Public companies are required to disclose risks that can affect the business and impact the stock. These disclosures are known as “Risk Factors”. Companies disclose these risks in their yearly (Form 10-K), quarterly earnings (Form 10-Q), or “foreign private issuer” reports (Form 20-F). Risk factors show the challenges a company faces. Investors can consider the worst-case scenarios before making an investment. TipRanks’ Risk Analysis categorizes risks based on proprietary classification algorithms and machine learning.

Bank of NT Butterfield & Son disclosed 54 risk factors in its most recent earnings report. Bank of NT Butterfield & Son reported the most risks in the “Finance & Corporate” category.

Risk Overview Q4, 2023

Risk Distribution

37% Finance & Corporate

28% Legal & Regulatory

11% Macro & Political

9% Ability to Sell

7% Tech & Innovation

7% Production

Finance & Corporate - Financial and accounting risks. Risks related to the execution of corporate activity and strategy

This chart displays the stock's most recent risk distribution according to category. TipRanks has identified 6 major categories: Finance & corporate, legal & regulatory, macro & political, production, tech & innovation, and ability to sell.

Risk Change Over Time

S&P500 Average

Sector Average

Risks removed

Risks added

Risks changed

Bank of NT Butterfield & Son Risk Factors

New Risk (0)

Risk Changed (0)

Risk Removed (0)

No changes from previous report

The chart shows the number of risks a company has disclosed. You can compare this to the sector average or S&P 500 average.

The quarters shown in the chart are according to the calendar year (January to December). Businesses set their own financial calendar, known as a fiscal year. For example, Walmart ends their financial year at the end of January to accommodate the holiday season.

Risk Highlights Q4, 2023

Main Risk Category

Finance & Corporate

With 20 Risks

Finance & Corporate

With 20 Risks

Number of Disclosed Risks

S&P 500 Average: 31

Recent Changes

0Risks added

2Risks removed

5Risks changed

Since Dec 2023

0Risks added

2Risks removed

5Risks changed

Since Dec 2023

Number of Risk Changed

S&P 500 Average: 3

See the risk highlights of Bank of NT Butterfield & Son in the last period.

Risk Word Cloud

The most common phrases about risk factors from the most recent report. Larger texts indicate more widely used phrases.

Risk Factors Full Breakdown - Total Risks 54

Finance & Corporate

Total Risks: 20/54 (37%)Below Sector Average

Share Price & Shareholder Rights5 | 9.3%

Share Price & Shareholder Rights - Risk 1

The issuance of additional shares in connection with future acquisitions, any share incentive or share option plan or otherwise may dilute all other shareholdings.

We may seek to raise capital to fund future acquisitions and other growth opportunities. We may, for these and other purposes, such as in connection with share incentive and share option plans, issue additional equity or convertible securities. Any issuance of additional shares, however, is subject to prior BMA approval, and we cannot guarantee that their approval will be obtained, either in a timely manner or at all. In the event that we are able to and do issue additional shares, existing shareholders could suffer dilution in their percentage ownership.

Share Price & Shareholder Rights - Risk 2

The value of the common shares may fluctuate significantly.

The value of our common shares may fluctuate significantly as a result of a large number of factors, including, in part, changes in our actual or forecasted operating results and the inability to fulfill the profit expectations of securities analysts, as well as the high volatility in the securities markets generally, and more particularly in shares of financial institutions. The current market price of our common shares may not be indicative of future market prices. Other factors, besides our financial results, that may impact the price of our common shares include, but are not limited to: - market expectations of the performance and capital adequacy of financial institutions in general;- investor perception of the success and impact of our strategies;- investor perception of our positions and risks, including risks associated with economic uncertainty in key markets in which we operate;- a downgrade or review of our credit ratings;- potential litigation or regulatory action involving us;- announcements concerning financial problems or any investigations into the accounting practices of other financial institutions; and - general market circumstances.

Share Price & Shareholder Rights - Risk 3

Our common shares trade on more than one market and this may result in price variations; in addition, investors may not be able to easily move shares for trading between such markets.

Our common shares have traded on the BSX since 1971 and began trading on the NYSE in September 2016. Trading in our common shares on these markets takes place in different currencies (US Dollars on the NYSE and Bermuda Dollars on the BSX), and at different times (resulting from different time zones, different trading days and different public holidays in the United States and Bermuda). The trading prices of our common shares on these two markets may differ due to these and other factors. Any decrease in the price of our common shares on the BSX could cause a decrease in the trading price of our common shares on the NYSE, or vice versa. Investors could seek to sell or buy our common shares to take advantage of any price differences between the markets through a practice referred to as arbitrage. Any arbitrage activity could create unexpected volatility in both our share prices on one exchange, and the shares available for trading on the other exchange.

Share Price & Shareholder Rights - Risk 4

We are a "foreign private issuer" under US securities law. Therefore, we are exempt from certain requirements applicable to US domestic registrants.

Although we are subject to the periodic reporting requirements of the Exchange Act, the periodic disclosure required of FPIs, including us, under the Exchange Act is different from periodic disclosure required of US domestic registrants. Therefore, there may be less publicly available information about us than is regularly published by or about US domestic registrants. We are exempt from certain other sections of the Exchange Act to which US domestic registrants are subject, including the requirement to provide our shareholders with information statements or proxy statements that comply with the Exchange Act. In addition, our insiders and large shareholders are not obligated to file reports under Section 16 of the Exchange Act. See ‘‘Implications of Being a Foreign Private Issuer." As an FPI, we are also permitted by the NYSE to comply with Bermuda corporate governance practice in lieu of complying with certain NYSE corporate governance requirements. This means that we are not required to comply with NYSE requirements that: - the board of directors consists of a majority of independent directors;- independent directors meet in regularly scheduled executive sessions;- the audit committee satisfy NYSE standards for director independence;- the audit committee has a written charter addressing the committee's purpose and responsibilities;- we have a nominating and corporate governance committee composed of independent directors with a written charter addressing the committee's purpose and responsibilities;- we have a compensation committee composed of independent directors with a written charter addressing the committee's purpose and responsibilities;- we establish corporate governance guidelines and a code of business conduct;- our shareholders approve any equity compensation plans; and - there be an annual performance evaluation of the nominating and corporate governance and compensation committees. With the exception of having shareholders approve equity compensation plans, we have elected to comply with the NYSE requirements listed above, notwithstanding the exemptions available to us as an FPI. However, as ongoing compliance is not required by the NYSE, our shareholders may not have the same protections afforded to shareholders of companies that are subject to all of the NYSE corporate governance requirements.

Share Price & Shareholder Rights - Risk 5

Purchases of our common shares under our share repurchase program may result in the price of our common shares being higher than the price that otherwise might have existed in the open market.

On December 5, 2023, the Board of Directors approved a new share repurchase program. Pursuant to the program, the Bank is authorized to repurchase up to 3.5 million common shares of the Bank through December 31, 2024. This was executed following the completion of the previous share repurchase program of 3.0 million common shares approved by our Board of Directors on February 13, 2023. The timing, manner, price and amount of any repurchases will be determined by the Company, in its discretion, based upon the evaluation of economic and market conditions, stock price, available cash, applicable legal and regulatory requirements and other factors, and which may include purchases pursuant to Rule 10b5-1 of the Exchange Act. The program does not require the Company to repurchase any specific number of shares and there can be no assurance that any shares will be repurchased under the program. The program may be suspended, extended, modified or discontinued by the Company at any time. These activities may have had the effect of maintaining the market price of our common shares or retarding a decline in the market price of the common shares, and, as a result, the price of our common shares may have been higher than the price that otherwise might have existed in the open market.

Accounting & Financial Operations5 | 9.3%

Accounting & Financial Operations - Risk 1

Holders of our common shares may not receive dividends.

The dividend policy described under Item 8.A. "Consolidated Statements and Other Financial Information - Dividend Policy" should not be construed as a dividend forecast. Our results of operations and financial condition are dependent on our performance. There can be no assurance that we will declare and pay dividends in the future. Any decision to declare and pay dividends in the future will be subject to the prior approval of the BMA and be made at the discretion of the Board. Such dividends shall be declared and paid by the Board only as permitted under applicable law. In determining the amount of any future dividends, factors the Board may take into account include: (1) our financial results; (2) our available cash, as well as anticipated cash requirements (including debt servicing); (3) our capital requirements, including the capital requirements of our subsidiaries; (4) our capital requirements to fund potential acquisitions; (5) contractual, legal, tax and regulatory restrictions on, and implications of, the declaration and payment of dividends by us to our shareholders or share repurchase activity; (6) general economic and business conditions; (7) restrictions applicable to the Bank and its subsidiaries under Bermuda and other applicable laws, regulations and policies, including the requirement to obtain a letter of no objection from the BMA for the payment of dividends on our common shares; and (8) any other factors that the Board may deem relevant. Therefore, there can be no assurance that we will declare or pay any dividends to holders of the common shares, or as to the amount of any such dividends. Our ability to declare and pay dividends may also depend on the level of distributions, if any, received from our operating subsidiaries. Our operating subsidiaries may be precluded from declaring and paying dividends by various factors, such as their own financial condition, or restrictions applicable to us and our subsidiaries under Bermuda and other applicable laws, regulations and policies. The ability of certain of our subsidiaries to upstream funds has been increasingly restricted due to changes in the business and regulatory environments in the jurisdictions in which those subsidiaries operate. In addition, any change in tax treatment of dividends or interest received by us may reduce the level of yield received by our shareholders.

Accounting & Financial Operations - Risk 2

General Risk Factors Information provided to us about clients and counterparties may not be accurate or complete.

In deciding whether to extend credit or enter into other transactions with clients and counterparties, we rely on information furnished by or on behalf of clients and counterparties, including financial statements and other financial information. We also may rely on representations of clients and counterparties as to the accuracy and completeness of that information and, with respect to financial statements, on reports of independent auditors. Such information could turn out to be inaccurate, including as a result of fraud or misrepresentation on behalf of our clients, counterparties or other third parties, which would increase our credit risk and expose us to possible write-downs and losses and may also adversely affect our ability to comply with certain rules, regulations and standards. We cannot be certain that our underwriting and operational controls will prevent or detect such fraud or that we will not experience fraud losses or incur costs or other losses related to such fraud. Our clients and counterparties may also experience fraud in their businesses which could adversely affect their ability to repay their loans or make use of our services. During the periods reported in this annual report, we have not experienced any material losses, or had to write down collateral, as a result of fraud or misrepresentation, but we cannot be certain that the Bank will not experience any such losses or have to write down any such collateral in the future, which could have a material adverse impact on our results of operation and financial condition.

