CHFC 2017 Annual Report

We face a risk of noncompliance with the Bank Secrecy Act and other anti-money laundering statutes and regulations and corresponding enforcement proceedings. The federal Bank Secrecy Act, the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (which we refer to as the “PATRIOT Act”) and other laws and regulations require financial institutions, among other duties, to institute and maintain effective anti-money laundering programs and to file suspicious activity and currency transaction reports as appropriate. FinCEN, established by the U.S. Treasury Department to administer the Bank Secrecy Act, is authorized to impose significant civil money penalties for violations of those requirements and has engaged in coordinated enforcement efforts with the individual federal banking regulators, as well as the U.S. Department of Justice, Drug Enforcement Administration and Internal Revenue Service. There is also increased scrutiny of compliance with the rules enforced by the OFAC. Federal and state bank regulators also have focused on compliance with Bank SecrecyAct and anti-money laundering regulations. If our policies, procedures and systems are deemed deficient or the policies, procedures and systems of the financial institutions that we have already acquired or may acquire in the future are deficient, we would be subject to liability, including fines and regulatory actions such as restrictions on our ability to pay dividends and the necessity to obtain regulatory approvals to proceed with certain aspects of our business plan, including our acquisition plans, which would negatively impact our business, financial condition, results of operations and prospects. Sanctions that the regulators have imposed on banks that have not complied with all requirements have been especially severe. Failure to maintain and implement adequate programs to combat money laundering and terrorist financing could also have serious reputational consequences for us. Litigation filed against Talmer, its board of directors and the Corporation could result in the payment of damages. In connection with the Talmer merger transaction, purported Talmer stockholders have filed putative class action lawsuits against Talmer, its board of directors and the Corporation. These lawsuits could result in substantial costs to us, including any costs associated with indemnification. The defense or settlement of the lawsuits may adversely affect our business, financial condition, results of operations, cash flows and market price. Because our total assets exceed $10 billion, we are subject to additional regulation, increased supervision and increased costs. The Dodd-Frank Act imposes additional regulatory requirements on financial institutions with $10 billion or more in total assets, such as us. We crossed $10 billion in total assets as a result of our merger with Talmer in August 2016, and we had $19.28 billion in total assets as of December 31, 2017. As a result, we are now subject to the following additional requirements: • supervision, examination and enforcement by the CFPB with respect to consumer financial protection laws; • regulatory stress testing requirements, whereby we are required to conduct an annual stress test (using assumptions for baseline, adverse and severely adverse scenarios); • a modified methodology for calculating FDIC insurance assessments and potentially higher assessment rates as a result of institutions with $10 billion or more in assets being required to bear a greater portion of the cost of raising the reserve ratio to 1.35% as required by the Dodd-Frank Act; • heightened compliance standards under the Volcker Rule; and • enhanced supervision as a larger financial institution. In addition, under the Durbin Amendment to the Dodd-Frank Act, institutions with $10 billion or more in assets are subject to a cap on the interchange fees that may be charged in certain electronic debit and prepaid card transactions. The maximum permissible interchange fee for electronic debit transactions is the sum of 21 cents per transaction and five basis points multiplied by the value of the transaction. In addition, an issuer may charge up to one cent on each transaction as a fraud prevention adjustment if the issuer meets certain fraud prevention standards. The imposition of these regulatory requirements and increased supervisionmay require additional commitment of financial resources to regulatory compliance and may increase our cost of operations. Further, the results of the stress testing process may lead us to retain additional capital or alter the mix of its capital components. Our core banking system conversion process could expose us to operating and financial risks. We are currently in the process of converting our core banking system. Although we do not anticipate any material complications associated with this conversion process, we can give no assurances that the new core banking system will be operational within the timeline currently contemplated or that the additional expenses allocated to implement the new system will be sufficient. Since the core banking system is integral to our operations, any delays or increased costs beyond those budgeted could adversely impact our operations and profitability. Even if implemented within the scheduled timeline and within the expected budget, the change to our core banking system could expose us to new risks associated with new systems and new vendors. Further, 18