercial Banking and certain small business clients with treasury management and payment solutions, including domestic and international products and services related to receivables, payables, information reporting, and liquidity management, as well as commercial credit cards and trade finance.", "prior_body": "Commercial Banking primarily serves companies and institutions and strives to be a trusted advisor to our clients and preferred provider for their banking needs. We offer a broad complement of financial products and solutions, including lending and leasing, deposit and treasury management services, foreign exchange, interest rate and commodity risk management solutions, as well as syndicated loans, corporate finance, mergers and acquisitions, and debt and equity capital markets capabilities. Commercial Banking is organized around client segments and their banking needs. Corporate Banking, Commercial Real Estate, Capital Markets and Advisory, and Treasury Solutions work together to understand client needs and provide comprehensive solutions to meet those needs. We acquire new clients through a coordinated approach to the market, leveraging deep industry knowledge in specialized banking groups and a geographic coverage model. Corporate Banking serves commercial and industrial clients and corporate clients in the United States. In several areas, such as Aerospace, Defense and Government Services, Communications, Transportation and Logistics, Food and Restaurants, Human Capital Management, and Gaming we offer a more dedicated and tailored approach to better meet the unique needs of these client segments. Commercial Real Estate provides customized debt capital solutions for middle-market operators, institutional developers, investors, and REITs. Commercial Real Estate provides financing for projects primarily in the multi-family, office, industrial, retail, healthcare and hospitality sectors. Capital Markets and Advisory serves clients through key product groups including Corporate Finance, Capital Markets, and Global Markets. Corporate Finance provides advisory services to middle-market and mid-corporate clients, including mergers and acquisitions and capital structure advice. The team works closely with industry-sector specialists within capital markets to advise our clients. Corporate Finance also provides acquisition and follow-on financing for new and recapitalized portfolio companies of key sponsors, with services meeting the unique and time-sensitive needs of private equity firms, management companies and funds, and underwriting and portfolio management expertise for leveraged transactions and relationships. Capital Markets originates, structures and underwrites credit and equity facilities targeting middle-market, mid-corporate and private equity sponsors. They focus on offering value-added ideas to optimize their capital structures, including advising on and facilitating mergers and acquisitions, valuations, tender offers, financial restructurings, bond and equity underwriting, asset sales, divestitures and other corporate reorganizations and business combinations. Capital Markets also provides sales and trading across loan, fixed income and equity products, as well as other brokerage services including equity research. Global Markets provides foreign exchange, interest rate and commodities risk management services. The Treasury Solutions product group supports Commercial Banking and certain small business clients with treasury management solutions, including domestic and international products and services related to receivables, payables, information reporting and liquidity management, as well as commercial credit cards and trade finance." }, { "status": "MODIFIED", "current_title": "Any deterioration in national economic and political conditions could have a material adverse effect on our business, financial condition, and results of operations.", "prior_title": "Any deterioration in national economic conditions could have a material adverse effect on our business, financial condition and results of operations.", "similarity_score": 0.606, "confidence": "medium", "key_changes": [ "Reworded sentence: \"Our business is affected by national economic and political conditions, as well as perceptions of those conditions and future economic prospects, with changes in such conditions neither predictable or controllable.\"" ], "current_body": "Our business is affected by national economic and political conditions, as well as perceptions of those conditions and future economic prospects, with changes in such conditions neither predictable or controllable. Adverse economic and political conditions, such as global trade policies, inflationary pressures, and government shutdowns could have a material adverse effect on our business, financial condition, and results of operations. U.S. global trade policies, including the imposition of tariffs and uncertainty surrounding the resolution of trade disputes, or renewal of trade agreements, with various countries, may cause inflation to rise and ultimately affect interest rates. In addition, the risk of government shutdowns could cause volatility in the financial markets by adversely impacting consumer and investor confidence. Unfavorable changes related to these national economic and political conditions may also result in increased delinquencies and defaults among borrowers in light of economic uncertainty, which could require us to charge off a higher percentage of loans and increase the provision for credit losses, ultimately reducing our net income.", "prior_body": "Our business is affected by national economic conditions, as well as perceptions of those conditions and future economic prospects. Changes in such economic conditions are not predictable and cannot be controlled. Adverse economic conditions, such as recent inflationary pressures, could require us to charge off a higher percentage of loans and increase the provision for credit losses, which would reduce our net income and otherwise have a material adverse effect on our business, financial condition and results of operations." }, { "status": "MODIFIED", "current_title": "Regulation and Supervision", "prior_title": "Regulation and Supervision", "similarity_score": 0.586, "confidence": "low", "key_changes": [ "Reworded sentence: \"Our operations are subject to regulation, supervision, and examination under federal and state laws and regulations.\"", "Reworded sentence: \"These laws and regulations are intended primarily for the protection of customers, depositors, the DIF, and the banking system as a whole and not for the protection of shareholders or other investors.\"", "Reworded sentence: \"We periodically receive requests for information from regulatory authorities at the federal and state level, including from banking, securities, and insurance regulators, state attorneys general, federal agencies or law enforcement authorities, and other regulatory authorities concerning our business practices.\"", "Reworded sentence: \"For a further discussion of how regulatory actions may impact our business, see Item 1A “Risk Factors.” For additional information regarding regulatory matters, see Note 23 in Item 8.\"", "Reworded sentence: \"As such, we are subject to the supervision, examination, and reporting requirements of the Bank Holding Company Act and the regulations of the FRB, including through the Federal Reserve Bank of Boston.\"" ], "current_body": "Our operations are subject to regulation, supervision, and examination under federal and state laws and regulations. These laws and regulations cover all aspects of our business, including lending practices, deposit insurance, customer privacy and cybersecurity, capital adequacy and planning, liquidity, safety and soundness, consumer protection and disclosure, permissible activities and investments, and certain transactions with affiliates. These laws and regulations are intended primarily for the protection of customers, depositors, the DIF, and the banking system as a whole and not for the protection of shareholders or other investors. The discussion below outlines the material elements of selected laws and regulations applicable to us and our subsidiaries, but does not summarize all possible or proposed changes in laws or regulations. Changes in applicable law or regulation, and in their interpretation and application by regulatory agencies and other governmental authorities, cannot be predicted, but may have a material effect on our business, financial condition, or results of operations. We are subject to examinations by federal banking regulators, as well as the SEC, FINRA, CFTC, and various state insurance and securities regulators. In some cases, regulatory agencies may take supervisory actions that may not be publicly disclosed, and such actions may restrict or limit our activities or activities of our subsidiaries. As part of our regular examination process, regulators may advise us to operate under various restrictions as a prudential matter. We periodically receive requests for information from regulatory authorities at the federal and state level, including from banking, securities, and insurance regulators, state attorneys general, federal agencies or law enforcement authorities, and other regulatory authorities concerning our business practices. Such requests are considered incidental to the normal conduct of business. For a further discussion of how regulatory actions may impact our business, see Item 1A “Risk Factors.” For additional information regarding regulatory matters, see Note 23 in Item 8. Overview We are a BHC under the Bank Holding Company Act and have elected to be treated as a FHC under amendments to this Act as effected by GLBA. As such, we are subject to the supervision, examination, and reporting requirements of the Bank Holding Company Act and the regulations of the FRB, including through the Federal Reserve Bank of Boston. Under the system of “functional regulation” established under the Bank Holding Company Act, the FRB serves as the primary regulator of our consolidated organization. The OCC serves as the primary regulator for CBNA, and the SEC and FINRA serve as the primary regulators of our broker-dealer subsidiaries. The federal banking regulators have authority to approve or disapprove mergers, acquisitions, consolidations, the establishment of branches, and similar corporate actions. These banking regulators also have the power to prevent the continuance or development of unsafe or unsound banking practices or other violations of law. Federal law governs the activities in which CBNA engages, including the investments it makes and the aggregate amount of available credit that it may grant to one borrower. Various consumer and compliance laws and regulations also affect its operations. The actions the FRB takes to implement monetary policy also affect us. In addition, CBNA is subject to regulation, supervision, and examination by the CFPB with respect to consumer protection laws and regulations. The CFPB regulates the offering and provision of consumer financial products by depository institutions, such as CBNA, with more than $10 billion in total assets. The CFPB may promulgate rules under a variety of consumer financial protection statutes, including the Truth in Lending Act, the Equal Credit Opportunity Act, the Electronic Funds Transfer Act, and the Real Estate Settlement Procedures Act. Enhanced Prudential Standards and Regulatory Tailoring Rules As a BHC with over $100 billion in total consolidated assets, we are currently subject to enhanced prudential standards and associated capital and liquidity rules (“Tailoring Rules”). The Tailoring Rules assign each BHC, including its bank subsidiaries, to one of four categories based on its size and certain risk-based indicators. CFG and CBNA are each subject to Category IV standards, the least restrictive of the requirements under the Tailoring Rules. Bank and Financial Holding Company Regulation As a FHC, we may engage in a broader range of activities than a BHC that is not also a FHC. These activities include securities underwriting and dealing, insurance underwriting and brokerage, merchant banking, and other activities that are determined by the FRB, in coordination with the U.S. Department of the Treasury, to be “financial in nature or incidental thereto” or that the FRB determines unilaterally to be “complementary” to financial activities. In addition, a FHC may commence new permissible financial activities or acquire non-bank financial companies engaged in such activities, in either case, with after-the-fact notice to the FRB. To maintain FHC status, a BHC and all of its depository institution subsidiaries must remain “well capitalized” and “well managed,” as described below under “Federal Deposit Insurance Act.” If a BHC fails to meet these regulatory standards, the FRB could place limitations on its ability to conduct the broader financial activities permissible for FHCs or impose limitations or conditions on the conduct or activities of the BHC or its affiliates. If the deficiencies persisted, the FRB could order the BHC to divest any subsidiary bank or to cease engaging in any activities permissible for FHCs that are not permissible for BHCs, or the BHC could elect to conform its non-banking activities to those permissible for a BHC that is not also a FHC. In addition, the CRA requires U.S. banks to help serve the needs of their communities. If a depository institution subsidiary of a BHC were to receive a CRA rating of less than “satisfactory”, the BHC would be prohibited from engaging in certain activities or acquisitions (see “Community Reinvestment Act” below). Federal and state laws impose notice and approval requirements for mergers and acquisitions of other depository institutions or BHCs. As noted above, FRB approval is generally not required for BHCs to acquire a company engaged in activities that are financial in nature or incidental to activities that are financial in nature, as determined by the FRB. Prior regulatory approval is required, however, before a BHC may acquire or control more than 5% of any class of voting shares or substantially all of the assets of a BHC, including a FHC, or a bank. In considering applications for approval of acquisitions, the banking regulators may take several factors into account, including the competitive effects of the transaction in the relevant geographic markets; the financial and managerial resources and future prospects of companies involved in the transaction; the effect of the transaction on the financial stability of the U.S. banking or financial system; the companies’ compliance with anti-money laundering laws and regulations; the convenience and needs of the communities to be served; and the performance record of the IDIs involved in the transaction under the CRA. Capital and Stress Testing Requirements We are required to comply with the U.S. Basel III rules, which establish risk-based and leverage capital requirements. The risk-based requirements are based on a banking organization’s RWA, which is inclusive of the organization’s on- and off-balance sheet exposures. We calculate RWA using the standardized approach and have made the AOCI opt-out election, permitting us to exclude components of AOCI from regulatory capital. The leverage requirements are based on a banking organization’s average consolidated on-balance sheet assets. Under the U.S. Basel III rules, the minimum capital ratios are: •CET1 capital ratio of 4.5%; •Tier 1 capital ratio of 6.0%; •Total capital ratio of 8.0%; and •Tier 1 leverage ratio of 4.0%. For BHCs with $100 billion or more in assets, such as