CASH 2018 Special Proxy Statement

Crestmark may also be subject to disruptions of its operating systems arising from events that are wholly or partially beyond its control, including, for example, computer viruses or electrical or telecommunications outages, which may give rise to losses in service to customers and to loss or liability to Crestmark. Crestmark is further exposed to the risk that its external vendors may be unable to fulfill their contractual obligations to it, or will be subject to the same risk of fraud or operational errors by their respective employees as is Crestmark, and to the risk that Crestmark’s or its vendors’ business continuity and data security systems prove to be inadequate. Crestmark also faces the risk that the design of its controls and procedures proves inadequate or is circumvented, causing delays in detection or errors in information. Although Crestmark maintains a system of controls designed to keep operational risks at appropriate levels, there can be no assurance that it will not suffer losses from operational risks in the future that may be material in amount. Crestmark is subject to significant government regulation, and any regulatory changes may adversely affect Crestmark. The banking industry is heavily regulated under both federal and state law. These regulations are primarily intended to protect customers, the federal deposit insurance fund, and the stability of the U.S. financial system, not Crestmark’s creditors or shareholders. Existing state and federal banking laws subject Crestmark to substantial limitations with respect to the making of loans, the purchase of securities, the payment of dividends and many other aspects of Crestmark’s business. Some of these laws may benefit Crestmark, others may increase Crestmark’s costs of doing business, or otherwise adversely affect Crestmark and create competitive advantages for others. Regulations affecting banks and financial services companies undergo continuous change, which may be accelerated by the recent change in the federal administration, and Crestmark cannot predict the ultimate effect of these changes, which could have a material adverse effect on Crestmark’s profitability or financial condition. Federal economic and monetary policy may also affect Crestmark’s ability to attract deposits, make loans and achieve satisfactory interest spreads. Minimum capital requirements have increased. The provisions of the Dodd-Frank Act relating to capital to be maintained by financial institutions approach convergence with the standards (generally known as Basel III) adopted in December, 2010 by the Group of Governors and Heads of Supervision, the oversight body of the Basel Committee on Banking Supervision. Among other things, those standards contain a narrower definition of elements qualifying for inclusion as Tier 1 capital and higher minimum risk-based capital levels than those specified in previous U.S. law and regulations. In July, 2013, the U.S. federal bank regulatory agencies adopted regulations to implement the provisions of the Dodd-Frank Act and Basel III for U.S. financial institutions. The new regulations became applicable to Crestmark effective January 1, 2015. The new regulations implemented (i) revised definitions of regulatory capital elements, (ii) a new common equity Tier 1 (“CET 1”) minimum capital ratio requirement, (iii) an increase in the existing minimum Tier 1 capital ratio requirement, (iv) new limits on capital distributions and certain discretionary bonus payments if an institution does not hold a specified amount of CET 1 (called a capital conservation buffer) in addition to the amount required to meet its minimum risk-based capital requirements, (v) new risk-weightings for certain categories of assets, and (vi) other requirements applicable to banking organizations which have total consolidated assets of $250 billion or more, total consolidated on-balance sheet foreign exposure of $10 billion or more, elect to use the advanced measurement approach for calculating risk-weighted assets, or are subsidiaries of banking organizations that use the advanced measurement approach (“Advanced Approaches Entities”). Among other things, the new regulations generally require banking organizations to recognize in regulatory capital most components of accumulated other comprehensive income (“AOCI”), including accumulated unrealized gains and losses on available for sale securities. This requirement, which was not imposed under previous risk-based capital regulations, may be avoided by banking organizations, such as Crestmark, that are not Advanced Approaches Entities, by making a one-time, irrevocable election on the first quarterly regulatory report 27