Accounting & Financial Operations - Risk 3

The appraisals and other valuation techniques we use in evaluating and monitoring loans secured by real property may not accurately describe the net value of the collateral that we can realize.

In considering whether to make a loan secured by real property, we generally require an appraisal of the property. However, an appraisal is only an estimate of the value of the property at the time the appraisal is made, and, as real estate values may change significantly in relatively short periods of time (especially in periods of heightened economic uncertainty and in rising interest rate environments), this estimate may not accurately describe the net value of the real property collateral after the loan is made. As a result, we may not be able to realize the full amount of any remaining indebtedness when we foreclose on and sell the relevant property. In addition, we rely on appraisals and other valuation techniques to establish the value of our OREO and to determine certain loan impairments. If any of these valuations are inaccurate, our consolidated financial statements may not reflect the correct value of our OREO, and our allowance for credit losses may not reflect accurate loan impairments. This could have an adverse effect on our business, financial condition or results of operations.

Accounting & Financial Operations - Risk 4

Our controls and procedures may fail or be circumvented, which could have an adverse impact on our business, financial condition or results of operations.

We face the risk that the design of our controls and procedures that govern operations, financial reporting and compliance across jurisdictions, including those to mitigate the risk of human error, fraud or breach of fiduciary duties relating to our trust services by employees or outsiders, or to monitor financial reporting, may be inadequate, circumvented or exposed to variations in compliance at the local level, thereby causing inaccuracies in data and information or delays in the detection of errors. At present, we do not have a uniform core banking platform in place across the jurisdictions in which we operate and, therefore, we need to use manual processes to compile certain financial information from certain subsidiaries. Moreover, in the past, our information technology capabilities in Bermuda and other jurisdictions have experienced difficulties with certain identified weaknesses, including internal control deficiencies in our operations (including interest rate calculation functions). To address this, we used manual processing, data spreadsheets or a combination thereof. Use of such manual procedures and data spreadsheets presents financial reporting and operational risks and increases the importance of staff compliance with internal operating and security procedures. In addition, we may incur operational losses due to non-compliance by our staff with internal operating and control procedures and arising from human error. Any failure or circumvention of our controls and procedures or failure to comply with any current or future regulations related to controls and procedures could have an adverse effect on our business, financial condition or results of operations.

Accounting & Financial Operations - Risk 5

Changes in accounting policies and practices may be adopted by applicable regulatory agencies or other authoritative bodies, which could materially impact our financial statements.

Our accounting policies and methods are fundamental to how we record and report our financial condition and results of operations. From time to time, applicable regulatory agencies and other authoritative bodies change the financial accounting and reporting standards that govern the preparation of our financial statements. These changes can be difficult to predict and can materially impact how we record and report our financial condition and results of operations.

Debt & Financing8 | 14.8%

Debt & Financing - Risk 1

The Bank's credit ratings have a direct effect on its competitive position, and declines in the Bank's ratings may increase the cost of borrowing funds and make our ability to raise new funds, attract and retain deposits or renew maturing debt more difficult, which may negatively affect long-term and short-term funding.

The Bank's credit strength ratings are an important component of its liquidity profile and competitive position. Ratings show each agency's view of our financial strength, operating performance and ability to meet debt obligations as they become due. NRSROs periodically review the financial performance and condition of banks and may downgrade or change the outlook on a bank's ratings due to, for example: a change in a bank's regulatory capital ratios; a change in an NRSRO's determination of the amount of capital cushion required to maintain a particular rating; an increase in the perceived risk of a bank's investment portfolio; reduced confidence in management; or other considerations that may or may not be under our control. The Bank has credit ratings from S&P, Moody's and KBRA. Each of the rating agencies reviews its ratings and rating methodologies on a recurring basis and may decide on a downgrade at any time. The Bank's ratings as at December 31, 2023 are shown in the table below: Ratings KBRAMoody'sS&PLong-term issuerA+A3BBB+Short-term issuerK1P-2A-2Subordinated debtABaa2BBBLong-term counterparty risk assessment A2 Short-term counterparty risk assessment P-1 In September 2023, Moody's downgraded our subordinated debt from A3 to Baa2. The impact of the recent downgrade or any future downgrades in our credit ratings could adversely affect clients' perception of us and our ability to compete successfully in the marketplace for deposits (or result in the withdrawal of deposits). A downgrade in our short-term debt ratings may affect our short-term funding capabilities. There has been no measurable correlation or effect on deposit levels during previous downgrades and, as a result, historically, no material impacts on the Bank's operations or results. Negative changes in the Bank's long-term credit ratings would also likely increase the cost of raising long-term funding in the capital markets or of borrowing funds. Even where we can access the capital markets, negative changes in our ratings could affect our share price and make any equity offerings more difficult and dilutive to current shareholders, further driving down the Bank's share price. Our ability to replace maturing or existing debt may be more difficult and expensive. In addition, our lenders and counterparties in derivative transactions are sensitive to the risk of a ratings downgrade. However, we may issue additional debt securities in the future which may increase the impact of a one-notch downgrade in credit ratings. Management cannot predict what actions rating agencies may take, or what actions we may take in response to the actions of rating agencies that could adversely affect our business. As with other companies in the financial services industry, our ratings could be downgraded at any time and without any notice by any NRSRO, which could adversely affect our business, financial conditions or results of operations.

Debt & Financing - Risk 2

If we are unable to effectively manage our liquidity we may need to seek additional financing and our business, financial condition or results of operations could be adversely affected.

We need liquidity to pay our operating expenses, to fund depositor withdrawals, interest on our debt and declared dividends on our common shares, and to replace certain maturing liabilities. Without sufficient liquidity, we will be forced to curtail our operations and our business will suffer materially and may not survive. Our main source of funding is customer deposits. As at December 31, 2023, we had $12.0 billion in deposits (54% USD deposits, 21% USD-pegged deposits, 19% GBP deposits), with 37% of our deposits derived from our Bermuda segment, 33% from the Cayman segment, and 29% from the Channel Islands segment. In addition, we source funding from net income generated by the Bank, net of dividends paid, and to a lesser extent from other sources including the sale of securities to institutional counterparties under repurchase agreements and the sale of equity securities and AFS securities. Our deposit base includes both demand and term liabilities, with the significant majority of such deposits being demand deposits or are due within six months. Because we rely primarily on short-term deposits for funding, a sudden or unexpected shortage of funds in the banking systems in which we operate may prevent us from obtaining necessary funding at all or without incurring higher costs. Our deposit base includes deposits from commercial and institutional clients which may be more sensitive to financial strength rating changes. See also " - We face competition in all aspects of our business, and may not be able to attract and retain wealth management, trust and banking clients at current levels." A significant withdrawal of deposits in either of these markets could significantly affect our liquidity and our ability to meet our funding needs, in particular as the expanding use of Internet and mobile banking have significantly increased the speed with which customers can access deposits in response to real or perceived risks or otherwise. Any sudden liquidity crisis could lead to the Bank's failure. In addition, as a bank with subsidiaries located in various jurisdictions, the Bank's access to inter-company funds can be restricted because our regulated banking subsidiaries are required to maintain certain liquidity ratios or minimum levels of capital in accordance with the laws of the jurisdictions in which they operate or otherwise. The necessity of maintaining these ratios or levels of capital or other liquidity considerations could restrict the ability of these subsidiaries to transfer funds to us, in the form of cash dividends, loans or advances. In the event that our current resources do not satisfy our needs, we may need to seek additional financing. The availability of additional financing will depend on a variety of factors, such as market conditions, the general availability of credit, the volume of trading activities, the overall availability of credit to the financial services industry, our credit ratings and credit capacity, above average interest rates and supply/demand dynamics, as well as the possibility that customers or lenders could develop a negative perception of our long- or short-term financial prospects, including as a result of economic uncertainty or any downgrade in sovereign credit ratings in key markets in which we operate.

Debt & Financing - Risk 3

We could be negatively affected if the soundness of other financial institutions and counterparties deteriorates or if such counterparties, including clearing houses, are unwilling to do business with us, in particular in respect of US Dollar transactions.

Given the high level of interdependence between financial institutions, we are and will continue to be subject to the risk of actual or perceived deterioration in the commercial and financial soundness of other financial services institutions as evidenced by the collapse of multiple high profile regional banks such as Silicon Valley Bank, Signature Bank and First Republic Bank in 2023, which resulted in decreased confidence in banks among consumer and commercial depositors, other counterparties and investors, as well as significant disruption, volatility and reduced valuations of equity and other securities of banks in the capital markets. Within the financial services industry, the default by any one institution could lead to defaults by other institutions. Concerns about, or a default by, one institution could lead to significant liquidity problems, losses or defaults by other institutions, because the commercial and financial soundness of many financial institutions may be closely related as a result of their credit, trading, clearing or other relationships. Even the perceived lack of creditworthiness of, or questions about, a financial institution may lead to market-wide liquidity problems and losses or defaults by us or by other institutions. This risk is sometimes referred to as "systemic risk" or "contagion" and may adversely affect financial intermediaries, such as clearing agencies, clearing houses and banks with whom we interact on a daily basis. In particular, BNYM and Wells Fargo Bank, N.A. ("Wells Fargo") act as clearing houses for all our US Dollar transactions. If BNYM's or Wells Fargo's ability to act as our clearing houses becomes impaired or BNYM or Wells Fargo cease to act as our clearing houses for any other reason and other financial institutions are not willing to provide the services currently provided to us by BNYM and Wells Fargo, we could lose our ability to engage in US Dollar transactions, which could lead to severe disruptions in our operations and adversely impact our business, financial condition or results of operations.

Debt & Financing - Risk 4

The value of the securities in our investment portfolio may continue to decline in the future.