us, the FRB’s capital rules impose an institution-specific SCB on top of each of the three minimum risk-based capital ratios listed above. Banking institutions that fail to meet the effective minimum ratios including the SCB will be subject to constraints on capital distributions, including dividends and share repurchases, and certain discretionary executive compensation. The severity of the constraints depends on the amount of the shortfall and the institution’s “eligible retained income”, defined as the greater of four quarter trailing net income net of distributions and tax effects not reflected in net income, or the average four quarter trailing net income. As a Category IV firm under the Tailoring Rules, we are subject to biennial supervisory stress testing and are exempt from company-run stress testing and related disclosure requirements. The FRB supervises Category IV firms on an ongoing basis, including evaluating the capital adequacy and capital planning processes of firms during off-cycle years. We are required to develop, maintain, and submit an annual capital plan for review and approval by our Board of Directors, or one of its committees, as well as FR Y-14 reporting requirements. In July 2023, the federal banking regulators issued a proposal to implement the final components of the Basel III capital framework. The proposal, commonly referred to as Basel III “Endgame,” would significantly revise the capital requirements applicable to large banking organizations with total assets of $100 billion or more, including the Company and CBNA as Category IV firms. Under the proposal, the Company and CBNA would (i) be subject to the same capital treatment regarding the inclusion of AOCI, deductions, and rules for minority interest as Category I and II firms, (ii) be required to utilize two new standardized approaches for credit, operational, market, and credit valuation adjustment risk, (iii) be required to calculate counterparty credit exposure related to derivative transactions using the standardized approach for counterparty credit risk, and (iv) become subject to the supplementary leverage ratio and the countercyclical capital buffer. The federal banking regulators have not finalized this proposal and indicated that their aim is to unveil a re-proposal of the rule in early 2026. However, the timing and scope of any final rule are uncertain at this point in time. We will continue to monitor developments related to this proposal. In April 2025, the FRB issued a proposal designed to reduce the volatility of year-over-year changes in regulatory capital requirements stemming from its annual stress test results, including averaging the results of the prior two annual supervisory stress tests to inform a firm’s SCB requirement. Category IV firms, like us, that choose, or are otherwise required, to participate in consecutive supervisory stress tests would also be subject to results averaging. The proposal would also extend the annual effective date of the SCB requirement from October 1 to January 1 of the following year, providing firms with additional time to comply with their updated SCB requirement. The FRB’s proposed changes are not designed to materially affect overall bank capital requirements, but rather to decrease regulatory reporting burden. In October 2025, the FRB issued a proposal to enhance the transparency and public accountability of its supervisory stress testing framework. The FRB is seeking comment on (i) the supervisory stress test models and related revisions intended to enhance the transparency of its stress test framework, and (ii) an enhanced disclosure process that would include public comment on material model changes and the annual stress test scenarios. We are also subject to the FRB's risk-based capital requirements for market risk. See the “Market Risk” section of Item 7 for additional details. For more details regarding our regulatory capital and SCB, and the AOCI impact of the Basel III Endgame proposal on our regulatory capital, see the “Capital” section of Item 7. Liquidity Requirements The liquidity coverage ratio (“LCR”) is designed to ensure that a covered bank or BHC maintains an adequate level of unencumbered high-quality liquid assets to cover expected net cash outflows over a 30-day time horizon under an acute liquidity stress scenario. The net stable funding ratio (“NSFR”) is designed to promote more medium- and long-term funding of the assets and activities of banking organizations over a one-year time horizon. Under the Tailoring Rules, Category IV firms with less than $50 billion in weighted short-term wholesale funding, such as us, are not subject to any LCR or NSFR requirement. We are subject to certain liquidity requirements under the Tailoring Rules including liquidity buffer, stress testing, risk management, and reporting requirements. In addition, as a Category IV firm, we are required to calculate collateral positions monthly, establish a set of liquidity risk limits, and monitor certain elements of intraday liquidity risk exposures. Resolution Planning The FDIC requires IDIs with $100 billion or more in average total assets that are not affiliates of U.S. global systemically important banking organizations, including CBNA, to submit full resolution plans triennially, with interim supplemental submissions due annually in the intervening years. The FDIC adopted its IDI resolution planning rule in July 2024 to focus on the operational information most relevant for the FDIC to conduct an effective resolution. This rule prioritized executing a large bank resolution through a weekend sale or, if necessary, operating the bank for a short period of time while rapidly marketing the institution or its assets. Institutions must provide credible and detailed information that supports the FDIC’s ability to conduct a low‑cost resolution, ensures timely access to insured deposits, maximizes value from the sale or disposition of assets, and mitigates risks to U.S. financial stability. CBNA submitted its most recent resolution plan to the FDIC on June 25, 2025, and is expected to file an interim submission on or before July 1, 2026. Long-Term Debt Requirements In August 2023, the federal banking regulators issued a proposal that would require large bank holding companies and IDIs with total assets of $100 billion or more, such as CFG and CBNA, to maintain a minimum amount of long-term debt. The joint agency proposal aims to increase the resolvability and resiliency of large banking organizations by mandating a long-term debt requirement to provide the regulatory agencies additional resources to resolve failed banking organizations, foster depositor confidence, and decrease costs to the DIF in the event of a large banking organization failure. Under the proposal, large bank holding companies and IDIs would be (i) required to maintain a minimum amount of eligible long-term debt, (ii) prohibited from engaging in certain activities that could complicate their resolution, and (iii) discouraged from holding long-term debt issued by other banks to reduce interconnectedness. The proposal provides for a phase-in of the long-term debt requirement over a three-year transition period. The federal banking regulators have not finalized this proposal and the timing and scope of any final rule are uncertain at this point in time. We will continue to monitor developments related to this proposal. Standards for Safety and Soundness The FDIA requires the federal banking regulators to prescribe operational and managerial standards for all IDIs, including CBNA. Regulations and interagency guidelines adopted by these agencies set forth the safety and soundness standards used to identify and address problems at IDIs before capital becomes impaired. If an agency determines that a bank fails to satisfy any standard, it may require the bank to submit an acceptable plan to achieve compliance, consistent with deadlines for the submission and review of such safety and soundness compliance plans. If, after being notified to submit a compliance plan, an institution fails to submit an acceptable compliance plan or fails in any material respect to implement an acceptable compliance plan, the agency must issue an order directing action to correct the deficiency and may issue an order directing other types of actions that an undercapitalized institution is subject to under the FDIA as discussed in “Federal Deposit Insurance Act” below. If an institution fails to comply with such an order, the agency may seek to enforce such order in judicial proceedings and to impose civil money penalties. Federal Deposit Insurance Act The FDIA requires, among other things, that federal banking regulators take “prompt corrective action” with respect to IDIs that do not meet minimum capital requirements, as described above in “Capital and Stress Testing Requirements.” The FDIA sets forth the following five capital categories: “well-capitalized,” “adequately capitalized,” “undercapitalized,” “significantly undercapitalized” and “critically undercapitalized.” An IDI’s capital category is determined based on how its capital levels compare with various relevant capital measures and certain other factors that are established by regulation. The federal banking regulators must take certain mandatory supervisory actions, and are authorized to take other discretionary actions, with respect to institutions that are undercapitalized, significantly undercapitalized, or critically undercapitalized, with the actions becoming more restrictive and punitive the lower the institution’s capital category. Under existing rules, an IDI that is not an advanced approaches institution, such as CBNA, is deemed to be “well capitalized” if it has a CET1 ratio of at least 6.5%, a Tier 1 capital ratio of at least 8%, a Total capital ratio of at least 10%, and a Tier 1 leverage ratio of at least 5%. The FRB’s regulations which are applicable to BHCs, such as the Parent Company, separately define “well capitalized” as having a Tier 1 capital ratio of at least 6% and a Total capital ratio of at least 10%. As described above under “Bank and Financial Holding Company Regulation”, a FHC that is not well capitalized and well managed, or whose bank subsidiaries are not well capitalized and well managed, under applicable prompt corrective action standards may be restricted in certain of its activities and ultimately may lose FHC status. As of December 31, 2025, both the Parent Company and CBNA were well-capitalized. The FDIA prohibits insured banks from accepting brokered deposits or offering interest rates on any deposits significantly higher than the prevailing rate in the bank’s normal market area or nationally, depending upon where the deposits are solicited, unless it is “well-capitalized,” or it is “adequately capitalized” and receives a waiver from the FDIC. A bank that is “adequately capitalized” and accepts brokered deposits under a waiver from the FDIC may not pay an interest rate on any deposit in excess of 75 basis points over certain prevailing market rates. The FDIA imposes no such restrictions on a bank that is “well-capitalized.” Deposit Insurance The DIF provides insurance coverage for certain deposits, up to a standard maximum deposit insurance amount of $250,000 per depositor based on ownership right and capacity category codes and is funded through assessments on IDIs based on the risk each institution poses to the DIF. CBNA accepts customer deposits insured by the DIF and must pay insurance premiums as a result, which the FDIC may increase based on various factors, including its assessment of CBNA’s risk profile. The FDIC also requires large depository institutions, including CBNA, to maintain enhanced deposit account recordkeeping and related information technology system capabilities to facilitate prompt calculation of insured deposits if such an institution was taken into FDIC receivership. The FDIC, as required under the FDIA, established a restoration plan in September 2020 to restore the DIF reserve ratio, 1.36% as of June 30, 2025, to meet or exceed the statutory minimum of 1.35% within eight years. This initial plan did not include an increase in the deposit insurance assessment rate, but the FDIC subsequently determined that the DIF reserve ratio was at risk of not reaching the statutory minimum by the statutory deadline of September 30, 2028, absent an increase in assessment rates. Therefore, in October 2022, the FDIC adopted a final rule to increase initial base deposit insurance assessment rates by 2 basis points, beginning with the first quarterly assessment period of 2023. As of June 30, 2025, the DIF reserve ratio exceeded the statutory minimum, therefore the FDIC will no longer operate under a restoration plan. In November 2023, the FDIC adopted a final rule to impose a special assessment on IDIs to recover the loss to the DIF arising from the protection of uninsured depositors in connection with the systemic risk determination announced in March 2023, following the closures of Silicon Valley Bank and Signature Bank, as required by the FDIA. The special assessment was based on an IDI’s estimated uninsured deposits, adjusted to exclude the first $5 billion, as reported for the quarter ended December 31, 2022, and was assessed at an annual rate of approximately 13.4 basis points over eight quarterly periods beginning with the first quarter of 2024. The FDIC’s current estimate of the loss attributable to this systemic risk determination is $16.7 billion. As of September 30, 2025, the FDIC projects that the special assessment collected through the initial eight-quarter collection period will recover the entire loss estimate amount and no extension of the collection period will be necessary. The FDIC reserves the right to impose a one-time final shortfall special assessment after it terminates all receiverships. CBNA’s special assessment was approximately $230 million, which remains subject to change if the eventual loss to the DIF differs from the FDIC’s current estimate. Dividends Various federal statutory provisions and regulations, as well as regulatory expectations, limit the amount of dividends that we and our subsidiaries may pay. Our payment of dividends to stockholders is subject to oversight by the FRB. In particular, the FRB reviews the dividend policies and share repurchases of a large BHC based on capital plans submitted as part of the CCAR process and the results of stress tests, as discussed under “Capital and Stress Testing Requirements” above. In addition to other limitations, our ability to make any capital distributions, including dividends and share repurchases, is subject to the prior approval of the FRB if we are required to resubmit our capital plan. Dividends payable by CBNA, as a national bank subsidiary, are limited to the lesser of the amount calculated under a “recent earnings” test and an “undivided profits” test. Under the recent earnings test, a dividend may not be paid if the total of all dividends declared during any calendar year exceeds the sum of current year net income and retained net income of the two preceding years, less any required transfers to surplus, unless the national bank obtains the approval of the OCC. Under the undivided profits test, a dividend may not be paid in excess of the entity’s “undivided profits” (generally accumulated net profits that have not been paid out as dividends or transferred to surplus). Federal banking regulatory agencies have issued policy statements that provide that FDIC-insured depository institutions and their holding companies should generally pay dividends only out of current operating earnings. Support of Subsidiary Bank