CHFC 2018 Annual Report

The deposit operations of Chemical Bank are also subject to federal laws, such as: • the Federal Deposit InsuranceAct, which, among other things, limits the amount of deposit insurance available per account to $250,000 and imposes other limits on deposit-taking; • the Right to Financial PrivacyAct, which imposes a duty to maintain the confidentiality of consumer financial records and prescribes procedures for complying with administrative subpoenas of financial records; • the Electronic Funds Transfer Act and Regulation E, which governs automatic deposits to and withdrawals from deposit accounts and customers’ rights and liabilities arising from the use of automated teller machines and other electronic banking services; and • the Truth in Savings Act and Regulation DD, which requires depository institutions to provide disclosures so that consumers can make meaningful comparisons about depository institutions and accounts. Community Reinvestment Act Banks are subject to the provisions of the CRA. Under the terms of the CRA, the appropriate federal bank regulatory agency is required, in connection with its examination of a bank, to assess such bank's record in meeting the credit needs of the community served by that bank, including low and moderate income neighborhoods, consistent with the safe and sound operation of the institution. Under the CRA, institutions are assigned a rating of "outstanding," "satisfactory," "needs to improve," or "substantial non-compliance." The regulatory agency's assessment of the bank's record is made available to the public. Further, a bank's federal regulatory agency is required to assess the CRAcompliance record of any bank that has applied to: (1) obtain deposit insurance coverage for a newly chartered institution, (2) establish a new branch office that will accept deposits, (3) relocate an office, or (4) merge or consolidate with, or acquire the assets or assume the liabilities of, a federally regulated financial institution. In the case of a bank holding company applying for approval to acquire a bank or another bank holding company, the FRB will assess the CRA compliance record of each subsidiary bank of the applicant bank holding company, and such compliance records may be the basis for denying the application. Upon receiving notice that a subsidiary bank is rated less than "satisfactory," a financial holding company will be prohibited from additional activities that are permitted to a financial holding company and from acquiring any company engaged in such activities. Chemical Bank's CRA rating was "satisfactory" as of December 31, 2018. Financial Privacy Federal banking regulations limit the ability of banks and other financial institutions to disclose non-public information about consumers to nonaffiliated third parties. These limitations require disclosure of privacy policies to consumers and, in some circumstances, allowconsumers to prevent disclosure of certain personal information to a nonaffiliated third party. These regulations affect how consumer information is transmitted through diversified financial companies and conveyed to outside vendors. Chemical Bank is also subject to regulatory guidelines establishing standards for safeguarding customer information. These guidelines describe the federal banking agencies’ expectation for the creation, implementation and maintenance of an information security program, which would include administrative, technical and physical safeguards appropriate to the size and complexity of the institution and the nature and scope of its activities. The standards set forth in the guidelines are intended to ensure the security and confidentiality of customer records and information, protect against any anticipated threats or hazards to the security or integrity of such records and protect against unauthorized access to or use of such records or information that could result in substantial harm or inconvenience to any customer. Anti-Money Laundering and the USA Patriot Act A major focus of governmental policy on financial institutions has been aimed at combating money laundering and terrorist financing. The Bank Secrecy Act of 1970 ("BSA") and subsequent laws and regulations require Chemical Bank to take steps to prevent the use of the bank or its systems to facilitate the flowof illegal or illicit money or terrorist funds. Those requirements include ensuring effective board and management oversight, establishing policies and procedures, performing comprehensive risk assessments, developing effective monitoring and reporting capabilities, ensuring adequate training and establishing a comprehensive independent audit of BSAcompliance activities. The USAPATRIOTAct of 2001 ("USAPatriotAct") substantially broadened the scope of United States anti-money laundering laws and regulations by imposing significant compliance and due diligence obligations, creating new crimes and penalties and expanding the extra-territorial jurisdiction of the United States. The United States Treasury Department has issued, and in some cases proposed, a number of regulations that apply various requirements of theUSAPatriotAct to financial institutions. These regulations impose obligations on financial institutions tomaintain appropriate policies, procedures and controls to detect, prevent and report money laundering and terrorist financing and to verify the identity of their customers. Certain of those regulations impose specific due diligence requirements on financial institutions that maintain correspondent or private banking relationships with non-U.S. financial institutions or persons. Failure of a financial institution to 16