As at December 31, 2023, we owned $5.3 billion of investment securities consisting primarily of securities issued by the US government and US governmental agencies and recorded net unrealized losses in our AFS and HTM portfolios of $163.9 million and $484.4 million, respectively, due to changes in fair value of our investment securities as a result of rapidly rising long-term market interest rates. In 2023, our investment portfolio had an average yield of 2.10%. The fair value of our investment securities may continue to be adversely affected by market conditions, including future changes in interest rates and the occurrence of any events adversely affecting the issuers of particular securities in our investment portfolio. We perform periodic reviews to determine if a credit impairment exists. Our Group Asset and Liability Committee reviews the results of the impairment analysis and advises whether a credit impairment exists. The process for determining whether a credit impairment exists usually requires complex, subjective judgments about the future financial performance of the issuer of the relevant security in order to assess the probability of receiving all contractual principal and interest payments on the security. We did not record any credit impairment losses on investments in the years ended December 31, 2023, 2022 and 2021. We may be required to recognize credit impairments in the future periods, which could have an adverse effect on our business, financial conditions or results of operations. See "- If we are unable to effectively manage our liquidity we may need to seek additional financing and our business, financial condition or results of operations could be adversely affected."

Debt & Financing - Risk 5

Our loan and investment portfolios are subject to risk of prepayment, which could have a material adverse effect on us.

Our fixed rate loan and investment portfolios are subject to prepayment risk, which results from the ability of a borrower or issuer to pay a debt obligation prior to maturity. Generally, in a low interest rate environment, prepayment activity increases, which reduces the weighted average duration of our interest-earning assets and could have a material adverse effect on us. For example, decreases in global market interest rates in 2020 and 2021 increased prepayment speeds and resulted in lower yields on the Bank's investments. Conversely in 2022 and 2023, increases in global market interest rates decreased prepayment speeds resulting in marginally higher yields on the Bank's investments. Prepayments also require us to recognize net premiums or commissions as income over a shorter period of time, thereby reducing the corresponding asset yield and net interest income. Prepayment risk also has a significant adverse impact on credit card and collateralized mortgage loans, since prepayments could shorten the weighted average life of these assets, which may result in a mismatch in our funding obligations and reinvestment at lower yields. Prepayment risk is inherent to our commercial activity and an increase in prepayments could have a material adverse effect on us.

Debt & Financing - Risk 6

The majority of the markets in which we operate do not have systemic credit bureau reports.

Unlike the US where the FCRA is designed to help ensure that credit bureaus furnish correct and complete information when evaluating loan applications, the majority of the markets in which we operate do not have systemic credit bureau reports. Therefore, we review each loan and we use a formal and documented tiered credit approval process that is administered through and governed by our risk management framework. Due to limitations in the availability of information, our assessment of credit risk associated with a particular customer may not be based on complete, accurate or reliable information. In addition, although we have made and continue to make improvements to our credit scoring systems to better assess borrowers' credit risk profiles, we cannot provide assurance that our credit scoring systems collect complete or accurate information reflecting the actual behavior of customers or that their credit risk can be assessed correctly. Without complete, accurate and reliable information, we have to rely on other publicly available resources and our internal resources, which may not be effective. As a result, our ability to effectively manage our credit risk and subsequently our impairment losses and allowance for credit losses may be materially adversely affected. In addition, because our credit approval process involves detailed analyses of the customer or credit risk, taking into account both quantitative and qualitative factors, it is subject to human or information technology systems errors. In exercising their judgment on current or future credit risk behavior of our customers, our employees may not always be able to assign an accurate credit rating, which may result in our exposure to higher credit risks than indicated by our risk rating system. In addition, we aim to continuously refine our credit policies and guidelines to address potential risks associated with particular industries or types of customers. However, we may not be able to timely detect all possible risks before they occur, or due to limited tools available to us, our employees may not be able to effectively implement them, which may increase our credit risk. Failure to effectively implement, consistently follow or continuously refine our credit risk management system may result in an increase in the level of nonperforming loans and a higher risk exposure for us, which could have a material adverse effect on us.

Debt & Financing - Risk 7

Banks domiciled in Bermuda, including us, are not supported by a central bank from which to borrow funds, so if we are unable to maintain sufficient liquidity by continuously attracting deposits and other short-term funding, our financial condition, including our capital ratios, funding costs or results of operations could be adversely affected.

Unlike many other jurisdictions, there is no central bank or similar governmental agency in Bermuda from which we may borrow US or Bermuda Dollars if we experience liquidity shortages, which may leave us without a lender of last resort in the event that Bermuda suffers a severe economic downturn at the same time as a liquidity shortage. Similarly, there is no central bank in the Cayman Islands, Jersey or Guernsey to act as a lender of last resort. Accordingly, we may not have a lender of last resort in case of future liquidity shortages and we may be unable to sufficiently fund our liquidity needs. While there is no central bank or similar governmental agency in Bermuda, the Cayman Islands, Jersey or Guernsey that insures bank deposits, such as the Federal Deposit Insurance Corporation in the United States, the Government of Bermuda and the Government of the States of Jersey and Guernsey have each implemented a Deposit Insurance Scheme or Deposit Compensation Scheme. See Item 4.B. "Business Overview - Supervision and Regulation" and "- Certain jurisdictions in which we operate, including Bermuda, Guernsey and Jersey, have a Deposit Insurance Scheme or Deposit Compensation Scheme and we incur ongoing costs as a result." The regulators in these jurisdictions have also required us to hold capital add-ons to compensate for the systemic importance of our bank to the economy in the absence of a central bank. Without a central bank from which we could borrow funds, liquidity management is critical to the management of our consolidated balance sheet, and an inability to obtain sufficient liquidity could adversely affect our financial condition.

Debt & Financing - Risk 8

Changed

The effects of inflation, and volatility in interest rates have and may continue to negatively impact our net interest margin and our profitability.

Net interest income is a significant component of our revenues and changes in prevailing interest rates, including the SOFR have and may continue to adversely affect our business, including the level of net interest income we earn, and for our banking business, the levels of deposits and the demand for loans. Interest rates are highly sensitive to many factors that are beyond our control, including general economic conditions and policies of various governmental and regulatory agencies and, in particular, the U.S. Federal Reserve and the Bank of England. Changes in monetary policy, including changes in interest rates, influence not only the interest we receive on loans and investments and the amount of interest we pay on deposits and borrowings, but such changes also affect our ability to originate loans and obtain deposits, the fair value of our financial assets and liabilities and the average duration of our mortgage portfolio and other interest-earning assets. In 2022 and 2023, the strategy of central banks globally included the introduction of a series of interest rate increases. It is unknown if further rate hikes are expected and for how long interest rates will remain elevated. As interest rates increase, our net interest income would narrow if our cost of funding increased without a correlating increase in the interest we earn from loans, investments and other interest-earning assets. Because we rely extensively on deposits to fund our operations, our cost of funding would increase if there is an increase in the interest rate we are required to pay our customers to retain their deposits, as is currently being experienced in our businesses. This could also occur, for instance, if we are faced with competitive or regulatory pressures to increase rates on deposits. In addition, our cost of funding increases if the interest rates we are required to pay for other sources of funding increase. Moreover, increases in interest rates have and may continue to decrease customer demand for loans as the higher cost of obtaining credit may deter customers from seeking increases in or new loans. Further, the effects of inflation and interest rate volatility may lead to liquidity issues for borrowers and debt covenant violations. An increase in interest rates may lead to the need for borrowers to amend the terms of existing debt agreements or obtain waivers if they no longer satisfy debt covenants. Changes to existing debt arrangements may represent restructuring, modification or extinguishment, which might lead to an increased number of delinquent loans and defaults, which would affect the value of our loans. Changes in interest rates may negatively affect the value of our assets and our ability to realize gains or avoid losses from the sale of those assets, all of which may also ultimately affect earnings and capital, as well as our regulatory solvency position. While SOFR has been endorsed by the Alternative Reference Rate Committee as its preferred replacement for the LIBOR, it remains uncertain whether or when SOFR or other alternative reference rates will be widely accepted by lenders as the replacement for LIBOR. This may, in turn, impact the liquidity of the SOFR loan market, and SOFR itself, with the risk of increased volatility, which could result in higher borrowing costs for us. Further, as the use of SOFR-based rates is relatively new, there could be unanticipated difficulties, disruptions or methodological or other changes with the calculation and publication of SOFR based rates, which in turn could trigger another benchmark transition or otherwise cause a reliance on an alternate base rate. This could also result in increased borrowing costs for us and thereby have a material adverse effect on our business or financial condition.

Corporate Activity and Growth2 | 3.7%

Corporate Activity and Growth - Risk 1

Our strategy includes expansion of our business through acquisitions of, or investments in, other companies or new products and services, but we may not be able to achieve regulatory approval for such transactions or be able to achieve the anticipated cost savings, growth opportunities and other benefits anticipated from such transactions.

We seek to grow both organically and through acquisitions. In the past several years, we have made various acquisitions and investments intended to complement and expand our businesses, including our September 2022 agreement with Credit Suisse to acquire assets (i.e. client relationships) from its trust business in Singapore, Guernsey and The Bahamas, which was completed in December 2023. Our long-term growth strategy includes identifying and effecting selective acquisitions in our core geographies, but we cannot be sure that we will be able to continue to identify suitable acquisition targets or investment opportunities. Even if we identify suitable targets, there can be no assurance that we will be able to obtain the necessary funding on acceptable terms, if at all, to finance any of those potential acquisitions or investments. We may also be required to obtain regulatory approval (including from the BMA) prior to any potential acquisition or investment depending on the transaction and the laws and regulations of the target's country of incorporation. Regulators consider a number of factors when determining whether to approve a proposed transaction, and we may have difficulty obtaining the necessary regulatory approvals, government permits or licenses required for such acquisitions. We may fail to pursue, evaluate or complete strategic and competitively significant business opportunities as a result of our inability, or our perceived inability, to obtain any required regulatory approvals in a timely manner or at all. Even where we are able to complete an acquisition or an investment, we cannot be sure that such acquired entity, business or asset or such investment will perform in line with our assumptions or expectations or otherwise complement our business or strategy due to a variety of factors, including lower revenues than expected, unforeseen operating difficulties and expenditures, customer loss and business disruption (including, without limitation, difficulties in maintaining relationships with employees, customers, clients or suppliers) and risks associated with the disruption of management's attention from ongoing business operations due to acquisition and integration activities. In addition, integrating an acquired company, business asset or technology possesses significant risks, including, among other things: - the incorporation of new technologies into our existing business infrastructure;- the maintenance of standards, controls, procedures and policies throughout the organization (including effective internal controls over financial reporting and disclosure controls and procedures);- the consolidation of our corporate or administrative functions;- the coordination of our sales and marketing functions to incorporate the new business asset or technology;- the potential for liabilities and claims arising out of the acquired businesses;- the integration of corporate cultures;- the maintenance of morale, retention and integration of key employees to support the new business asset or technology and management of our expansion in capacity; and - compliance with the regulatory regimes of newly entered jurisdictions. In addition, a significant portion of the purchase price of companies or assets that we may acquire may be allocated to goodwill and other intangible assets. Intangible assets are tested for impairment annually or when there is a triggering event requiring such testing; an intangible asset that is subject to amortization is periodically reviewed for impairment. Goodwill is tested for impairment on an annual basis. As at December 31, 2023, we had $24.1 million and $74.8 million of goodwill and intangible assets, respectively. In the future, if our acquisitions do not yield expected returns or there are changes in discount rates, we may be required to take additional charges to our earnings based on the impairment assessment process, which could harm our business, financial condition, results of operations and prospects.