The Parent Company is required to serve as a source of financial and managerial strength to CBNA and, under appropriate conditions, to commit resources to support CBNA. This support may be required by the FRB at times when the Parent Company may not have the financial resources to do so, or when doing so may not serve our interests or those of our shareholders or creditors. In addition, any capital loans by a BHC to a subsidiary bank are subordinate in right of payment to deposits and certain other indebtedness of such subsidiary bank. In the event of a BHC’s bankruptcy, any commitment by the BHC to a federal bank regulatory agency to maintain the capital of a subsidiary bank will be assumed by the bankruptcy trustee and entitled to a priority of payment. Transactions with Affiliates and Insiders Federal banking laws and regulations impose certain quantitative limits and qualitative standards upon certain transactions between a member bank, including CBNA, and its affiliates, including a parent BHC. Covered transactions with any single affiliate are limited to 10% of the member bank’s capital stock and surplus and covered transactions with all affiliates are limited to 20% of the member bank’s capital stock and surplus. Covered transactions include, among other things, extensions of credit to an affiliate, investments in the securities of an affiliate, purchases of assets from an affiliate, and certain other transactions that expose the member bank to the credit risks of its affiliates. Transactions between a member bank and its affiliates, including all covered transactions, are also required to be on terms substantially the same, or at least as favorable to the member bank, as those prevailing at the time for comparable transactions with nonaffiliates. We are also subject to quantitative restrictions on extensions of credit to executive officers, directors, principal stockholders, and their related interests. These extensions of credit may not exceed certain quantitative limits, must be made on substantially the same terms as those currently prevailing in the market for comparable transactions with third parties, and must not involve more than the normal risk of repayment or present other unfavorable features. Certain extensions of credit also require the approval of our Board. Volcker Rule Under the Volcker Rule, banks and their affiliates are prohibited from engaging in proprietary trading and investing in, sponsoring, and having certain relationships with private funds such as certain hedge funds or private equity funds. Under this rule, we are viewed as having “moderate” trading assets and liabilities, which subjects us to a simplified compliance program requirement that is appropriate for our activities, size, scope, and complexity. This rule does not have a material impact on Citizens. Regulation of Derivatives The regulatory framework with respect to OTC derivatives requires the registration of certain market participants as swap dealers and security-based swap dealers, as well as central clearing and trade execution of certain swaps and security-based swaps on regulated exchanges or execution facilities. CBNA is a CFTC-registered swap dealer and is subject to the CFTC’s regulatory regime, including business conduct standards, recordkeeping, and transaction and financial reporting requirements. CBNA is also subject to regulation by the National Futures Association, a self-regulatory organization. In addition, CBNA is subject to the OCC’s rules that mandate the exchange of initial margin and variation margin for swaps and security-based swaps between CBNA and specified counterparties that are not centrally cleared through a regulated clearing house. The amount of margin required varies based on the relative risk of the associated swap. Consumer Financial Protection Regulations The retail activities of banks are subject to a variety of statutes and regulations designed to protect consumers and promote lending to various sectors of the economy and population. These laws include, but are not limited to, the Equal Credit Opportunity Act, the Fair Debt Collection Practices Act, the Fair Credit Reporting Act, the Truth in Lending Act, the Home Mortgage Disclosure Act, the Service Members Civil Relief Act, the Expedited Funds Availability Act, the Right to Financial Privacy Act, the Truth in Savings Act, the Electronic Funds Transfer Act, and their respective federal regulations and state law counterparts. In addition to these federal laws and regulations, the guidance and interpretations of the various federal agencies charged with the responsibility of implementing such regulations also influence loan and deposit operations. The CFPB has rulemaking, supervisory, examination, and enforcement authority over various consumer financial protection laws, including those referenced above, fair lending laws, and certain other statutes. The CFPB also has examination and primary enforcement authority with respect to depository institutions with $10 billion or more in assets, such as CBNA, including the authority to prevent unfair, deceptive, or abusive acts or practices in connection with the offering of consumer financial products. The Federal Reserve has adopted rules applicable to banks with $10 billion or more in assets, such as CBNA, that establish standards for debit card interchange fees and prohibit network exclusivity and routing restrictions. These rules establish a maximum permissible interchange fee that banks may charge for many types of debit card transactions. In October 2023, the Federal Reserve proposed amendments to these rules that would reduce this maximum permissible interchange fee and establish automatic updates to the fee every other year based on a survey of debit card issuers. We will continue to monitor the proposed changes to these rules. States are permitted to adopt stricter consumer protection laws and standards than those adopted at the federal level, and in certain circumstances allows state attorneys general to enforce compliance with both the state and federal laws and regulations on banks like us. Protection of Customer Personal Information and Cybersecurity The privacy provisions of GLBA generally prohibit financial institutions, including us, from disclosing nonpublic personal financial information of consumer customers to third parties for certain purposes unless customers have the opportunity to opt out of the disclosure. The Fair Credit Reporting Act restricts information sharing among affiliates for marketing purposes. Both the Fair Credit Reporting Act and Regulation V, which are issued by the FRB, govern the use and provision of information to consumer reporting agencies. In October 2024, the CFPB adopted a rule regarding personal financial data rights (“PFDR rule”) that applies to financial institutions that offer consumer deposit accounts, such as CBNA. Covered financial institutions are required to provide consumers electronic access to 24 months of transaction data and certain account information and are prohibited from imposing any fees or charges for maintaining or providing access to such data. The PFDR rule also imposes data accuracy, retention, and other obligations. For banks with total assets between $10 billion and $250 billion, compliance with the rule is required by April 1, 2027. In August 2025, in response to legal challenges, the CFPB issued an Advance Notice of Proposed Rulemaking seeking comments and data to inform its consideration of certain issues related to the implementation of the PFDR rule. We will continue to monitor the outcome of the CFPB’s PFDR rule. The federal banking regulators regularly issue guidance regarding cybersecurity intended to enhance cyber risk management standards among financial institutions. Financial institutions are expected to design multiple layers of security controls to establish lines of defense and to ensure that their risk management processes also address the risk posed by compromised customer credentials, including security measures to reliably authenticate customers when accessing internet-based services of the financial institution. Further, a financial institution’s management is expected to maintain sufficient business continuity planning processes to ensure the rapid recovery, resumption, and maintenance of the institution’s operations after a cyberattack involving destructive malware or other compromise of customer data and/or systems. A financial institution is also expected to develop appropriate processes to enable recovery of data and business operations and address rebuilding network capabilities and restoring data if the institution or its critical service providers fall victim to this type of cyberattack or compromise. If we fail to observe the regulatory guidance, we could be subject to various regulatory sanctions, including financial penalties. For further discussion of risks related to cybersecurity, see Item 1A “Risk Factors.” A financial institution is also required to notify its primary banking regulator within 36 hours of computer-security incidents that have materially disrupted or degraded, or is reasonably likely to materially disrupt or degrade its: •ability to carry out banking operations, activities, or processes, or deliver banking products and services to a material portion of its customer base; •business lines, including associated operations, services, functions, and support, that upon failure would result in a material loss of revenue, profit, or franchise value; or •operations, including associated services, functions, and support, the failure or discontinuance of which would pose a threat to the financial stability of the United States. In addition, the SEC requires registrants to disclose material cybersecurity incidents on Form 8-K, which must describe the material aspects of the nature, scope, and timing of the incident, as well as the impact of the incident on the registrant. In Form 10-K filings, registrants are required to describe their processes for assessing, identifying, and managing material risks from cybersecurity threats and whether such risks have materially affected the registrant. Registrants must also describe Board oversight of risks from cybersecurity threats and management’s role and expertise in assessing and managing material risks from such threats. See Item 1C “Cybersecurity” for more information. State regulators have also been active in implementing privacy and cybersecurity standards and regulations. Several states have adopted laws and regulations requiring certain financial institutions to implement cybersecurity programs and provide details with respect to these programs. In addition, many states have implemented or modified their data breach notification and data privacy requirements. We expect this trend of state-level activity to continue and are continually monitoring developments in the states in which we operate. Climate-Related Laws and Regulations In March 2024, the SEC adopted a final rule to require registrants to disclose certain climate-related matters in their registration statements and annual reports including risks, activities to mitigate or adapt to such risks, governance, financial effects of severe weather events, and audited measurements of certain greenhouse gas emissions. The SEC subsequently issued an order staying its rule in April 2024 while federal courts considered various legal challenges brought by states, businesses, and business groups, which were consolidated in the U.S. Court of Appeals for the Eighth Circuit. In March 2025, the SEC voted to end its defense of the rule and withdrew from the lawsuit. Litigation is expected to continue with the court ultimately deciding whether the rule will remain in effect as adopted. The rule remains stayed until the litigation is resolved. Several states in which we operate have also enacted or proposed statutes or regulations addressing climate-related issues. For example, California has enacted laws that impose climate-related disclosure requirements on certain companies doing business in California, while some states have enacted, or proposed to enact, divergent or sometimes conflicting statutes, including those that prohibit financial institutions from denying or canceling products or services on the basis of social credit scores and certain other factors. We will continue to monitor developments on these laws and regulations. Community Reinvestment Act The CRA requires CBNA’s primary federal bank regulatory agency, the OCC, to evaluate the bank’s record in meeting the credit needs of the communities it serves, including low- and moderate-income neighborhoods and individuals. Institutions are assigned one of four ratings: “Outstanding,” “Satisfactory,” “Needs to Improve,” or “Substantial Noncompliance.” A bank’s CRA record is considered by regulatory agencies in evaluating mergers, acquisitions, and applications to open a branch or facility. In addition, the CRA record of a subsidiary bank of a FHC is considered if a FHC wishes to commence certain new financial activities or to acquire a company engaged in such activities, which requires a rating of at least “satisfactory.” CBNA received an “Outstanding” rating on its most recent CRA evaluation. In October 2023, the federal banking regulators issued a joint final rule to modernize their regulations implementing the CRA. The final rule took effect on April 1, 2024, with most of its requirements effective January 1, 2026, and certain reporting requirements effective January 1, 2027. However, a court issued a preliminary injunction enjoining the federal banking regulators from enforcing the revised regulations pending resolution of a lawsuit challenging the regulations. In July 2025, the federal banking regulators issued a joint Notice of Proposed Rulemaking (“NPR”) to rescind the CRA joint final rule and replace it with the prior CRA regulations adopted by the agencies in 1995, with certain technical amendments. The NPR is intended to restore certainty in the CRA regulatory framework for stakeholders and limit regulatory burden on financial institutions. Compensation Our compensation practices are subject to oversight by the federal banking regulators, with their jointly issued guidance designed to ensure that incentive compensation arrangements take into account risk and are consistent with safe and sound practices. The guidance sets forth the following three key principles with respect to incentive compensation arrangements: •The arrangements should provide employees with incentives that appropriately balance risk and financial results in a manner that does not encourage employees to expose their organizations to imprudent risk; •The arrangements should be compatible with effective controls and risk management; and •The arrangements should be supported by strong corporate governance. We will continue to monitor regulations related to incentive compensation arrangements that have not been finalized. Anti-Money Laundering The Bank Secrecy Act (“BSA”) and the Patriot Act contain anti-money laundering (“AML”) and financial transparency provisions intended to detect and prevent the use of the U.S. financial system for money laundering and terrorist financing activities. The BSA, as amended by the Patriot Act, requires depository institutions and their holding companies to maintain an AML program, verify the identity of customers and certain beneficial owners for legal entity customers, monitor for and report suspicious transactions, report on cash transactions exceeding specified thresholds, and respond to requests for information by regulatory authorities and law enforcement agencies. We are also