Audit Committee Charter

I. PURPOSE

The Audit Committee is a committee of the Board of Directors. The primary function of the Audit Committee is to fulfill its oversight responsibilities for financial reports, the external auditor, and the system of internal controls relating to the preparation of financial reports, including controls relating to the Bank’s compliance with laws and regulations.

II. AUTHORITY

To enable the Audit Committee's ability to fulfill its purpose, the following authorities have been specifically assigned by the board and/or are required by regulation:

• Determine the appointment, compensation, and retention of the external auditor retained to prepare the financial audit reports. Give prior approval for any non-audit services performed by the external auditor, in compliance with FCA regulation and auditor independence provisions. The independent accountant shall report directly to and be supervised by the Audit Committee.
• Serve as an independent and objective party to review the financial information and internal control assertion presented by management to the shareholders, regulators, and the general public.
• Oversee the institution’s system of internal control related to the preparation of financial reports, including controls of the institution to ensure compliance with laws and regulations.
• Oversee the Bank’s internal audit function. The Chief Audit Executive (CAE) will report functionally to the audit committee and provide regular updates on the activities of the internal audit function to the committee.
• Monitor the Bank’s compliance with legal and regulatory requirements, including reporting and compliance with whistleblower and standard of conduct activities.
• Have full access to all books, records, facilities, and personnel of the Bank, and the power and resources to retain outside counsel or other experts considered necessary in discharging its oversight role including retaining services for training on industry best practices. A two-thirds majority vote of the Board of Directors is required to deny request for resources.

III. COMPOSITION

The Audit Committee shall be comprised of the full Board, each member of which shall be free from any relationship that would interfere with the exercise of his or her independent judgment as a member of the Committee. Members of the Committee should be knowledgeable in at least one of the following: public and corporate finance, financial reporting and disclosure or accounting procedures. The Committee must have one financial expert as required by FCA regulation 620.30.

The Chairman and Vice Chairman shall be appointed by the Chairman of the Board at the annual organizational meeting of the Board and shall serve until their successor shall be duly selected and qualified.

IV. MEETINGS

The Committee shall meet at least four times annually, or more frequently as circumstances dictate. As part of its job to foster open communication, the Committee shall meet as often as needed, but at least once per year with management, the CAE, and the external auditor in separate executive sessions to discuss any matters that the Committee or any of these groups believe should be discussed. The Audit Committee Chairman may determine who should be included in those executive sessions. Meetings may be called by the Chairman or Vice Chairman of the Committee or by the Chairman of the Board. Minutes shall reflect the meetings, parties involved and any actions taken.

V. RESPONSIBILITIES

         Financial Reports

1. Review and determine the adequacy of the institution’s accounting policies and practices, and any accounting policy changes relating to preparation of financial statements through discussions with Internal Audit, external auditor and bank management. Receive and review periodic reporting on current regulatory, accounting or reporting developments and any significant accounting changes from management.

2. Review and approve the Bank's annual and quarterly financial statements prior to release and review and any reports or other significant financial information including any certification, report, opinion, or review rendered by the external auditor.

3. Review and approve, prior to the issuance, each press release of financial results.

4. Review the interim and annual financial information with management and the external auditor as reported in the quarterly Call Report with the FCA and the MASK Report submitted to the Funding Corporation.

5. Review, prior to release of information, any (1) significant deficiencies and material weaknesses in the design or operation of internal controls over financial reporting and (2) any fraud, whether or not material, that involves management or other employees who have a significant role in internal controls.

6. Review (1) the effect of off-balance sheet arrangements that either have, or are reasonably likely to have, a current or future effect on financial condition, changes in financial condition, revenues or expenses, results of operations, liquidity, capital expenditures, or capital resources that is material to investors and (2) earnings press releases and other reports or written electronic material disclosing “pro-forma,” or “adjusted” non-GAAP information.

   
   
   External Auditors
   
   

7. Discuss with the external auditors, prior to the release of the annual audited financial statements, all (1) critical accounting policies and practices used by the Bank, (2) all material alternative accounting treatments of financial information within authoritative accounting guidance that have been discussed with management, including the ramifications of the use of such alternative treatments, and disclosures and the treatment preferred by the independent accountant, and (3) other material written communications between the external auditor and management, such as management letter, schedule of unadjusted differences, reports on observations and recommendations on internal controls, a listing of adjustments and reclassifications not recorded, and the independent accountant’s independence letter. Discuss any other matters required to be discussed by the Public Company Accounting Oversight Board Auditing Standard 1301: Communications with Audit Committees.