Corporate Activity and Growth - Risk 2

Our risk management and compliance framework, systems and process, and related guidelines and policies, may prove inadequate to manage our risks, and any failure to properly assess or manage such risks could harm us.

We maintain an enterprise risk management program that is designed to identify, quantify, monitor, report and control the risks we face. We also maintain a compliance program to identify, measure, assess and report on adherence to applicable laws, policies and procedures. Our approach to risk management requires senior management to make complex judgments, including decisions (based on assumptions about economic factors) about the level and types of risk that we are willing to accept in order to achieve our business objectives. These also include the maximum level of risks we can assume before breaching constraints determined by regulatory capital and liquidity needs and our regulatory and legal obligations including, among others, from a conduct and prudential perspective. Given these complexities, and the dynamic environment in which we operate, the decisions made by senior management may not be appropriate or yield the results expected. In addition, senior management may be unable to recognize emerging risks quickly enough for us to take appropriate action in a timely manner. There can be no assurances that our framework for risk management, compliance and related controls will effectively mitigate risk and limit financial losses for our operations.

Legal & Regulatory

Total Risks: 15/54 (28%)Above Sector Average

Regulation12 | 22.2%

Regulation - Risk 1

Our business is subject to risks related to litigation and regulatory actions.

We are, from time to time, involved in various legal and regulatory proceedings arising from our normal business activities. These claims and legal actions, including supervisory actions by our regulators or proceedings or investigations brought by other regulators, could involve large monetary claims and significant defense costs. The outcome of these cases is uncertain. Substantial legal liability or significant regulatory action against us could have material financial effects or cause significant reputational harm to us, which in turn could seriously harm our business, financial condition, results of operations and prospects. We may be exposed to substantial uninsured liabilities, which could materially affect our results of operations and financial condition. As previously publicly announced, in November 2013, the USAO applied for and secured the issuance of so-called John Doe Summonses to six US financial institutions with which the Bank had correspondent bank relationships. The purpose of these summonses was to identify US persons who may have been using our banking, trust, or other services to evade their own tax obligations in the United States. The Bank cooperated with the US authorities in their investigation and reached a resolution with the US Department of Justice in July 2021. The resolution was in the form of a non-prosecution agreement with a three-year term and payment of $5.6 million.

Regulation - Risk 2

We are required to obtain approval from our regulators before engaging in certain activities.

The laws, regulations, policies, voluntary codes of practice and interpretations applicable to us govern a variety of matters, including acquisitions and other activities we may engage in. As our primary lead regulator, the BMA requires that we obtain its prior consent, letter of no objection and/or approval before engaging in certain activities, including paying dividends on our common shares, entering into material acquisitions or issuing or repurchasing our common shares, and there can be no assurance that any regulatory approvals we may require will be obtained, either in a timely manner or at all. See "- Our strategy includes expansion of our business through acquisitions of, or investments in, other companies or new products and services, but we may not be able to achieve regulatory approval for such transactions or be able to achieve the anticipated cost savings, growth opportunities and other benefits anticipated from such transactions." Our regulators have the ability to compel us to, or restrict us from, taking certain actions entirely, such as actions that our regulators deem to constitute an unsafe or unsound banking practice. Any restrictions on our business placed by a regulator could have a negative impact on our ability to execute on our growth strategy. See "- Laws in certain jurisdictions in which we operate and our bye-laws could adversely affect the rights of our shareholders or prevent or delay a change in control." For example, if our capital levels are deemed insufficient by the BMA or otherwise, they may not approve our payment of a regular quarterly dividend.

Regulation - Risk 3

Our business may be negatively impacted by the economic substance legislation and regulations in the jurisdictions in which we operate, including Bermuda, the Cayman Islands, and the Channel Islands.

In 2018, all major offshore jurisdictions enacted legislation in response to new requirements imposed by the EU's ECOFIN regarding the need for entities registered in offshore jurisdictions to demonstrate economic substance. Compliance with these requirements is necessary to avoid a jurisdiction being placed on the EU's list of non-cooperative jurisdictions for tax purposes. Many of the jurisdictions in which we operate, including Bermuda, the Cayman Islands, The Bahamas, Guernsey and Jersey have enacted legislation that requires entities registered, incorporated or continued under certain legislation in the respective jurisdictions engaged in "relevant activities" (which includes engaging in banking or financing activities) to satisfy economic substance requirements by maintaining a substantial economic presence in the respective jurisdiction. For example, in December 2018, Bermuda passed The Economic Substance Act 2018, the Cayman Islands passed the International Tax Co-operation (Economic Substance) Law, The Bahamas passed the Commercial Entities (Substance Requirement) Act, Guernsey passed the Income Tax (Substance Requirements) (Implementation) Regulations, 2018 and Jersey passed the Taxation (Companies - Economic Substance) (Jersey) Law 2019. Any entity that must satisfy economic substance requirements but fails to do so could face financial penalties, a restriction of its business activities or being struck-off as a registered entity in the relevant jurisdiction. In October 2022, The Bahamas was added to the EU's list of non-cooperative jurisdictions for tax purposes as the EU's ECOFIN concluded that they failed to adequately address a number of recommendations of the OECD Forum on Harmful Tax Practices in connection to the enforcement of economic substance requirements. From February to October 2020, the Cayman Islands were on the EU's list of non-cooperative jurisdictions for tax purposes. The EU's ECOFIN concluded that the Cayman Islands did not have appropriate measures in place relating to collective investment vehicles, and in response the Cayman Islands adopted reforms sufficient to address this deficiency and was subsequently removed from the list and added to the list of cooperative jurisdictions in October 2020. Bermuda was similarly placed on the EU's list of non-cooperative tax jurisdictions in March 2019, but removed from this list in May 2019 and added to the EU's list of cooperative tax jurisdictions in February 2020. EU Finance Ministers signaled their approval of the economic substance regulations by placing Jersey and Guernsey on the EU's list of cooperative tax jurisdictions in March 2019, and the OECD has endorsed Jersey and Guernsey's domestic legal framework as being in line with the relevant standard. As the EU continues to monitor compliance by the jurisdictions in which we operate, further economic substance requirements imposed by these jurisdictions or a future addition of these jurisdictions to the EU's list of non-cooperative tax jurisdictions could have a material adverse effect on us.

Regulation - Risk 4

Our international business model exposes us to various and possibly conflicting regulatory regimes across multiple jurisdictions.

Our international business model exposes us to different regulatory regimes across multiple jurisdictions. Although our central management and a large part of our business are located in Bermuda, our operations are spread throughout ten international jurisdictions. In addition to the logistical and communications challenges this creates, the financial services industry is heavily regulated in many jurisdictions, and each line of the business is exposed to different, constantly evolving and possibly conflicting regulatory schemes. Our management has enacted internal controls and procedures that are designed to result in compliance with these regulatory schemes, which are periodically reviewed and updated, but in the future we might have difficulty meeting and remaining in compliance with existing or new regulatory requirements imposed by a particular jurisdiction, particularly in light of the increasing regulatory scrutiny of financial institutions and their subsidiaries. Our current internal controls for one jurisdiction may not sufficiently comply with the demands of increased oversight in another jurisdiction. To the extent we are unable to comply with the regulatory scheme of a particular jurisdiction, we might not be able to operate in that jurisdiction, or we may incur fines or penalties for compliance failures or incur costs in order to remediate compliance failures, any or all of which could adversely affect our business, financial condition or results of operations.

Regulation - Risk 5

Failure to comply with any applicable anti-corruption legislation could result in fines, criminal penalties and an adverse effect on our business, financial condition or results of operations.

We must comply with all applicable laws and regulations, which include anti-corruption, anti-money laundering, international financial sanctions and anti-terrorist financing laws and regulations. Recently, there has been a substantial increase in the global enforcement of these laws and regulations, in particular in respect of the financial services industry. The measures and procedures we have in place may not be entirely effective in preventing third parties from using us (and our correspondent banks) as a conduit for money laundering (including illegal cash operations), terrorist financing or other financial crimes without our (and our correspondent banks') knowledge or consent. Although, as of the date of this report, we have not been subject to any fines or penalties, as a result of violations of anti-money laundering and counter-terrorism laws and regulations, there can be no assurances that we will not be subject to such fines, penalties or losses or harm in the future. If we were to be associated with money laundering (including illegal cash operations) or terrorist financing, our reputation could be harmed and we could become subject to fines, sanctions or legal enforcement (including being added to any "blacklists" that would prohibit certain parties, potentially including US Dollar clearing banks, from engaging in transactions with us), which could have a material adverse effect on our business, financial condition or results of operations.

Regulation - Risk 6

We operate in a complex and changing regulatory environment and legal and regulatory changes or our failure to comply with laws and regulations could have a negative impact on our business, financial condition or results of operations.