required to provide our employees with AML training, designate an AML compliance officer, and undergo an annual, independent audit to assess the effectiveness of our AML program. We have implemented policies, procedures, and internal controls that are designed to comply with these AML requirements. Financial services regulators are focusing their examinations on AML compliance, and we continue to monitor and augment, where necessary, our AML compliance programs. The federal banking agencies are required, when reviewing bank and BHC acquisition or merger applications, to take into account the effectiveness of the AML activities of the applicants. The Anti-Money Laundering Act of 2020 (“AMLA”), enacted in 2021 as part of the National Defense Authorization Act, requires the U.S. Department of the Treasury to issue National Anti-Money Laundering and Countering the Financing of Terrorism Priorities and conduct studies and issue regulations that may, over the next few years, significantly alter some of the due diligence, recordkeeping, and reporting requirements that the BSA and the Patriot Act impose on financial institutions. The AMLA also increases penalties for violations of the BSA and significantly expands a whistleblower award program both of which could increase the prospect of regulatory enforcement. In 2021, the Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Department of the Treasury, issued the priorities for AML and countering the financing of terrorism policy, as required under the AMLA. These priorities include corruption, cybercrime, terrorist financing, fraud, transnational crime, drug trafficking, human trafficking, and proliferation financing. Office of Foreign Assets Control Regulation The U.S. has imposed economic sanctions that affect transactions with designated foreign countries, nationals, and others, that are administered by OFAC. OFAC-administered sanctions targeting countries take many different forms and generally contain one or more of the following elements: •Restrictions on trade with or investment in a sanctioned country, including prohibitions against direct or indirect imports from and exports to a sanctioned country and prohibitions on U.S. persons engaging in financial transactions relating to, making investments in, or providing investment-related advice or assistance to, a sanctioned country; and •Blocking assets in which the government or specially designated nationals of the sanctioned country have an interest, by prohibiting transfers of property subject to U.S. jurisdiction, including property in the possession or control of U.S. persons. Blocked assets (e.g., property and bank deposits) cannot be paid out, withdrawn, set off, or transferred in any manner without a license from OFAC. Lists including the names of individuals and organizations suspected of aiding, harboring, or engaging in terrorist acts, including the Specially Designated Nationals and Blocked Persons list, is published and routinely updated by OFAC. We are responsible for, among other things, blocking accounts of, and transactions with, such targets and countries, prohibiting unlicensed trade and financial transactions with them, and reporting blocked transactions after they occur. If we identify a name on any transaction, account, or wire transfer that is on an OFAC list we must freeze the associated account, file a suspicious activity report, and notify the appropriate authorities. Failure to comply with these sanctions could have serious legal and reputational consequences. Regulation of Broker-Dealers Our subsidiaries, Citizens Securities, Inc. and Citizens JMP Securities, LLC, are registered broker-dealers with the SEC and subject to regulation and examination by the SEC and FINRA. These regulations cover a broad range of matters, including capital requirements; sales and trading practices; use of client funds and securities; the conduct of directors, officers, and employees; recordkeeping and recording; supervisory procedures to prevent improper trading on material nonpublic information; qualification and licensing of sales personnel; and limitations on the extension of credit in securities transactions. In addition to federal registration, state securities commissions require the registration of certain broker-dealers. Heightened Risk Governance Standards CBNA is subject to OCC guidelines that impose heightened risk governance standards on large national banks with average total consolidated assets of $50 billion or more. The guidelines set forth minimum standards for the design and implementation of a bank’s risk governance framework and its associated oversight by a bank’s board of directors. The guidelines are intended to protect the safety and soundness of covered banks and improve the ability of bank examiners to assess compliance with the OCC’s expectations. Under the guidelines, a bank may use the risk governance framework of its parent company if it meets the minimum standards and the risk profiles of the parent company and the covered bank are substantially the same, along with certain other conditions. CBNA has elected to use the Parent Company’s risk governance framework. A bank’s board of directors is required to have two members who are independent of bank and parent company management, ensure that the risk governance framework meets the appropriate standards, provide active oversight and a credible challenge to management’s recommendations and decisions, and ensure that decisions made by the parent company do not jeopardize the safety and soundness of the bank. In December 2025, the OCC issued a Notice of Proposed Rulemaking that, if enacted, would increase the average total consolidated assets threshold for applying the guidelines from $50 billion to $700 billion.", "prior_body": "Our operations are subject to extensive regulation, supervision and examination under federal and state laws and regulations. These laws and regulations cover all aspects of our business, including lending practices, deposit insurance, customer privacy and cybersecurity, capital adequacy and planning, liquidity, safety and soundness, consumer protection and disclosure, permissible activities and investments, and certain transactions with affiliates. These laws and regulations are intended primarily for the protection of customers, depositors, the DIF and the banking system as a whole and not for the protection of shareholders or other investors. The discussion below outlines the material elements of selected laws and regulations applicable to us and our subsidiaries, but do not summarize all possible or proposed changes in laws or regulations. Changes in applicable law or regulation, and in their interpretation and application by regulatory agencies and other governmental authorities, cannot be predicted, but may have a material effect on our business, financial condition or results of operations. We are subject to examinations by federal banking regulators, as well as the SEC, FINRA, CFTC and various state insurance and securities regulators. In some cases, regulatory agencies may take supervisory actions that may not be publicly disclosed, and such actions may restrict or limit our activities or activities of our subsidiaries. As part of our regular examination process, regulators may advise us to operate under various restrictions as a prudential matter. We have periodically received requests for information from regulatory authorities at the federal and state level, including from banking, securities and insurance regulators, state attorneys general, federal agencies or law enforcement authorities, and other regulatory authorities, concerning our business practices. Such requests are considered incidental to the normal conduct of business. For a further discussion of how regulatory actions may impact our business, see Item 1A “Risk Factors.” For additional information regarding regulatory matters, see Note 25 in Item 8. Overview We are a BHC under the Bank Holding Company Act and have elected to be treated as a FHC under amendments to this Act as effected by GLBA. As such, we are subject to the supervision, examination and reporting requirements of the Bank Holding Company Act and the regulations of the FRB, including through the Federal Reserve Bank of Boston. Under the system of “functional regulation” established under the Bank Holding Company Act, the FRB serves as the primary regulator of our consolidated organization. The OCC serves as the primary regulator for CBNA, and the SEC and FINRA serve as the primary regulators of our broker-dealer subsidiaries. The federal banking regulators have authority to approve or disapprove mergers, acquisitions, consolidations, the establishment of branches and similar corporate actions. These banking regulators also have the power to prevent the continuance or development of unsafe or unsound banking practices or other violations of law. Federal law governs the activities in which CBNA engages, including the investments it makes and the aggregate amount of available credit that it may grant to one borrower. Various consumer and compliance laws and regulations also affect its operations. The actions the FRB takes to implement monetary policy also affect us. In addition, CBNA is subject to regulation, supervision and examination by the CFPB with respect to consumer protection laws and regulations. The CFPB has broad authority to regulate the offering and provision of consumer financial products by depository institutions, such as CBNA, with more than $10 billion in total assets. The CFPB may promulgate rules under a variety of consumer financial protection statutes, including the Truth in Lending Act, the Equal Credit Opportunity Act, the Electronic Funds Transfer Act and the Real Estate Settlement Procedures Act. In 2024, CBNA registered as a swap dealer with the CFTC and became a member of the National Futures Association, the self-regulatory organization for participants in the U.S. derivatives industry, to accommodate growth in its hedging business. For more information see “Regulation of Derivatives” below." }, { "status": "UNCHANGED", "current_title": "“Anti-takeover” provisions and the regulations to which we are subject may make it more difficult for a third party to acquire control of us, even if the change in control would be beneficial to stockholders.", "prior_title": "“Anti-takeover” provisions and the regulations to which we are subject may make it more difficult for a third party to acquire control of us, even if the change in control would be beneficial to stockholders.", "current_body": "We are a BHC incorporated in the state of Delaware. Anti-takeover provisions in Delaware law and our restated certificate of incorporation and amended and restated bylaws, as well as regulatory approvals that would be required under federal law, could make it more difficult for a third party to take control of us and may prevent stockholders from receiving a premium for their shares of our common stock. These provisions could adversely affect the market price of our common stock and could reduce the amount that stockholders might get if we are sold. Furthermore, banking laws impose notice, approval, and ongoing regulatory requirements on any stockholder or other party that seeks to acquire direct or indirect “control” of an FDIC-insured depository institution. These laws include the Bank Holding Company Act and the Change in Bank Control Act." }, { "status": "UNCHANGED", "current_title": "The Parent Company depends on CBNA for substantially all of its revenue, and restrictions on dividends and other distributions by CBNA could affect its liquidity and ability to fulfill its obligations.", "prior_title": "The Parent Company depends on CBNA for substantially all of its revenue, and restrictions on dividends and other distributions by CBNA could affect its liquidity and ability to fulfill its obligations.", "current_body": "As a BHC, the Parent Company is a separate and distinct legal entity from CBNA, our banking subsidiary. The Parent Company typically receives substantially all of its revenue from dividends from CBNA and are the principal source of funds utilized to pay dividends on our equity and interest and principal on our debt. Various federal and/or state laws and regulations, as well as regulatory expectations, limit the amount of dividends that CBNA may pay to the Parent Company. Also, our right to participate in a distribution of assets upon a subsidiary’s liquidation or reorganization is subject to the prior claims of the subsidiary’s creditors. In the event CBNA is unable to pay dividends to the Parent Company, it may not be able to make debt service payments, pay obligations, or pay dividends on its common stock. The inability to receive dividends from CBNA could have a material adverse effect on our business, financial condition, and results of operations. See the “Regulation and Supervision” section in Item 1 for further discussion of dividends payable by CBNA as a national bank subsidiary." }, { "status": "UNCHANGED", "current_title": "We rely on third parties for the performance of a significant portion of our information technology.", "prior_title": "We rely on third parties for the performance of a significant portion of our information technology.", "current_body": "Third parties perform a significant portion of our information technology functions and the provision of information technology and business process services including, but not limited to, the operation of our data communications networks, hosted services, and a wide range of other support services. The success of our business depends in part on the continuing ability of third parties to perform these functions and services in a timely and satisfactory manner, which performance could be disrupted or otherwise adversely affected due to failures or other information security events originating at the third parties or at the third parties’ suppliers or vendors (so-called “fourth party risk”). We may not be able to effectively monitor or mitigate third or fourth-party risk, in particular as it relates to the use of common suppliers or vendors by the third parties that perform functions and services for us. If we experience a disruption in the provision of any functions or services performed by third parties, we may have difficulty in finding alternate providers on terms favorable to us and in reasonable time frames. If these services are not performed in a satisfactory manner, we would not be able to adequately serve our customers. In either situation, our business could incur significant costs and be adversely affected." }, { "status": "UNCHANGED", "current_title": "We may not repurchase shares or pay cash dividends on our common stock.", "prior_title": "We may not repurchase shares or pay cash dividends on our common stock.", "current_body": "Holders of our common stock are only entitled to receive dividends declared by our Board out of funds legally available for such payments. Although we have historically declared cash dividends on our common stock, we are not required to do so and may reduce or eliminate our common stock dividend in the future, which could adversely affect the market price of our common stock. Also, as a BHC, our ability to repurchase shares and declare and pay dividends is dependent on certain federal regulatory considerations, including the rules of the FRB regarding capital adequacy and dividends. We are also generally required to receive the FRB’s approval for any dividends, share repurchases, or redemption of capital securities if we are required to resubmit our capital plan. Further, if we are unable to satisfy the capital