8. Approve the selection of the external auditor considering independence and effectiveness in accordance with bank policy and applicable FCA regulation, review the planning, scoping and staffing for the annual audit, and approve the fees and other compensation to be paid to the external auditor. The Audit Committee expressly authorizes the Committee Chair to, jointly with Bank management, execute the engagement letter with the external auditor and the engagement for Internal Credit Review.

9. Pre-approve audit, audit related and permissible non-audit services, including an evaluation of independence in accordance with bank policy, to be provided by the external auditor. On an annual basis, the Committee should obtain and review a formal written statement from the external auditor that discusses all significant relationships the accountants have with the Bank.

10. Review the performance of the external auditor and approve any replacement of the external auditor when circumstances warrant.

11. Review with the external auditor any problems or difficulties the accountants may have encountered during the annual review including any disagreement among management and the external auditor or the Internal Audit department in connection with the preparation of the financial statements.

12. Review any recommendations in the management letter provided by the accountants and management’s response to the letter.

13. Review fees paid to the external auditor on a quarterly basis.

14. Discuss with the external auditor their judgments about the quality and appropriateness of the Bank's accounting principles as applied in its financial reporting.

15. Periodically consult with the external auditor in executive session to discuss internal controls and the completeness and accuracy of the organization's financial statements.
    
    Internal Controls
    
    

16. Evaluate the adequacy of the Bank’s internal controls by review of written reports from the internal and external auditors, and management. Monitor management’s response and actions to correct any noted deficiencies.

17. Receive periodic reports on internal controls or certain control environments (i.e. SSAE 16, UAP, Section 404).

18. Meet at least annually, or as needed, with the chief executive officer to discuss and provide input on the Bank’s system of internal controls.

    
    
    Internal Auditor
    
    

19. The Bank’s Chief Audit Executive (CAE) will report functionally to the Audit Committee and administratively to the CEO. To fulfill this role, the Audit Committee will work with the CEO to prepare the evaluation of the CAE on an annual basis. As needed, the committee will participate in the selection, hiring, and firing of the CAE.

20. Review the risk assessment process and approve the scope of Internal Audit’s plan for the year.

21. On a quarterly basis, review the status of the internal audit plan and the Internal Audit department’s follow-up activities to ascertain management’s efforts to respond to audit issues.

22. Receive a report on Internal Audit’s Quality Assurance and Improvement Program, including an opinion on conformance to the mandatory guidance of The Institute of Internal Auditor’s International Professional Practices Framework.

23. Meet in executive session with the CAE at least annually. Review and determine that no restrictions are being placed on Internal Audit by management or the board.

    
    
    Ethics, Legal and Compliance
    
    

24. Establish procedures for the receipt, retention, and treatment of complaints regarding accounting, internal accounting controls, or auditing matters for the confidential, anonymous submission by Bank employees of concerns regarding questionable accounting or auditing matters. On at least a quarterly basis, review reports of complaints from the whistleblower hotline. Complaints determined to be material should be reported to the AC within 30 days.

25. Review with the Bank’s General Counsel, legal compliance matters that may have a material impact on the financial statements, the Bank’s compliance policies, and any material reports or inquiries received from regulators or governmental agencies.

26. Review with the General Counsel, the program for monitoring compliance with the Standards of Conduct Regulations and the Bank’s Code of Ethics.

27. Review the findings of any examinations by regulatory agencies, and management actions to address findings and recommendations.

    
    
    Other Duties
    
    

28. Review the adequacy of this charter on an annual basis.

29. Regularly report to the board of directors about committee activities, issues, and related recommendations.

30. Report annually to the shareholders, the committee’s composition, responsibilities and how they were discharged, and any other information required by regulation, including approval of non-audit services.

31. Evaluate the Committee’s and individual members’ performance at least annually.

32. Maintain records of meetings including attendance in accordance with the Bank’s record retention policy but no less than three fiscal years.

33. Minutes must contain record of agreement or disagreement when committee reviews financial policies, procedures and reports.

While the Audit Committee has the powers set forth in this Charter, it is not the duty of the Audit Committee to plan or conduct audits, or to determine that the Bank’s financial statements are complete and accurate, and are in accordance with generally accepted accounting principles. This is the responsibility of management and the independent accountant. However, it is the responsibility of the Audit Committee to ensure reasonable steps are taken by management to ensure the accuracy of financial reporting and adequacy of the institutions system of internal controls.

Updated February 21, 2023