Our business is subject to ongoing changes in laws, regulations, policies, voluntary codes of practice and interpretations in the markets in which we operate. We currently face an increasingly extensive and complex set of laws, regulations and standards as a result of the concerns enveloping the global financial sector. We are exposed to potential changes in governmental or regulatory policies, price controls, capital controls, exchange controls, other restrictive actions, unfavorable political and diplomatic developments, and changes in legislation. Some areas of potential regulatory change involve multiple jurisdictions seeking to adopt a coordinated approach. This may result in conflicts with specific requirements of the jurisdictions in which we operate and, in addition, such changes may be inconsistently introduced across jurisdictions. See "- Our international business model exposes us to various and possibly conflicting regulatory regimes across multiple jurisdictions." Changes may also occur in the oversight approach of regulators. It is possible that governments in jurisdictions in which we operate or obtain funding might revise their application of existing regulatory policies that apply to, or impact, the Bank's business, including for reasons relating to national interest and/or systemic stability. The powers exercisable by our regulators may also be expanded in the future. Regulatory changes and the timing of their introduction continue to evolve and we manage our businesses in the context of regulatory uncertainty. The nature and impact of future changes are not predictable and are beyond our control. Regulatory compliance and the management of regulatory change are an important part of our planning processes. We expect that we will be required to continue to invest significantly in compliance and the management and implementation of regulatory change and, at the same time, significant management attention and resources will be required to update existing, or implement new, processes to comply with new regulations. Changes and restrictions imposed by our primary lead regulator, the BMA, and other regulators may also impact our operations by requiring us to have increased levels of liquidity, and higher levels of, and better quality, capital and funding, as well as placing restrictions on the businesses we conduct (including limiting our ability to provide products and services to certain customers), requiring us to amend our corporate structure or requiring us to alter our product or service offerings. If a regulatory change has any such effect, it could adversely affect one or more of our businesses, restrict our flexibility, require us to incur substantial costs and impact the profitability of one or more of our business lines. Any such costs or restrictions could adversely affect our business, prospects, financial performance or financial condition. Our failure or inability to fully comply with the laws and regulations could lead to fines, public reprimands, reputational damage, civil liability, enforced suspension of operations or, in extreme cases, withdrawal of authorization to operate, which could adversely affect our business, financial condition, results of operations or prospects. We could also be required to incur significant expenses to comply with new or revised regulations. Future developments or changes in laws, regulations, policies, voluntary codes of practice and their effects may require greater capital resources and significant management attention, and may require us to modify our business strategies and plans.

Regulation - Risk 7

We, like many financial institutions, remain under considerable regulatory scrutiny regarding our ability to prevent and detect financial crime. The financial crime threats we face have continued to evolve, often in tandem with broader geopolitical, socioeconomic and technological shifts in our markets, leading to challenges such as managing conflicting laws and approaches to legal and regulatory regimes.

Financial crime risk evolved during the COVID-19 pandemic, notably with the manifestation of fraud risks linked to the economic slowdown and resulting deployment of government relief measures. The accelerated digitization of financial services has fostered significant changes to the payments ecosystem, including a multiplicity of providers and new payment mechanisms, not all of which are subject to the same level of regulatory scrutiny or regulations as financial institutions. Developments around digital assets and currencies, notably the role of cryptocurrencies, are increasing regulatory and enforcement focus on the financial crimes linked to these types of assets. While we continuously monitor for financial crime, there is a risk that we may unknowingly becoming a party to, associated with, or accused of being associated with, money laundering or violations of sanctions laws or regulations which could damage our reputation and could make us subject to fines, sanctions and/or legal enforcement. Any one of these outcomes could have a material adverse effect on our business, financial condition, results of operations, prospects and reputation.

Regulation - Risk 8

Laws in certain jurisdictions in which we operate and our bye-laws could adversely affect the rights of our shareholders or prevent or delay a change in control.

Under the provisions of Bermuda's BDCA, the rights of our shareholders could be impaired if any such shareholder becomes a shareholder controller. If a shareholder controller fails to comply with the notice requirements in connection with a change in control under the BDCA or continues as such after being given notice of objection to its being a shareholder controller, the BMA may take the actions specified in the BDCA, including, among other things, revoking the relevant license of the Bank under the BDCA. For more information, see the summaries of relevant provisions of the BDCA regulations under Item 4.B. "Business Overview - Supervision and Regulation" and "Description of Share Capital" in our registration statement on Form F-1 filed with the SEC on February 13, 2017 with file number 333-216018. Similarly, in Guernsey certain changes to the ownership structure of our Guernsey company (which is licensed by the Guernsey Financial Services Commission) may be considered to be a change of control requiring a declaration of "no objection" from the regulator, and in Jersey a change to the ownership or control of the Jersey regulated entity may also require regulatory approval. In addition to these restrictions, the provisions of our bye-laws provide that a person who is not "Bermudian" (as such term is defined in the Companies Act) who is "interested" (as such term is defined in the bye-laws) in our shares which constitute more than 40% of all shares then issued and outstanding is not entitled to vote the shares which are in excess of such 40% interest at any general meeting without the prior written approval of the Minister of Finance. See also Item 4.B. "Business Overview - Supervision and Regulation."

Regulation - Risk 9

Our ability to pay dividends to non-residents of Bermuda and the transfer of our common shares to non-residents of Bermuda could be impaired by Bermuda regulations.

A large number of our shareholders are resident outside of Bermuda, and our common shares are listed on the BSX and the NYSE. Bermuda regulations impacting non-Bermuda holders of our common shares are set by the Bermuda Controller of Foreign Exchange, whose current policy: - permits the conversion of Bermuda Dollars for payment of dividends in foreign currency to shareholders who are non-residents of Bermuda for exchange control purposes, provided that all payments are processed through an authorized dealer, including, for this purpose, us; and - permits the free transferability of equity securities of a Bermuda company for so long as such equity securities of such company are listed on an ‘‘appointed stock exchange'' appointed by the Minister of Finance under section 2(9) of the Companies Act 1981. However, if the Controller of Foreign Exchange were to change the foregoing policies, our ability to pay dividends in US Dollars to non-residents of Bermuda for exchange control purposes could be impaired. Furthermore each transfer of our common shares to or from non-residents of Bermuda for exchange control purposes could require specific approval by the Controller of Foreign Exchange. This could impact the liquidity of the market for our common shares, and the value of the common shares could be adversely affected.

Regulation - Risk 10

We are a Bermuda company. Bermuda law differs from the laws in effect in the United States and might afford less protection to shareholders.

We are a Bermuda-based company incorporated under the laws of Bermuda. As a result, the rights of holders of our common shares will be governed by Bermuda law, including the Companies Act, the Butterfield Act and our bye-laws. The rights of shareholders under Bermuda law may differ from the rights of shareholders of companies incorporated in other jurisdictions. In particular, under Bermuda law, the duties of directors and officers of a company are generally owed to the company only, and shareholders do not generally have rights to take action against directors or officers of the company. In addition, class actions and derivative actions are generally not available to shareholders under Bermuda law. The status of laws currently in place, and areas not currently governed, are subject to change. The interests of our shareholders could be adversely affected if significant regulations are added or deleted from Bermuda's existing statutory framework. For a summary of the existing legal framework in Bermuda, see Item 4.B. "Business Overview - Supervision and Regulation." In addition, our business is based outside of the United States, a majority of our directors and officers reside outside of the United States and a majority of our assets and some or all of the assets of such persons are located outside of the United States. As a result, it may be difficult or impossible to effect service of process on us or our directors and officers in the United States or to enforce in the United States judgments obtained in the United States courts against us or those persons based on the civil liability provisions of the United States securities laws. Furthermore, it is doubtful whether courts in Bermuda will enforce judgments obtained in other jurisdictions, including the United States, against us or our directors or officers under the securities laws of those jurisdictions or entertain actions in Bermuda against us or our directors or officers under the securities laws of other jurisdictions. There are provisions in our bye-laws that may be used to delay or block a takeover attempt, which could discourage, delay or prevent a change in control of the Bank and could adversely impact the value of our common shares. For a detailed summary of the anti-takeover provisions in our bye-laws, see "Description of Share Capital" in our registration statement on Form F-1 filed with the SEC on February 13, 2017 with file number 333-216018.

Regulation - Risk 11

Changed

The Financial Action Task Force may identify any of the jurisdictions in which we operate as a jurisdiction which has systemic anti-money laundering and/or anti-terrorist financing deficiencies, which could have an adverse effect on our business.

The FATF is an international body that identifies jurisdictions with weak measures to combat money laundering and terrorist financing in public documents published three times a year. FATF and its regional bodies work with such jurisdictions, governments, and regulatory bodies and report on progress made in addressing identified deficiencies. Such reviews are at a country level, rather than an entity-specific level. Thus, while the Bank can have in place globally accepted standards to fight money laundering and terrorist financing, the existing regulations in any of the jurisdictions in which we operate may not meet FATF requirements. In February 2021, the Cayman Islands was added to the FATF "grey list". The FATF concluded that, although the Cayman Islands had addressed the majority of the recommended actions including all technical aspects of its most recent inspection, there were still action points to be completed. In October 2023, the Cayman Islands was removed from the "grey list' after demonstrating that all remaining recommended actions have been addressed. Failure to comply with FATF standards by any jurisdictions in which we operate could adversely affect our reputation and our ability to obtain financing from the international markets and attract foreign investments.

Regulation - Risk 12

Certain jurisdictions in which we operate, including Bermuda, Guernsey and Jersey, have a Deposit Insurance Scheme or Deposit Compensation Scheme and we incur ongoing costs as a result.

As a bank licensed by the Bermuda Monetary Authority ("BMA"), we are required to be a member of the DIS and pay contributions to the Deposit Insurance Fund. Currently, our premium contribution is calculated by the Bermuda Deposit Insurance Corporation as 0.25% per annum of the average total amount of our Bermuda Dollar deposits that are covered by the DIS guarantee over a rolling three-month period, payable every three months in arrears. The amount of the contribution we are liable to pay may change from time to time as the total level of our insured Bermuda Dollar deposits changes; in addition, there is no guarantee that the current rate of premium contributions charged by the Bermuda Deposit Insurance Corporation will stay the same and not increase or that the Bermuda Deposit Insurance Corporation will not require additional contributions in the event that the Deposit Insurance Fund is insufficient to pay compensation due to insured depositors in the case of an insured event. We may also not be able to recover our contributions to the Deposit Insurance Fund from any failed institution whose insured depositors receive payments from the Deposit Insurance Fund. Any contributions we are required to make as part of the DIS (and any associated costs) are a cost to our business, and such costs, including any future increases, may have an adverse effect on our business, financial condition or results of operations. As a bank licensed by the Guernsey Financial Services Commission, we are required to pay contributions to the Guernsey DCS. Currently, we are required to pay an administration levy which is calculated by the Guernsey DCS Board. The amount of the contribution we are liable to pay may change from time to time and there is no guarantee that the current rate charged by the Guernsey DCS Board will stay the same and not increase. In the event of the failure of a Guernsey licensed bank, the Guernsey DCS Board will estimate the total level of compensation levy required and the Bank will be liable in equal shares with every other participant (i.e., every other licensed bank in Guernsey) for the first £10,000,000 and subject to certain caps for any one bank. If the total compensation levy exceeds £10,000,000, then the Bank will be liable on a pro-rata basis (calculated by reference to the total "value at risk" of our Guernsey deposits compared to the Guernsey market) with every other participant for the amount of such excess. We may also not be able to recover our contributions to the Guernsey DCS from any failed licensed bank whose insured depositors receive payments from the Guernsey DCS. Any contributions we are required to make as part of the Guernsey DCS (and any associated costs) are a cost to our business, and such costs, including any future increases, may have an adverse effect on our business, financial condition or results of operations. The Jersey Bank DCS is funded primarily through an upfront loan from the States of Jersey. In the event of a bank failing, levies would be raised on Jersey banks, subject to certain caps for banking groups over a five-year period, based on the proportion of protected deposits each bank holds to repay the loan. In the event that the full £100 million liability of the Jersey DCS was called upon, banks would contribute approximately two-thirds of funding, with the States of Jersey contributing one-third. We are not currently required to pay any contributions to the Jersey DCS. Any contributions we may be required in future to make as part of the Jersey DCS (and any associated costs) are a cost to our business, and such costs, including any future increases, may have an adverse effect on our business, financial condition or results of operations.