requirements applicable to us for any reason, we may be limited in our ability to repurchase shares and declare and pay dividends on our capital stock. See the “Regulation and Supervision” section in Item 1 for further discussion of the regulations to which we are subject." }, { "status": "UNCHANGED", "current_title": "Our stock price may be volatile, and you could lose all or part of your investment as a result.", "prior_title": "Our stock price may be volatile, and you could lose all or part of your investment as a result.", "current_body": "You should consider an investment in our common stock to be risky, and you should invest in our common stock only if you can withstand a significant loss and wide fluctuation in the market value of your investment. The market price of our common stock could be subject to wide fluctuations in response to, among other things, the factors described in this “Risk Factors” section, and other factors, some of which are beyond our control. These factors include, but are not limited to, the following: •quarterly variations in our results of operations or the quarterly financial results of companies perceived to be similar to us; •changes in expectations as to our future financial performance, including financial estimates by securities analysts and investors; •our announcements or our competitors’ announcements regarding new products or services, enhancements, significant contracts, acquisitions, or strategic investments; •fluctuations in the market valuations of companies perceived by investors to be comparable to us; •failures of financial institutions perceived to be similar to us; •future sales of our common stock; •additions or departures of members of our senior management or other key personnel; •changes in industry conditions or perceptions; and •changes in applicable laws, rules, or regulations and other dynamics. Furthermore, stock markets experience price and volume fluctuations that affect the market price of equity securities of many companies. These fluctuations can be unrelated or disproportionate to the operating performance of these companies. Broad market fluctuations, as well as general economic, systemic, political, and market conditions, such as recessions, loss of investor confidence, interest rate changes, or international currency fluctuations, may negatively affect the market price of our common stock. If any of the foregoing occurs, it could cause our stock price to fall and may expose us to securities class action litigation that, even if unsuccessful, could be costly to defend and a distraction to management." }, { "status": "UNCHANGED", "current_title": "From time-to-time, we may become or are subject to regulatory actions that may have a material impact on our business.", "prior_title": "From time-to-time, we may become or are subject to regulatory actions that may have a material impact on our business.", "current_body": "We may become or are involved, from time to time, in reviews, investigations, and proceedings (both formal and informal) by governmental and self-regulatory agencies regarding our business. These regulatory actions involve accounting, compliance, and operational matters, among others, some of which may result in adverse judgments, settlements, fines, penalties, injunctions, or other relief that may require changes to our business or otherwise materially impact our business. In regulatory actions, such as those referred to above, it is inherently difficult to determine whether any loss is probable or whether it is possible to reasonably estimate the amount of any loss. We cannot predict with certainty if, how, or when such proceedings will be resolved or what the eventual fine, penalty, or other relief, conditions, or restrictions, if any, may be, particularly for actions that are in their early stages of investigation. We may be required to make significant restitution payments to CBNA customers arising from certain compliance issues and also may be required to pay civil money penalties in connection with certain of these issues. This uncertainty makes it difficult to estimate probable losses which, in turn, can lead to substantial disparities between the reserves we may establish for such proceedings and the eventual settlements, fines, or penalties. Adverse regulatory actions could have a material adverse effect on our business, financial condition, and results of operations." }, { "status": "UNCHANGED", "current_title": "We are subject to capital adequacy and liquidity standards, and if we fail to meet these standards our financial condition and operations would be adversely affected.", "prior_title": "We are subject to capital adequacy and liquidity standards, and if we fail to meet these standards our financial condition and operations would be adversely affected.", "current_body": "We are subject to several capital adequacy and liquidity standards. To the extent that we are unable to meet these standards, our ability to make distributions of capital will be limited and we may be subject to additional supervisory actions and limitations on our activities. See “Regulation and Supervision” in Item 1 for further discussion of the regulations to which we are subject." }, { "status": "UNCHANGED", "current_title": "The effects of geopolitical instability may adversely affect us and create significant risks and uncertainties for our business, with the ultimate impact dependent on future developments, which are highly uncertain and unpredictable.", "prior_title": "The effects of geopolitical instability may adversely affect us and create significant risks and uncertainties for our business, with the ultimate impact dependent on future developments, which are highly uncertain and unpredictable.", "current_body": "Ongoing geopolitical instability, such as the wars in Ukraine and the Middle East, has negatively impacted, and could in the future negatively impact, the global and U.S. economies, including by causing supply chain disruptions, rising prices for oil and other commodities, volatility in capital markets and foreign currency exchange rates, rising interest rates, and heightened cybersecurity risks. The extent to which such geopolitical instability adversely affects our business, financial condition, and results of operations, as well as our liquidity and capital profile, will depend on future developments, which are highly uncertain and unpredictable, including the extent and duration of the wars and the associated immeasurable humanitarian toll inflicted as a result. If geopolitical instability adversely affects us, it may also have the effect of heightening other risks related to our business." }, { "status": "UNCHANGED", "current_title": "Unpredictable catastrophic events could have an adverse effect on our business, financial position, and results of operations.", "prior_title": "Unpredictable catastrophic events could have an adverse effect on our business, financial position and results of operations.", "current_body": "The occurrence of catastrophic events, including pandemics, terrorists attacks, extreme weather events, such as hurricanes, tropical storms, or tornadoes, and other large-scale catastrophes could adversely affect our business, financial condition, or results of operations. Such events could affect the stability of our deposit base, impair the ability of our borrowers to repay outstanding loans, impair the value of collateral securing loans, and cause significant property damage or operational disruptions, resulting in loss of revenue or causing us to incur additional expenses. Furthermore, although we maintain both business continuity and disaster recovery plans, if a catastrophic event rendered our production and recovery data unusable, there can be no assurance that these plans and related capabilities will adequately protect us from such an event, and our business, financial condition, or results of operations could be adversely affected." }, { "status": "UNCHANGED", "current_title": "Changes in our accounting policies or standards could materially affect how we report our financial results and condition.", "prior_title": "Changes in our accounting policies or standards could materially affect how we report our financial results and condition.", "current_body": "The FASB and SEC periodically change financial accounting and reporting standards that govern accounting for our financial results and preparation of our consolidated financial statements. These changes can be hard to predict and can materially impact how we record and report our financial condition and results of operations. In some cases, we could be required to apply a new or revised standard retroactively, which would result in the recasting of our prior period financial statements." }, { "status": "UNCHANGED", "current_title": "The preparation of our financial statements requires us to make subjective determinations and use estimates that may vary from actual results and materially impact our financial condition and results of operations.", "prior_title": "The preparation of our financial statements requires us to make subjective determinations and use estimates that may vary from actual results and materially impact our financial condition and results of operations.", "current_body": "The preparation of consolidated financial statements in conformity with GAAP requires management to make significant estimates that affect the financial statements. Our accounting policies and methods are fundamental to how we record and report our financial condition and results of operations and, at times, require management to exercise judgment in their application so as to report our financial condition and results of operations in the most appropriate manner. Certain accounting policies are critical because they require management to make difficult, subjective, or complex judgments about matters that are inherently uncertain and the likelihood that materially different estimates would result under different conditions or through the utilization of different assumptions. Our critical accounting estimates include the ACL, fair value measurements, and the evaluation and measurement of goodwill for impairment. If our estimates are inaccurate or need to be adjusted periodically, our financial condition and results of operations could be materially impacted. For more information regarding our use of estimates in the preparation of our consolidated financial statements, see Note 1 in Item 8 and the “Critical Accounting Estimates” section in Item 7." }, { "status": "UNCHANGED", "current_title": "Compliance with anti-money laundering and anti-terrorism financing rules involves significant cost and effort.", "prior_title": "Compliance with anti-money laundering and anti-terrorism financing rules involves significant cost and effort.", "current_body": "We are subject to rules and regulations regarding money laundering and the financing of terrorism. Monitoring compliance with anti-money laundering and anti-terrorism financing rules can put a significant financial burden on banks and other financial institutions and poses significant technical challenges. Although we believe our current policies and procedures are sufficient to comply with applicable rules and regulations, we cannot guarantee that our anti-money laundering and anti-terrorism financing policies and procedures completely prevent situations of money laundering or terrorism financing. Any such failure events may have severe consequences, including sanctions, fines, and reputational consequences, which could have a material adverse effect on our business, financial condition, or results of operations." }, { "status": "UNCHANGED", "current_title": "Operational risks are inherent in our businesses.", "prior_title": "Operational risks are inherent in our businesses.", "current_body": "Our operations depend on our ability to process a very large number of transactions efficiently and accurately while complying with applicable laws and regulations. Operational risk and losses can result from internal and external fraud; improper conduct or errors by employees or third parties; failure to document transactions properly or to obtain proper authorization; failure to comply with applicable legal and regulatory requirements and business conduct rules; equipment failures, including those caused by natural disasters or by electrical, telecommunications, or other essential utility outages; business continuity and data security system failures, including those caused by computer viruses, cyber-attacks against us or our vendors, coding errors, or unforeseen problems encountered while implementing new computer systems or upgrades to existing systems; or the inadequacy or failure of systems and controls, including those of our suppliers or counterparties. Although we implement risk controls and loss mitigation actions and devote substantial resources to developing efficient procedures, identifying and rectifying weaknesses in existing procedures and training staff, it is not possible to be certain that such actions have been or will be effective in controlling each of the operational risks we face. Any weakness in these systems or controls, or any breaches or alleged breaches of such laws or regulations, could result in increased regulatory supervision, enforcement actions, and other disciplinary action, especially in light of heightened regulatory expectations around information security, and have an adverse impact on our business, applicable authorizations and licenses, reputation, and results of operations." }, { "status": "UNCHANGED", "current_title": "The financial services industry, including the banking sector, continues to make technological enhancements to meet customer preferences, as well as meet legal and regulatory requirements, and we may not be able to compete effectively as a result of these changes.", "prior_title": "The financial services industry, including the banking sector, continues to make technological enhancements to meet customer preferences, as well as meet legal and regulatory requirements, and we may not be able to compete effectively as a result of these changes.", "current_body": "Technology within the financial services industry continues to evolve and new, unexpected technological changes, including those related to artificial intelligence, could have a transformative effect on the way banks offer products and services. We believe our success depends, to a great extent, on our ability to utilize technology to offer products and services that address the needs of our customers and to create efficiencies in our operations. However, we may not be able to, among other things, keep up with the rapid pace of technological changes, effectively implement new technology-driven products and services, or be successful in marketing these products and services to our customers. As a result, our ability to compete effectively to attract or retain business may be impaired, and our business, financial condition, or results of operations may be adversely affected. In addition, changes in the legal and regulatory framework under which we operate require us to update our information systems to ensure compliance. Our need to review and evaluate the impact of ongoing rule proposals, final rules, and implementation guidance from regulators further complicates the development and implementation of new information systems for our business. Regulatory guidance continues to be focused on the need for financial institutions to perform appropriate due diligence and ongoing monitoring of third-party vendor relationships, thus increasing the scope of management involvement and decreasing