Taxation & Government Incentives2 | 3.7%

Taxation & Government Incentives - Risk 1

US withholding tax and information reporting requirements imposed under the Foreign Account Tax Compliance Act may apply.

As discussed below under the heading "Certain Taxation Considerations - Material US Federal Income Tax Consequences - Foreign Account Tax Compliance Act Withholding," pursuant to the FATCA enacted in 2010, a 30% withholding tax will be imposed on certain payments to certain non-US financial institutions that fail to comply with certain information-reporting, account identification, withholding, certification and other FATCA-related requirements in respect of their direct and indirect US shareholders and/or US account holders. To avoid becoming subject to FATCA withholding, we and other financial institutions may be required to report information to the IRS regarding the holders of our common shares and to withhold on a portion of payments under our common shares to certain holders that fail to comply with the relevant information reporting requirements (or that hold our common shares directly or indirectly through certain non-compliant intermediaries). However, under proposed Treasury regulations, such withholding will not apply to payments made before the date that is two years after the date on which final regulations defining the term "foreign passthru payment" are enacted. The rules for the implementation of this legislation have not yet been fully finalized, so it is impossible to determine at this time what impact, if any, this legislation will have on holders of the common shares. Many countries, including Bermuda, have entered into agreements with the United States ("IGAs") to facilitate the implementation of FATCA. These IGAs modify the FATCA withholding regime described above. In December 2013, Bermuda entered into a Model 2 IGA with the United States pursuant to which Bermudian financial institutions are directed by the Bermudian authorities to register with the IRS and to enter into an agreement with the IRS to perform specified due diligence, reporting and withholding functions.

Taxation & Government Incentives - Risk 2

If we are considered to be a passive foreign investment company, such characterization could result in adverse US federal income tax consequences to shareholders that are US investors.

Special adverse US federal income tax rules apply if a US shareholder holds shares of a company that is treated as a PFIC, for any taxable year during which the US shareholder held such shares. A foreign corporation will be considered a PFIC for any taxable year in which (1) 75% or more of its gross income is passive income, or (2) 50% or more of the average fair market value of its assets is attributable to assets that produce or are held for the production of passive income (the "asset test"). Passive income for this purpose generally includes dividends, interest, royalties, rents, annuities and gains from assets that produce passive income. If a foreign corporation owns at least 25% (by value) of the stock of another corporation, the foreign corporation is treated, for purposes of the PFIC tests, as owning a proportionate share of the other corporation's assets and receiving its proportionate share of the other corporation's income. Banks generally derive a substantial part of their income from assets that are interest-bearing or that otherwise could be considered passive under the PFIC rules. The IRS, has issued a notice, and has proposed regulations, that exclude from passive income any income derived in the active conduct of a banking business by a qualifying foreign bank. Based upon the proportion of our income derived from activities that are "bona fide" banking activities for US federal income tax purposes, we believe that we were not a PFIC for the taxable year ended December 31, 2023 (the latest period for which the determination can be made) and, based further on our present regulatory status under local laws, the present nature of our activities, and the present composition of our assets and sources of income, we do not expect to be a PFIC for the current year or for any future years. However, PFIC status is a factual determination and there are uncertainties in the application of the relevant rules. Moreover, the IRS may issue guidance in the future with different requirements to be a qualified foreign bank, which we may not satisfy. Accordingly, there can be no assurances that we will not be a PFIC for any particular year. If we were a PFIC in any taxable year during which a US shareholder owns our common shares and the US shareholder does not make a "mark-to-market" election, as discussed under the heading "Certain Taxation Considerations - Material US Federal Income Tax Consequences - US shareholders - Passive Foreign Investment Company Considerations," or a special "purging election," we generally would continue to be treated as a PFIC with respect to such US shareholders in all succeeding years, regardless of whether we continue to meet the income or asset test discussed above. US shareholders are urged to consult their own tax advisers with respect to the tax consequences to them if we were to become a PFIC for any taxable year in which they own our common shares.

Environmental / Social1 | 1.9%

Environmental / Social - Risk 1

Changed

Requirements and expectations from our regulators and other stakeholders on sustainability, environmental, social and governance issues could significantly impact our business.

Regulators, investors and customers are increasingly focused on sustainability and ESG issues. Certain of our regulators have proposed or adopted, or may propose or adopt, sustainability and ESG-related rules or standards that could apply to our business, including requirements or expectations that would enhance or expand our reporting, diligence, and policies on these topics. Other stakeholders have also proposed or adopted sustainability and ESG-related standards or policies, and may rate or otherwise, evaluate our business and other practices according to such requirements, standards and policies, which are continually evolving and often not clear. Unfavorable ratings of the Bank may adversely affect investor sentiment towards the Bank or the market price of our securities, see also " - Severe weather, natural disasters and potential impacts of climate change could disrupt our businesses and adversely affect our financial condition or results of operations." ESG regimes in different jurisdictions and ESG standards used by different stakeholders may also impose different and potentially conflicting requirements, or reflect inconsistent or conflicting values or agendas. See also "- Our international business model exposes us to various and possibly conflicting regulatory regimes across multiple jurisdictions." We may need to incur significant costs in order to meet the requirements and expectations of our regulators and other stakeholders on ESG issues. Our policies and processes to evaluate and manage ESG standards in coordination with other business priorities may not prove completely effective or satisfy regulators, investors, customers, or other stakeholders. As a result, we could face adverse regulatory, investor, customer, media, or public scrutiny leading to business, reputational, or legal challenges.

Macro & Political

Total Risks: 6/54 (11%)Above Sector Average

Economy & Political Environment4 | 7.4%

Economy & Political Environment - Risk 1

Because the primary markets in which we operate do not have well-diversified economies, a downturn in their key industries could affect their economies as a whole and have an adverse effect on our business, financial condition or results of operations.

Bermuda is among the largest reinsurance markets in the world. The Cayman Islands is a leader in fund domiciliation for global asset managers, with 13,008 regulated mutual funds as at December 31, 2023 according to CIMA. International financial services account for a significant portion of the economies of the Channel Islands. Many of our commercial customers are reinsurance, regulated fund service providers and financial intermediaries. As a result, a downturn in these key sectors, a change in laws or regulations (including the favorable tax treatment of entities in these jurisdictions), or a shift of business away from Bermuda, the Cayman Islands, or the Channel Islands, including as a result of the inclusion of any of these jurisdictions on the EU list of non-cooperative jurisdictions for tax purposes or the implementation of the global minimum tax regime proposed by the OECD in Bermuda or any of these jurisdictions, could result in a downturn in these key sectors, job losses and adversely impact the economies in these markets. Any downturn or further concentration in the reinsurance, investment and asset management and banking markets could also adversely affect our business, financial condition and results of operations.

Economy & Political Environment - Risk 2

Continued elevated levels of inflation could pose a risk to our financial performance.

Global economies, including the jurisdictions in which we operate, continue to experience elevated levels of inflation. The duration and severity of the current inflationary period is unknown and cannot be estimated with precision. Increased costs as a result of inflation could reduce our profit margins or could result in deposit outflows, which could also negatively impact our liquidity. Inflation may also result in reduced valuations on long duration financial assets and real estate and impact the value of collateral pledged for loans. Additionally, inflation has increased volatility and uncertainty in the business environment, which could adversely impact loan demand and our clients' ability to repay indebtedness. A failure to accurately anticipate higher inflation may result in mispricing of our products. As a result, a sustained period of high inflation in our key markets could adversely affect our business, financial position or results of operations.

Economy & Political Environment - Risk 3

Adverse economic and market conditions in Bermuda, the Cayman Islands, the Channel Islands and the UK, and other markets in which we operate, have in the past resulted in and could in the future result in lower revenue, lower asset quality, increased provisions and lower earnings.

Our financial performance generally, and in particular the ability of our borrowers to pay interest and repay principal on outstanding loans and the value of the collateral securing those loans, as well as demand for loans and other products and services we offer and whose success we rely on to drive our future growth, are highly dependent upon the business environment in the markets in which we operate. A downturn in any of Bermuda, the Cayman Islands, and the Channel Islands and the UK can have a profound impact on our business performance. Some elements of the business environment that affect our financial performance include short-term and long-term interest rates, any downgrade in sovereign credit ratings to which our credit ratings are correlated, the prevailing yield curve, inflation and price levels, monetary and fiscal policy, regulatory or legal changes (including changes in tax laws) or changes in enforcement thereof, unemployment rates, investor or business confidence, natural or man-made disasters, the strength of the local economy in the markets in which we operate, or a combination of these or other factors. For example, the recent downgrade by Fitch Rating Services of the US Long-Term Foreign-Currency Issuer Default Rating to 'AA+' from 'AAA' impacted the ratings on the Banks' holdings of US government treasuries and mortgage-backed securities issued by US governmental agencies. Any further downgrade could further affect the stability of securities issued or guaranteed by the federal government and the valuation or liquidity of our portfolio of such investment securities, and could result in our counterparties requiring additional collateral for our borrowings. Unfavorable market conditions can result in a deterioration in the credit quality of our borrowers and the demand for our products and services, an increase in the number of loan delinquencies, defaults and charge-offs, additional provisions for loan losses, decreases in asset values, deterioration in investment performance and an overall material adverse effect on the quality of our loan portfolio.

Economy & Political Environment - Risk 4

Changed

Macroeconomic factors, including regional conflicts, and other geopolitical events could disrupt our businesses and adversely affect our financial condition or results of operations.