the efficiency otherwise resulting from our relationships with third-party technology providers. Given the significant number of ongoing regulatory reform initiatives, it is possible that we may incur higher than expected information technology costs in order to comply with current and impending regulations. Also, see “Supervisory requirements and expectations on us as a financial holding company and a bank holding company and any regulator-imposed limits on our activities could adversely affect our ability to implement our strategic plan, expand our business, continue to improve our financial performance, and make capital distributions to our stockholders.”" }, { "status": "UNCHANGED", "current_title": "Website Access to Citizens’ Filings with the SEC and Corporate Governance Information", "prior_title": "Website Access to Citizens’ Filings with the SEC and Corporate Governance Information", "current_body": "Our annual reports on Form 10-K, quarterly reports on Form 10-Q, and current reports on Form 8-K are available on our website, free of charge, at investor.citizensbank.com, along with amendments to such reports that are filed or furnished to the SEC pursuant to the Exchange Act of 1934. These documents are made available on our website as soon as reasonably practicable after they are electronically filed with or furnished to the SEC. The SEC also maintains a website (www.sec.gov) that contains reports, proxy and information statements, and other information regarding issuers that file electronically with the SEC. Information about our Board and its committees and corporate governance, including our Code of Business Conduct and Ethics, is available on our website at investor.citizensbank.com/about-us/investor-relations/corporate-governance. Except as specifically incorporated by reference into this Annual Report on Form 10-K, information on the aforementioned websites is not part of this report. ITEM 1A. RISK FACTORS We are subject to a number of risks potentially impacting our business, financial condition, results of operations, and cash flows. As a financial services organization, certain elements of risk are inherent in what we do and the decisions we make. Therefore, we encounter risk as part of the normal course of our business and design risk management processes to help manage these risks. See the “Risk Management” section in Item 7 for a discussion of our risk management framework and the primary risks we face. You should carefully consider the following risk factors that may affect our business, financial condition, results of operations, or cash flows. However, the risk factors described below are not the only ones we face and should not be considered a complete list of risks that we may encounter. Additional risks not presently known to us or that we believe to be immaterial may also adversely affect our business. See the “Forward-Looking Statements” section above for other factors that could affect us." }, { "status": "UNCHANGED", "current_title": "Our financial and accounting estimates and risk management framework rely on analytical forecasting and models.", "prior_title": "Our financial and accounting estimates and risk management framework rely on analytical forecasting and models.", "current_body": "The processes we use to estimate loan losses, measure the fair value of financial instruments, and estimate the effects of changing interest rates and other market measures on our financial condition and results of operations are reliant upon the use of analytical and forecasting models. Some of our tools and metrics for managing risk are based on observed historical market behavior, and we rely on quantitative models to measure risks and to estimate certain financial values. Models may be used in processes such as determining the pricing of various products, grading loans and extending credit, measuring interest rate and other market risks, predicting losses, assessing capital adequacy, and calculating regulatory capital levels, as well as estimating the value of financial instruments and balance sheet items, including goodwill. Poorly designed or implemented models could adversely affect our business decisions if the information is inadequate. In addition, our models may fail to predict future risk exposures if the information used is inaccurate, obsolete, or not sufficiently comparable to actual events as they occur. We seek to incorporate appropriate historical data in our models, but the range of market values and behaviors reflected in any period of historical data is not always predictive of future developments in any particular period and the period of data we incorporate into our models may turn out to be inappropriate for the future period being modeled. In these instances, our ability to manage risk would be limited and our risk exposure and losses could be significantly greater than our models indicated, which could harm our reputation and adversely affect our revenues and profits. Finally, information provided to our regulators based on poorly designed or implemented models could be inaccurate or insufficient, which could adversely affect some of the decisions that our regulators make, including those related to capital distributions to our stockholders, and subject us to supervisory criticism and costs related to remediation." }, { "status": "UNCHANGED", "current_title": "Supervisory requirements and expectations on us as a financial holding company and a bank holding company and any regulator-imposed limits on our activities could adversely affect our ability to implement our strategic plan, expand our business, continue to improve our financial performance, and make capital distributions to our stockholders.", "prior_title": "Supervisory requirements and expectations on us as a financial holding company and a bank holding company and any regulator-imposed limits on our activities could adversely affect our ability to implement our strategic plan, expand our business, continue to improve our financial performance and make capital distributions to our stockholders.", "current_body": "Our operations are subject to regulation, supervision, and examination by the federal banking regulators, as well as the CFPB. As part of the supervisory and examination process, if we are unsuccessful in meeting the regulatory requirements and supervisory expectations that apply to us, regulatory agencies may from time to time take supervisory actions against us, including actions that may not be publicly disclosed. Such actions may include restrictions on our activities or the activities of our subsidiaries, informal (nonpublic) or formal (public) supervisory actions, or public enforcement actions, including the payment of civil money penalties, which could increase our costs and limit our ability to implement our strategic plans and expand our business and, as a result, could have a material adverse effect on our business, financial condition, or results of operations. See the “Regulation and Supervision” section in Item 1 for further information." }, { "status": "UNCHANGED", "current_title": "We operate in an industry that is highly competitive, which could result in losing business or margin declines and have a material adverse effect on our business, financial condition, and results of operations.", "prior_title": "We operate in an industry that is highly competitive, which could result in losing business or margin declines and have a material adverse effect on our business, financial condition and results of operations.", "current_body": "We operate in a highly competitive industry, which could become even more competitive as a result of legislative, regulatory, and technological changes, as well as continued consolidation. We face aggressive competition from other domestic and foreign lending institutions and from numerous other providers of financial services, including non-banking financial institutions that are not subject to the same regulatory restrictions as banks and BHCs, securities firms and insurance companies, and competitors that may have greater financial resources. With respect to non-banking financial institutions, technology and other changes have lowered barriers to entry and made it possible for non-banks to offer products and services traditionally provided by banks. For example, consumers can maintain funds that would have historically been held as bank deposits in brokerage accounts or mutual funds and can also complete transactions such as paying bills and/or transferring funds directly without the assistance of banks. In addition, the emergence, adoption, and evolution of new technologies that do not require intermediation, including distributed ledgers such as digital assets and blockchain, as well as advances in automation, artificial intelligence, and robotics, could significantly affect the competition for financial services. The process of eliminating banks as intermediaries, known as “disintermediation,” could result in the loss of fee income, as well as the loss of customer deposits and the related income generated from those deposits. Some of our non-bank competitors are not subject to the same regulations that we are and, therefore, may have greater flexibility in competing for business. As a result of these and other sources of competition, we could lose business to competitors or be forced to price products and services on less advantageous terms to retain or attract clients, either of which would adversely affect our profitability." }, { "status": "UNCHANGED", "current_title": "Our regulators may impose restrictions or limitations on our operations.", "prior_title": "Our regulators may impose restrictions or limitations on our operations.", "current_body": "From time to time, bank regulatory agencies take supervisory actions that restrict or limit a financial institution’s activities and lead it to raise capital or subject it to other requirements. In addition, as part of our examination process, our regulators may advise us to conduct significant remediation activities or operate under various restrictions as a prudential matter. Any such actions or restrictions, if and in whatever manner imposed, could adversely affect our costs and revenues. Moreover, efforts to comply with any such nonpublic supervisory actions or restrictions may require material investments in additional resources and systems, as well as a significant commitment of managerial time and attention. As a result, such supervisory actions or restrictions, if and in whatever manner imposed, could have a material adverse effect on our business and results of operations." }, { "status": "UNCHANGED", "current_title": "We are and may be subject to litigation that may have a material impact on our business.", "prior_title": "We are and may be subject to litigation that may have a material impact on our business.", "current_body": "Our operations are diverse and complex and we operate in legal and regulatory environments that expose us to potentially significant litigation risk. In the normal course of business, we have been named, from time to time, as a defendant in various legal actions, including arbitrations, class actions, and other litigation. These actions arise in connection with our activities as a financial services institution, including with respect to alleged unfair or deceptive business practices, mis-selling of certain products, violations of contract or intellectual property rights, and other compliance or operational failures. Certain of the actual or threatened legal actions include claims for substantial compensatory and/or punitive damages or claims for indeterminate amounts of damages. In some cases, the entities that would otherwise be the primary defendants in such cases are bankrupt or in financial distress. Moreover, a number of recent judicial decisions have upheld the right of borrowers to sue lending institutions on the basis of various evolving legal theories, collectively termed “lender liability.” Generally, lender liability is founded on the premise that a lender has either violated a duty, whether implied or contractual, of good faith and fair dealing owed to the borrower or has assumed a degree of control over the borrower resulting in the creation of a fiduciary duty owed to the borrower or its other creditors or stockholders. This could increase the amount of private litigation to which we are subject. For more information regarding ongoing significant legal proceedings in which we may be involved, see Note 17 in Item 8." }, { "status": "UNCHANGED", "current_title": "We are exposed to reputational risk and the risk of damage to our brands and the brands of our affiliates.", "prior_title": "We are exposed to reputational risk and the risk of damage to our brands and the brands of our affiliates.", "current_body": "Our success and results depend on our reputation and the strength of our brands. We are vulnerable to adverse market perception as we operate in an industry where integrity, customer trust, and confidence are paramount. We are exposed to the risk that litigation, employee misconduct, operational failures, the outcome of regulatory or other investigations or actions, press speculation and negative publicity, and perception of our sustainability and governance practices and disclosures, among other factors, could damage our brands or reputation. Our brands and reputation could also be harmed if we sell products or services that do not perform as expected or customers’ expectations for the product are not satisfied." }, { "status": "UNCHANGED", "current_title": "Our financial performance may be adversely affected by deterioration in borrower credit quality.", "prior_title": "Our financial performance may be adversely affected by deterioration in borrower credit quality.", "current_body": "Risks arising from actual or perceived changes in credit quality and uncertainty over the recoverability of amounts due from borrowers is inherent in our businesses. If the economic environment were to deteriorate, our borrowers may have difficulty in repaying their loans which could result in higher credit losses and increased loan loss provision expense. Further, our credit risk and credit losses may increase to the extent our loans are concentrated by loan type, industry segment, collateral type, borrower type, or location of the collateral or borrower. A significant portion of our earning assets are in the form of loans to borrowers across the U.S., primarily for residential, commercial and industrial, commercial real estate, education, and other retail purposes. A deterioration in economic conditions or changes in consumer or business behavior that negatively impact home or commercial property values could, in event of the borrower’s default, result in materially higher credit losses. Similarly, elevated unemployment levels and higher interest rates can adversely affect our customers’ ability to repay their loans, which can negatively impact our credit performance. The credit quality of our borrowers may deteriorate for a number of reasons that are outside our control, including prevailing economic and market conditions and collateral valuations. The trends and risks affecting borrower credit quality have caused, and in the future may cause, us to experience credit losses, impairment charges, increased repurchase demands, higher recovery costs, and an inability to engage in routine funding transactions, which could have a material adverse effect on our business, financial condition, and results of operations." }, { "status": "UNCHANGED", "current_title": "The conditions of other financial institutions or of the financial services industry could adversely affect our operations and financial condition.", "prior_title": "The conditions of other financial institutions or of the financial services industry could adversely affect our operations and financial condition.", "current_body": "Financial services institutions are typically interconnected as a result of trading, investment, liquidity, clearing, counterparty, and other relationships. Within the financial services industry, the default by any one institution could lead to defaults by other institutions. Concerns about, or a default by, one institution could lead to significant market and customer perception of the risk of similar problems at other institutions. This perception of risk could, in and of itself, lead to adverse impacts on liquidity, as the financial soundness of financial institutions is closely related as a result of the aforementioned relationships. Even the perceived lack of creditworthiness of, or questions about, a counterparty may lead to market-wide liquidity problems and losses or defaults by various institutions. This systemic risk may adversely affect financial intermediaries, such as clearing agencies, banks, and exchanges with which we interact on a daily basis, or key funding providers such as the FHLBs, any of which could have a material adverse effect on our access to liquidity or otherwise have a material adverse effect on our business, financial condition, and results of operations." }, { "status": "UNCHANGED", "current_title": "We could fail to attract, retain, or motivate highly-skilled and qualified personnel, including our senior management, other key employees, or members of our Board, which could impair our ability to successfully execute our strategic plan and otherwise adversely affect our business.", "prior_title": "We could fail to attract, retain or motivate highly-skilled and qualified personnel, including our senior management, other key employees or members of our Board, which could impair our ability to successfully execute our strategic plan and otherwise adversely affect our business.", "current_body": "Our ability to implement our strategic plan and our future success depends on our ability to attract, retain, and motivate highly-skilled and qualified personnel, including senior management, other key employees, and directors. The marketplace for skilled personnel continues to be competitive, which means the cost of hiring, incentivizing, and retaining skilled personnel may continue to rise. The failure to attract and retain highly-skilled and qualified personnel could place us at a significant competitive disadvantage and impair our ability to implement our strategic plan successfully and achieve our performance targets, which could have a material adverse effect on our business, financial condition, and results of operations. Limitations on the manner in which regulated financial institutions, such as us, can compensate their officers and employees may make it more difficult for such institutions to compete for talent with financial institutions and other companies not subject to these or similar limitations. If we are unable to compete effectively, our business, financial condition, and results of operations could be adversely affected, perhaps materially." }, { "status": "UNCHANGED", "current_title": "Climate change manifesting as physical or transition risks could adversely affect our operations, businesses, and customers.", "prior_title": "Climate change manifesting as physical or transition risks could adversely affect our operations, businesses and customers.", "current_body": "There is global concern over the risks of climate change and related environmental sustainability matters. The physical risks of climate change include discrete events, such as flooding and wildfires, and longer-term shifts in climate patterns, such as extreme heat, sea level rise, and more frequent and prolonged droughts. Such events could disrupt our operations or those of our clients, customers, or service providers, including through direct damage to assets and indirect impacts from supply chain disruption and market volatility. We are also exposed to risks associated with the transition to a lower-carbon economy in response to concerns around climate change. Such risks may result from changes in policies, laws and regulations, technologies, or market preferences that are intended to address climate change. These changes could adversely impact our or our customers’ business, results of operations, financial condition, and reputation. This could occur as a result of our or our customers’ involvement in, or decision not to participate in, certain industries or projects associated with exacerbating climate change, as well as any decisions we make to continue to conduct or change our activities in response to considerations related to climate change. For example, a number of states in which we operate have enacted or proposed statutes and regulations addressing climate change and sustainability issues, while certain other states have enacted, or have proposed to enact, divergent or sometimes conflicting statutes, regulations, or policies. Uncertainties and changes in legislation, regulations, and/or global standards related to climate risk management and practices may result in higher regulatory, compliance, credit, and/or reputational risks and costs." }, { "status": "UNCHANGED", "current_title": "A reduction in our credit ratings could have a material adverse effect on our business, financial condition, and results of operations.", "prior_title": "A reduction in our credit ratings could have a material adverse effect on our business, financial condition and results of operations.", "current_body": "Credit ratings affect the cost and associated terms upon which we are able to obtain funding. Rating agencies regularly evaluate us, with their ratings based on a number of factors, including our financial strength and conditions affecting the financial services industry generally. Any downgrade in our ratings would likely increase our borrowing costs and could limit our access to capital markets, which would adversely affect our business. For example, a ratings downgrade could adversely affect our ability to sell or market our securities, including long-term debt, engage in certain longer-term derivative transactions, and retain customers, who may require a minimum credit rating in order to place funds with us. In addition, under the terms of our derivatives contracts, we may be required to post additional collateral or terminate such contracts if we don’t maintain a minimum credit rating. Any of these impacts of a ratings downgrade could increase our cost of funding, reduce our liquidity, and have adverse effects on our business, financial condition, and results of operations. For more information regarding our credit ratings, see the “Liquidity Risk” section in Item 7." }, { "status": "UNCHANGED", "current_title": "We rely heavily on communications and information systems to conduct our business.", "prior_title": "We rely heavily on communications and information systems to conduct our business.", "current_body": "Any failure, interruption, or breach in the security of our communication and information system due to, among other things, cyberattacks or our failure to adequately maintain and manage our systems or implement system changes and upgrades, could result in failures or disruptions in our customer relationship management, general ledger, deposit, loan, and other systems. Although our policies and procedures are designed to prevent or limit the effect of the possible failure, interruption, or security breach of our information systems, there can be no assurance that these policies and procedures will be successful and that any such failure, interruption, or security breach will not occur or, if they do occur, that they will be adequately addressed. The occurrence of any failure, interruption, or security breach of our information systems could require us to devote substantial resources to recovery and response efforts, damage our reputation, result in a loss of customer business, subject us to additional regulatory scrutiny, or expose us to civil litigation and possible financial liability. Although we maintain insurance coverage for information security events, we may incur losses as a result of such events that are not insured against or not fully covered by our insurance." }, { "status": "UNCHANGED", "current_title": "The Parent Company could be required to act as a “source of strength” to CBNA, which would have a material adverse effect on our business, financial condition, and results of operations.", "prior_title": "The Parent Company could be required to act as a “source of strength” to CBNA, which would have a material adverse effect on our business, financial condition and results of operations.", "current_body": "FRB policy historically required BHCs to act as a source of financial and managerial strength to their subsidiary banks. This support may be required by the FRB at times when we might otherwise determine not to provide it or when doing so is not otherwise in the interests of CFG or our stockholders or creditors, and may include one or more of the following: •The Parent Company may be compelled to contribute capital to CBNA, including by engaging in a public offering to raise such capital. Furthermore, any extensions of credit from the Parent Company to CBNA that are included in CBNA’s capital would be subordinate in right of payment to depositors and certain other indebtedness of CBNA; •In the event of a BHC’s bankruptcy, any commitment that the BHC had been required to make by a federal bank regulatory agency to maintain the capital of a subsidiary bank will be assumed by the bankruptcy trustee and entitled to priority of payment; and •In the event of impairment of the capital stock of CBNA, the Parent Company, as CBNA’s stockholder, could be assessed for the deficiency and required to pay that amount to CBNA." }, { "status": "UNCHANGED", "current_title": "Our framework for managing risks may not be effective in mitigating risk and loss.", "prior_title": "Our framework for managing risks may not be effective in mitigating risk and loss.", "current_body": "Our risk management framework is made up of various processes and strategies to manage our risk exposure and may not be effective under all conditions and circumstances. If our risk management framework proves ineffective, we could suffer unexpected losses and could be materially adversely affected. One of the main types of risks inherent in our business is credit risk. An important feature of our credit risk management system is to employ an internal credit risk control system through which we identify, measure, monitor, and mitigate the existing and emerging credit risk of our customers. This process involves a detailed analysis of the customer or credit risk, taking into account both quantitative and qualitative factors, and is inherently subject to human error. In exercising their judgment, our employees may not always be able to assign an accurate credit rating to a customer or credit risk, which may result in our exposure to higher credit risks than indicated by our risk rating system. In addition, we have undertaken certain actions to enhance our credit policies and guidelines to address potential risks associated with particular industries or types of customers. However, we may not be able to effectively implement these initiatives, or consistently follow and refine our credit risk management system, which may result in an increase in the level of nonaccrual loans and a higher risk exposure for us, which could have a material adverse effect on us." }, { "status": "UNCHANGED", "current_title": "Changes in interest rates may have an adverse effect on our liquidity and profitability.", "prior_title": "Changes in interest rates may have an adverse effect on our liquidity and profitability.", "current_body": "Changes in interest rates can have a material impact on the value of our securities portfolio, the primary objective of which is to provide a readily available source of liquidity. An increase in rates could lower the collateral value of these securities, reducing the amount we could borrow and leading to losses in the event of their sale. Since our earning assets are primarily in the form of loans and debt securities, changes in interest rates can have a material impact on our net interest income, net interest margin, fee income, and credit costs. Our asset yields and funding costs may not rise or fall in parallel in response to changes in interest rates, causing our net interest income to increase or decrease and our net interest margin to expand or contract. If our funding costs rise faster than our asset yields, or if our asset yields fall faster than our funding costs, our net interest income could decrease and our net interest margin could contract. An increase in interest rates could weaken demand for loans by customers, reducing our net interest income due to lower loan balances and origination-related fee income due to lower production volume. An increase in rates could also have an adverse impact on our credit costs, as borrowers may have difficulty in making higher interest payments, as well as on our AFS securities portfolio, which could trigger the recognition of losses in the event the securities need to be sold. Similarly, a decrease in interest rates could reduce our net interest income, net interest margin, and fee income. A prolonged period of low interest rates may result in us holding lower yielding loans and securities should rates rise rapidly after such a period. Changes in the spread between short-term and long-term interest rates (i.e., the yield curve) can also have a material impact on our net interest income and net interest margin. The yield curve, typically upward sloping with short-term rates lower than long-term rates, could cause our net interest income and net interest margin to decline if it were to flatten or invert, as the cost of our short-term funding is likely to increase relative to the yield we can earn on our long-term assets. Interest rates and the yield curve are highly sensitive to many factors that are beyond our control, including general economic conditions and the policies of various governmental and regulatory agencies, most notably the Federal Open Market Committee. Although we have policies and procedures designed to manage our interest rate risk as discussed in the “Risk Management” section in Item 7, there can be no assurance that these policies and procedures will be effective in preventing material adverse effects on our profitability." }, { "status": "UNCHANGED", "current_title": "Intellectual Property", "prior_title": "Intellectual Property", "current_body": "Trademarks, service marks, and logos are important to the success of our business in the highly competitive banking industry in which we operate. We own and license a variety of trademarks, service marks, and logos and are developing resources to enhance our stand-alone brands." }, { "status": "UNCHANGED", "current_title": "Our ability to meet our obligations, and the cost of funds to do so, depend on our ability to access identified sources of liquidity at a reasonable cost.", "prior_title": "Our ability to meet our obligations, and the cost of funds to do so, depend on our ability to access identified sources of liquidity at a reasonable cost.", "current_body": "Liquidity risk is the risk arising from the inability to meet our obligations when they come due. We must maintain adequate funding to meet current and future