We are exposed to risks arising out of geopolitical events, such as trade barriers, including the imposition of tariffs and other limitations on international trade and travel; exchange controls; uncertainty concerning fiscal or monetary policy, government shutdowns, debt ceilings or funding; concerns about sovereign defaults; other measures taken by sovereign governments, including by the US; and uncertainty arising from recent or upcoming elections that can hinder economic or financial activity levels. Furthermore, unfavorable political, military or diplomatic events, armed conflict, terrorist acts and threats, and pandemics and other health emergencies, and the responses to them by governments, could also negatively affect economic activity and have an adverse effect upon our business, financial condition or results of operations. Political and economic uncertainty or conflict has in the past led, and could in the future lead, to declines in market liquidity and activity levels, volatile market conditions and exchange rates, a contraction of available credit, exacerbation of supply chain disruptions, inflationary pressures and higher interest rates and financing issues, declines in the real estate market, weaker economic growth and investment performance and reduced business confidence, all of which could impact our business. The international response to Russia's invasion of Ukraine and the impact of the resulting direct and indirect sanctions against Russian and Belarusian individuals and entities may continue to expose us to legal and regulatory uncertainty associated with indirect exposure to Russia, Belarus or Ukraine through operations, investment and securities trading; or business relationships, connections to, or assets in Russia, Belarus or Ukraine. We could be similarly exposed as a result of the Middle Eastern conflict and the US and UK announcing jointly coordinated sanctions targeting Hamas individuals and entities. The US-China relationship remains complex, and there is a risk of increased restrictions and other measures being imposed by the US and other governments in relation to China. In addition, the on-going Russia-Ukraine conflict and the current Middle Eastern conflict may continue to exacerbate issues, affecting supply in certain sectors including consumer goods, metals, food, chemicals and commodities and leading to instability in financial markets, political and social instability, as well as heightened risks of cyberattacks and espionage. Sanctions imposed in response to such conflicts could further adversely impact the financial markets and the global economy, and any economic countermeasures by the affected countries or others could increase market and economic instability. Changes in legislation and regulation or an attempt by any territory or dependency of the UK in which we operate to declare independence from the UK or to implement changes in its constitution, including its fiscal and monetary policies, could have a negative effect on the applicable jurisdiction's position as an international business center. This could have a significant negative effect on the local economy and in turn negatively affect our business.

Natural and Human Disruptions1 | 1.9%

Natural and Human Disruptions - Risk 1

Severe weather, natural disasters and potential impacts of climate change could disrupt our businesses and adversely affect our financial condition or results of operations.

The key markets in which we operate including Bermuda and the Cayman Islands, as well as our and our customers' business, operations and financial conditions are subject to the risks associated with severe weather conditions (including tropical storms, hurricanes, tornadoes), earthquakes, rising sea levels and other natural disasters, including downed telephone lines, flooded facilities, power outages, fuel shortages, damaged or destroyed property and equipment, and work interruptions. Although hurricanes in the Caribbean and Bermuda during 2021, 2022 and 2023 did not negatively impact the Bank's operations or cause any insurable losses, such severe weather conditions and natural disasters have in the past and may, in the future, negatively impact us and our clients and their ability to meet their financial obligations to us, including the repayment of loans. Climate change may also aggravate the impact and increase the incidence of severe weather conditions and natural disasters, which may include altered distribution and intensity of rainfall, prolonged droughts or flooding, rising sea levels, and a rising heat index. Such events may, among other impacts, adversely affect borrowers (including those in the insurance and reinsurance industries), including resulting in an impairment of the value of property or other collateral used to secure the loans that we extend, as well as significantly impact the economies of the key markets in which we operate. The occurrence of any of these events could have a material adverse effect on our financial condition and results of operations. In addition, we cannot predict whether we will continue to be able to obtain insurance for natural disaster or climate change-related damages to our premises or, if obtainable and carried, whether this insurance will be adequate to cover our losses. Moreover, we expect any insurance of this nature to be subject to substantial deductibles and to provide for premium adjustments based on claims, and we do not carry insurance against all types of losses. For these reasons, costs and work interruptions resulting from such events (whether actual or anticipated) could have an adverse effect on our business, financial condition or results of operations. In addition, climate-related concerns have resulted in and may continue to drive changes in consumer, investor and other stakeholder preferences, additional regulatory requirements or taxes and additional counterparty or customer requirements, all of which could increase our expenses, expand our regulatory and operational risks and impact our financial condition. Further, our reputation and client relationships may be damaged as a result of our actual or perceived practices related to climate change,including our involvement, or our clients' involvement, in certain industries or projects associated with causing or exacerbating climate change, as well as decisions we make in response to considerations relating to climate change. We are also subject to risks relating to new or proposed climate change-related regulations or legislation as a result of governmental efforts around the world to mitigate climate change impacts, which could impact the Bank and its customers.

Capital Markets1 | 1.9%

Capital Markets - Risk 1

Volatility levels and fluctuations in foreign currency exchange rates may affect our business, financial position and results of operations.

We are exposed to foreign currency risk as a result of our holdings of foreign currency denominated assets and liabilities, investments in foreign subsidiaries, and future foreign currency denominated revenues and expenses. Fluctuations in exchange rates may raise the potential for losses resulting from foreign currency trading positions, where aggregate obligations to purchase and sell a foreign currency do not offset each other or offset each other in different time periods. Exchange rate volatility may have negative impacts on our business, financial position and results of operations. For example, the GBP/USD volatility experienced in the latter half of 2022 and into 2023 significantly impacted the value of GBP-denominated loans and deposits recorded on our consolidated balance sheets. We also provide foreign exchange services to our clients, including trading on behalf of clients in all major currencies and providing hedging solutions to manage foreign exchange risk. Foreign currency volatility influences the level of client activity. Changes in client activity may result in reduced income from foreign exchange services. In addition, the Bermuda Dollar and the Cayman Islands Dollar are pegged to the US Dollar at exchange rates of 1 Bermuda Dollar to 1 US Dollar and 1 Cayman Islands Dollar to 1.20 US Dollars, respectively. However, we cannot make assurances that these pegs will be maintained. In the event that the Bermuda Dollar or Cayman Islands Dollar is de-pegged or the current ratios are changed, including as a result of changes in laws, regulations or policies in these jurisdictions, the value of our financial position or results of operations could be adversely affected. Moreover, our US Dollar deposits are used to fund mortgages in Bermuda Dollars and Cayman Islands Dollars. As the Bermuda Dollar and the Cayman Islands Dollar are pegged to the US Dollar, we do not engage in hedging activities to counteract this currency risk. If the Bermuda Dollar or Cayman Islands Dollar ceased to be pegged to the US Dollar at the current ratios, however, we could be exposed to significant currency risks.

Ability to Sell

Total Risks: 5/54 (9%)Above Sector Average

Competition2 | 3.7%

Competition - Risk 1

Unlike banks that are more geographically diversified, our business is concentrated primarily in Bermuda, the Cayman Islands, and the Channel Islands and the UK, and we may be more affected by a downturn in these markets than more diversified competitors.

Our banking operations are concentrated in Bermuda, the Cayman Islands and the Channel Islands and the UK, and we serve customers in these markets. In the year ended December 31, 2023, 45%, 34% and 15%, of our total net revenue was derived from our Bermuda, Cayman, and Channel Islands and UK segments, respectively. In addition, in the year ended December 31, 2023, 37%, 25% and 38%, of our loans originated in Bermuda, Cayman, and Channel Islands and the UK, respectively. Accordingly, a downturn in these markets may have a profound effect on our banking business. In addition, we have sought to expand our core business lines, including through recent acquisitions. Any failure in our ability to expand our core business lines, successfully integrate recent acquisitions or any reduction in demand for our core services in our Bermuda, Cayman or Channel Islands and UK segments, including due to perceived reputational risks, increasing regulatory scrutiny over activities in these jurisdictions or otherwise, may adversely impact our business and results of operations, including the ongoing success of any of our acquired businesses.

Competition - Risk 2

We face competition in all aspects of our business, and may not be able to attract and retain wealth management, trust and banking clients at current levels.

We compete with a broad range of financial institutions. Many of our competitors are larger and have broader ranges of product and service offerings, increased access to capital, and greater efficiency and pricing power. We face competition from other lending institutions and from numerous other providers of financial services, including the following: - Non-banking financial institutions. The ability of these institutions to offer services previously limited to commercial banks has intensified competition. Because non-banking financial institutions are not subject to the same regulatory restrictions as banks, they can often operate with greater flexibility and lower cost structures; and - Competitors that have greater financial resources. Some of our larger competitors, including certain international banks that have a significant presence in our market area, may have greater capital and resources and higher lending limits and may offer products, services and technology that we do not. We cannot predict the reaction of our customers and other third parties with respect to our financial or commercial strength relative to our competition, including our larger competitors. In our banking business, we face competition mainly from other local banks, such as Bermuda Commercial Bank and Clarien Bank in Bermuda and from Cayman National Corporation in the Cayman Islands, as well as from subsidiaries of international banks, being Royal Bank of Canada in the Cayman Islands and HSBC in Bermuda, whom we view as our most significant competitors. In our wealth management business line, we face competition from local competitors, as well as much larger financial institutions, including financial institutions that are not based in the markets in which we operate. Revenues from the trust and wealth management business depend in large part on the level of AUA. In addition, as higher-for-longer interest rates have developed as the most likely scenario in the near term, competition for deposits has increased across our island jurisdictions, particularly in the Channel Islands. In our trust business, we face competition primarily from other specialized trust service providers. Many of our competitors in the international financial sector offer fund administration and corporate services work alongside private client fiduciary services. Our ability to successfully attract and retain trust, wealth management and banking clients is dependent upon our ability to compete with competitors' investment products, retail products and services, level of investment performance, client services and marketing and distribution capabilities. If we are not successful, our business, financial condition or results of operations may be adversely affected.

Demand2 | 3.7%

Demand - Risk 1

A decline in the residential real estate market, including in Bermuda, the Cayman Islands, the Channel Islands and the United Kingdom, could increase the risk of loans being impaired and could have an adverse effect on our business, financial condition or results of operations.