obligations, including customer loan requests, deposit maturities and withdrawals, debt service, leases, and other cash commitments, under both normal operating conditions and periods of company-specific and/or market stress. We rely on customer deposits to be our primary stable and low-cost source of funding. Our other funding sources are dependent on our ability to securitize loans in secondary markets, raise funds in the debt and equity capital markets, pledge loans and/or securities for borrowing from the FHLB, pledge securities as collateral for borrowing under repurchase agreements, and sell AFS securities. Our ability to meet our obligations and support our operations could be materially affected by a variety of conditions, including market-wide illiquidity or disruption, a general loss of market or customer confidence in the financial services industry or in the Company specifically, or reductions in one or more of our credit ratings. These conditions could limit our ability to retain deposits, securitize or sell assets, access debt and equity capital markets, or otherwise borrow money at a reasonable cost. If these conditions, among others, are severe enough they could also create unanticipated material outflows of cash due to, among other factors, draws on unfunded commitments or deposit attrition, which could have a significant adverse impact on our liquidity. In addition, changes to the FHLB’s or the FRB’s underwriting guidelines for wholesale borrowings or lending policies may limit or restrict our ability to borrow and could have a significant adverse impact on our liquidity as a result." }, { "status": "UNCHANGED", "current_title": "We are subject to a variety of cybersecurity risks that, if realized, could adversely affect how we conduct our business.", "prior_title": "We are subject to a variety of cybersecurity risks that, if realized, could adversely affect how we conduct our business.", "current_body": "Evolving technologies, including the introduction of Generative Artificial Intelligence and Large Language Models, and the increased sophistication and activities of organized crime, hackers, terrorists, nation-states, activists, and other external parties present a significant information security risk to large financial institutions such as us. Third parties with whom we or our customers do business also present operational and information security risks to us, including security breaches or failures of their own systems. Risks related to cyberattacks on our vendors and other third parties, including supply chain attacks affecting our software and information technology service providers, are on the rise as such attacks become more frequent and severe. Employee error, failure to follow security procedures, or malfeasance also present these risks. Our operations rely on the secure processing, transmission, and storage of confidential information in our computer systems and networks as well as in the third-party computer systems and networks used to provide products and services on our behalf. Although we believe that we have appropriate information security procedures and controls based on our adherence to applicable laws and regulations and industry standards, our technologies, systems, and networks may be the target of cyberattacks or information security breaches that could result in the unauthorized release, gathering, monitoring, misuse, theft, sale, or loss or destruction of the confidential and/or proprietary information of CFG, and our customers, vendors, counterparties, or employees. We and our third-party vendors are under continuous threat of loss or network degradation due to cyberattacks, such as computer viruses, malicious or destructive code, phishing attacks, ransomware, and Distributed Denial of Service attacks (collectively, “fraudulent schemes”). Also, our customers are routinely the target of fraudulent schemes as we continue to expand customer capabilities to utilize the Internet and other remote channels to transact business. Two of the most significant cyberattack risks that we face as a result of these fraudulent schemes are potential loss of funds resulting from customers falling victim to cybercriminal communications directed to them or unauthorized access to sensitive customer data. Cybercriminals can use fraudulent schemes directly targeting our customers or our own systems to compromise and directly extract funds from a customer’s account or access sensitive customer data. Certain technology protections such as Customer Profiling and Step-Up Authentications have been implemented, but there can be no assurance that these protections will be effective. As cyber threats continue to evolve, we may be required to expend significant additional resources to continue to modify or enhance our layers of defense, to investigate and remediate any information security vulnerabilities internally, to assess and mitigate issues associated with customers that have fallen victim to fraudulent schemes, and perform additional due diligence with respect to our third-party vendors. System enhancements and updates may also create risks associated with implementing new systems and integrating them with existing ones. Due to the complexity and interconnectedness of information technology systems, the process of enhancing our layers of defense can itself create a risk of system disruptions and security issues. In addition, addressing certain information security vulnerabilities, such as hardware-based vulnerabilities, may affect the performance of our information technology systems. The ability of our hardware and software providers to deliver patches and updates to mitigate vulnerabilities in a timely manner can introduce additional risks, particularly when a vulnerability is being actively exploited by threat actors. Cyberattacks against the patches themselves have also proven to be a significant risk that companies will have to address going forward. Despite our efforts to prevent a cyberattack, a successful one could persist for an extended period of time before being detected, and, following detection, could take considerable time for us to obtain full and reliable information about the cybersecurity incident and the extent, amount, and type of information compromised. During the course of an investigation, we may not necessarily know the full effects of the incident or how to remediate it, and actions and decisions that are taken or made in an effort to mitigate risk may further increase the costs and other negative consequences of the incident. Moreover, existing regulations may require us to disclose information about a cybersecurity event before it has been resolved or fully investigated. The techniques used by cyber criminals change frequently, may not be recognized until launched, and can be initiated from a variety of sources, including terrorist organizations and hostile foreign governments. These actors may attempt to fraudulently induce employees, customers, or other third-party users of our systems to disclose sensitive information in order to gain access to data or our systems. In the event that a cyberattack is successful, our business, financial condition, or results of operations may be adversely affected." }, { "status": "UNCHANGED", "current_title": "As a financial holding company and a bank holding company, we are subject to regulation that could have a material adverse effect on our business and results of operations.", "prior_title": "As a financial holding company and a bank holding company, we are subject to comprehensive regulation that could have a material adverse effect on our business and results of operations.", "current_body": "As a FHC and a BHC, we are subject to regulation, supervision, and examination by the FRB. In addition, CBNA is subject to regulation, supervision, and examination by the OCC. Our regulators supervise us through examinations and other means that allow them to gauge management’s ability to identify, assess, and control risk in all areas of operations in a safe and sound manner and to ensure compliance with laws and regulations. In the course of their supervision and examinations, our regulators may require improvements in various areas. We may be required to devote substantial resources to meet supervisory expectations or remediate supervisory findings. In addition, the failure to meet supervisory expectations can result in practical limitations on the ability of a bank, BHC, or FHC to engage in new activities, pursue growth opportunities, engage in acquisitions, return capital to shareholders through repurchases or dividends, or continue to conduct existing activities. If we are unable to implement and maintain any required actions in a timely and effective manner, we could become subject to informal (nonpublic) or formal (public) supervisory actions and public enforcement orders that could lead to significant restrictions on our existing business or on our ability to engage in any new business. Such forms of supervisory action could include, without limitation, written agreements, cease and desist orders, and consent orders and may, among other things, result in restrictions on our ability to pay dividends, requirements to increase capital, restrictions on our activities, the imposition of civil monetary penalties, and enforcement of such actions through injunctions or restraining orders. We could also be required to dispose of certain assets and liabilities within a prescribed period. The terms of any such supervisory or enforcement action could have a material adverse effect on our business, financial condition, and results of operations. We are a BHC that has elected to become a FHC pursuant to the Bank Holding Company Act. FHCs are allowed to engage in certain financial activities in which a BHC is not otherwise permitted to engage. However, to maintain FHC status, a BHC and all of its depository institution subsidiaries must be “well capitalized” and “well managed.” If a BHC ceases to meet these capital and management requirements, there are many penalties it would be faced with, including the imposition of limitations or conditions on the conduct of its activities by the FRB, as well as the inability to undertake any of the broader financial activities permissible for FHCs or to acquire a company engaged in such financial activities without prior approval of the FRB. If a company does not return to compliance within 180 days, which period may be extended, the FRB may require divestiture of the company’s depository institutions. If we fail to meet FHC requirements and remediate deficiencies in a timely manner, there could be a material adverse effect on our business, financial condition, and results of operations." }, { "status": "UNCHANGED", "current_title": "Competition", "prior_title": "Competition", "current_body": "The financial services industry is highly competitive. Our retail branch footprint is predominantly in the New England, Mid-Atlantic, and Midwest regions, and our Private Bank footprint includes offices in California, Florida, New York, and Massachusetts. Certain lines of our business also serve national markets. We face competition within these markets from community banks, super-regional and national financial institutions, credit unions, savings and loan associations, mortgage banking firms, consumer finance companies, securities brokerage firms, insurance companies, money market funds, hedge funds, and private equity firms. Some of our larger competitors may offer a broader array of products, pricing, and structure alternatives to their customers, while some smaller competitors may have more liberal lending policies and processes. In addition, some of our competitors are not subject to the same regulatory requirements as we are and, therefore, may have lower costs they can pass on to customers. Competition among providers of financial products and services continues to increase, with consumers and businesses having the opportunity to select from a growing variety of traditional and nontraditional alternatives, such as Private Credit/Direct lenders. The ability of non-banking financial institutions, including FinTech companies, to provide services previously limited to commercial banks has also intensified competition. In Consumer Banking, the industry has become increasingly dependent on and oriented toward technology-driven delivery systems, permitting transactions to be conducted through online and mobile channels. In addition, technology has lowered barriers to entry and made it possible for non-bank institutions to attract funds and provide lending and other financial products and services. The emergence of digital-only banking models has increased and we expect this trend to continue. These models are typically able to offer higher rates on deposit products than traditional retail banking institutions given their lower cost structure. The primary factors driving competition for loans and deposits are interest rates, fees charged, tailored value propositions to different customer segments, customer service levels, convenience, including branch locations and hours of operation, and the range of products and services offered. In Commercial Banking, we face competition in all our client segments from a variety of industry participants including traditional banking institutions, particularly large regional banks, as well as commercial finance companies, leasing companies, other non-bank lenders, and institutional investors, including collateralized loan obligation managers, hedge funds, and private equity firms. Some larger competitors, including certain national banks that compete in our markets, may offer a broader array of products and be positioned to hold more exposure on their balance sheet due to their asset size. We compete on a number of factors including providing innovative corporate finance solutions, quality of customer service and execution, range of products offered, price, and reputation." }, { "status": "UNCHANGED", "current_title": "Inflationary pressures could have an adverse effect on our business, financial position, and results of operations.", "prior_title": "Inflationary pressures could have an adverse effect on our business, financial position and results of operations.", "current_body": "Volatility and uncertainty related to inflation and its associated effects may enhance or contribute to certain risks that we face by negatively impacting our funding costs and expenses, including increasing funding costs and expenses related to talent acquisition and retention. Inflation may also negatively impact consumer demand and client purchasing power for our products and services, as well as the ability of our borrowers to repay their obligations. These inflationary pressures would likely have an adverse impact on our business, financial position, and results of operations." }, { "status": "UNCHANGED", "current_title": "We may not be able to successfully execute our business strategy.", "prior_title": "We may not be able to successfully execute our business strategy.", "current_body": "Our future success and the value of our stock depends, in part, on our ability to effectively implement our business strategy and achieve our financial performance goals across our Consumer and Commercial businesses, including our Private Bank. Risks and uncertainties associated with each element of our strategy exist, many of which are not within our control. If we are not able to successfully execute our business strategy, we may not achieve our financial performance goals and any shortfall may be material. See the “Business Strategy” section in Item 1 for further information." } ] }