We are exposed to the risk that our borrowers may not repay their loans according to their contractual terms and that the collateral securing the payment of these loans may be insufficient. As at December 31, 2023, approximately 54% of our Bermuda loan portfolio, net of allowance for credit losses, was composed of residential mortgages in Bermuda; approximately 61% of our Cayman Islands loan portfolio, net of allowance for credit losses, was composed of residential mortgages in the Cayman Islands and approximately 89% of our Channel Islands and UK loan portfolio, net of allowance for credit losses, was composed of residential mortgages in the Channel Islands and the UK. A decline in the real estate market, in particular in Bermuda, the Cayman Islands, the Channel Islands and the UK, would mean that the collateral for our loans would hold less value. As a result, our ability to recover on defaulted loans by selling the underlying real estate would be diminished, and we would be more likely to suffer losses on the defaulted loans. Declines in the real estate market, including as a result of lower infrastructure spending in the markets in which we operate, could also adversely affect demand for new loans, further decreasing the interest revenue generated by our loan portfolio. In addition, if our estimate for our allowance for credit losses proves to be inadequate, we will have to increase the allowance accordingly and may have future charge-offs. This may lead to impairment charges on loans and other assets, higher costs and higher provisions for credit losses. The risk of loan impairment may be compounded by the fact that there is limited economic and statistical data regarding the Bermuda, the Cayman Islands and the Channel Islands real estate markets. Although reliable and comprehensive economic and statistical data is available for certain real estate markets, such as the Case-Schiller Home Price Index in the United States, there is no comparable statistical data or mechanism to value the overall real estate market in all our markets. This lack of information makes it difficult to assess the market value of real estate in these markets, and requires us to rely on observations of the valuation of our own real estate originations in order to assess whether the value of mortgaged real estate has declined. See "- The appraisals and other valuation techniques we use in evaluating and monitoring loans secured by real property may not accurately describe the net value of the collateral that we can realize." Any of the above factors could have an adverse effect on our business, financial condition or results of operations.

Demand - Risk 2

A decline in tourism in Bermuda and the Cayman Islands could adversely affect our business, financial condition or results of operations.

Tourism is a major contributor to the economies of Bermuda and the Cayman Islands. A decline of this industry in Bermuda or the Cayman Islands could have adverse effects on the economic stability of these jurisdictions, and our business, financial condition or results of operations. In addition, a decline in tourism could lead to (i) decreases in the value of hotels and other commercial properties, which could adversely affect our commercial loan portfolio, and (ii) increases in unemployment, which could affect the ability of our residential borrowers to make payments on their loans.

Brand / Reputation1 | 1.9%

Brand / Reputation - Risk 1

We rely on our reputation and the appeal of our brand to our customers. Any damage to our reputation and appeal could harm us and our business prospects.

The success of our strategy relies significantly on our reputation and the reputation of our senior management and the Board. In addition, our customers and key introducers must continue to associate our brand with meeting customer needs and delivering value to those customers. Adverse publicity (whether or not justified) relating to activities by our management, employees, agents or others with whom we do business, such as customer service mishaps or non-compliance with laws, could tarnish our reputation and reduce the value of our brand. With the increase in the use of social media outlets, adverse publicity can be disseminated quickly and broadly, making it increasingly difficult for us to effectively respond. Such unfavorable publicity could also require us to allocate significant resources to rebuild our reputation. As a bank operating in Bermuda, the Cayman Islands, the Channel Islands and other international financial centers, we are subject to increasing scrutiny with respect to potential or alleged legal and regulatory breaches and unethical behavior and associated reputational risks, including with respect to the general perception and reputation of financial institutions in those jurisdictions, which may in turn be affected by factors including the EU list of non-cooperative jurisdictions for tax purposes, and policies on controversial industries such as gaming and cryptocurrencies, among others. See "Our business may be negatively impacted by the economic substance legislation and regulations in the jurisdictions in which we operate, including Bermuda, the Cayman Islands, and the Channel Islands." Any circumstance that causes real or perceived damage to our brand or reputation, or banking or wealth management generally in these jurisdictions, may negatively affect our relationships with our customers and key introducers, which would have an adverse effect on our business, financial condition or results of operations. Potential reputational issues include, but are not limited to: - breaching or facing allegations of having breached legal and regulatory requirements (including, but not limited to, conduct requirements, anti-money laundering requirements, anti-terrorism financing requirements, laws against assisting in tax evasion, cybersecurity and data protection laws, bribery and corruption);- legacy issues we inherit from the businesses we acquire through a merger or acquisition;- acting or facing allegations of having acted unethically (including having adopted inappropriate sales and trading practices);- failing or facing allegations of having failed to maintain appropriate standards of customer privacy, customer service and record-keeping;- failing to meet the expectations of our regulators (including with respect to capital requirements, liquidity, risk oversight, governance);- failing to appropriately address potential conflicts of interest;- experiencing technology failures that impact customer services and accounts;- failing to properly identify legal, reputational, credit, liquidity and market risks inherent in products offered;- failing to meet expectations from investors, customers, employees and regulators relating to environmental, social and governance disclosures, standards and practices; and - changing the terms of our product offerings and pricing that may result in outcomes for customers that are unfair or perceived to be unfair. A failure to address the above or any other relevant issues appropriately could make customers unwilling to do business with us, which could have an adverse effect on our business, financial condition or results of operations and could damage our relationships with our employees and regulators.

Tech & Innovation

Total Risks: 4/54 (7%)Above Sector Average

Innovation / R&D1 | 1.9%

Innovation / R&D - Risk 1

The addition of new products and services, or modified products or services may subject us to implementation and reputational risk.

From time to time, we may introduce new activities or new technology through new products and services within business entities (e.g. in Guernsey and Jersey we have introduced retail products such as residential mortgages and credit cards). There may be substantial risks and uncertainties associated with these efforts. Insufficient planning may lead to an incomplete assessment and understanding of associated risks involved with new activities and may result in inadequate oversight and controls. New activities may increase strategic risk where not compatible with the bank's risk appetite or strategic plan or do not provide an adequate return on investment; engagement of new activities without adequate due diligence and failure to provide adequate resources, expertise and experience to properly implement and oversee new activities. This can increase reputational risk and negative public opinion. Failure to successfully manage these risks in the development and implementation of new lines of business or new products or services could have a material adverse effect on our business, financial condition, and results of operations.

Trade Secrets1 | 1.9%

Trade Secrets - Risk 1

We may be alleged to have infringed upon intellectual property rights owned by others or may be unable to protect our own intellectual property.

Competitors or other third parties may allege that we, or consultants or other third parties retained or indemnified by us, infringe on their intellectual property rights. Even in instances where we believe that claims and allegations of intellectual property infringement against us are without merit, defending against such claims is time consuming and expensive and could result in the diversion of time and attention of our management and employees. In addition, although in some cases a third party may have agreed to indemnify us for such costs, such indemnifying party may refuse, or be unable, to uphold its contractual obligations. Moreover, we rely on a variety of measures to protect our intellectual property and proprietary information, including copyrights, trademarks, and controls on access and distribution. These measures may not prevent misappropriation or infringement of our intellectual property or proprietary information and a resulting loss of competitive advantage. In any event, we may be required to litigate to protect our intellectual property and proprietary information from misappropriation or infringement by others, which is expensive and could cause a diversion of resources and may not be successful.

Cyber Security1 | 1.9%

Cyber Security - Risk 1

Cyber-attacks, distributed denial of service attacks and other cybersecurity matters, if successful, could have an adverse effect on our business, financial condition or results of operations.

In the ordinary course of business, we rely on electronic communications and information systems to conduct our operations and store sensitive, proprietary or confidential data. The secure processing, storage, maintenance and transmission of this data is critical to our operations and reputation. We are under continuous threat from cyber-attacks, especially as we continue to expand customer capabilities to utilize the internet and other remote channels to transact business. If any of our data were mishandled, misused, improperly accessed, lost or stolen, or if our operations were disrupted, we could suffer significant financial, reputational or other damages. Two of the most significant cyber-attack risks that we face are e-fraud and loss of sensitive customer data. These risks may be more likely where third party vendors have access to or process data on our behalf. While such attacks are infrequent, they could present significant reputational, legal and regulatory costs to us if successful. In addition, the nature of cyber-attacks is constantly and rapidly evolving, and the use of AI by cybercriminals may increase the frequency and severity of cybersecurity attacks against us or our third-party vendors and clients. Attempts to infiltrate our systems may not be recognized until launched against us and in some cases are designed not to be detected. Although we make significant efforts to maintain the security and integrity of our information systems, there can be no assurances that our security measures will be effective. Third parties with whom we or our customers do business also present operational and information security risks to us, including security breaches or failures of their own systems. Cyber-attacks at third party service providers are also becoming increasingly common and, as a result, risks relating to cyber-attacks on our vendors have been increasing. We also face risks related to cyber-attacks and other security breaches in connection with credit card transactions that typically involve the transmission of sensitive information regarding our customers through various third parties, including merchant acquiring banks, payment processors, payment card networks (e.g., Visa or Mastercard), our processors, and clearing banks. Some of these parties have in the past been the target of security breaches and cyber-attacks, and because the transactions involve third parties and environments such as the point of sale that we do not control or secure, future security breaches or cyber-attacks affecting any of these third parties could impact us through no fault of our own, and in some cases we may have exposure and suffer losses for breaches or attacks relating to them, including from remediation costs, increased future protection costs, reputational harm, loss of customers and potential regulatory inquiries and/or civil litigation. We also rely on numerous other third-party service providers to conduct other aspects of our business operations and face similar risks relating to them. Our increased use of cloud and other technologies heighten our exposure to security weaknesses that may increase our risks to data breaches, data loss, data leakage, account hijacking, insecure application programming interfaces and other potential cyber-risk events. Many of our employees (and staff of service providers) work remotely or from other sites. These working arrangements could potentially provide increased opportunities for cyber threat actors to exploit. We cannot provide assurances that the safeguards we have put in place or may implement in the future will prevent all unauthorized infiltration or breach, or that we will not suffer material losses related to a security breach in the future. In recent years, U.S. regulators, including the FDIC, SEC, and the FINRA, have made statements concerning cybersecurity risk management, preparedness and resiliency for financial institutions such as us. These statements range from issues with respect to client account protections to business continuity, and represent the regulators' expectations for financial institutions to have more robust cybersecurity risk management and a preparedness and resiliency program for themselves and their service providers. A financial institution is also expected to develop processes to enable recovery of data and business operations and address rebuilding network capabilities and restoring data if the institution, or its critical service providers, fall victim to this type of cyber-attack. Any cyber incidents, such as those of our third party vendors, could result, among other things, in increased regulatory scrutiny and adverse regulatory or civil litigation consequences. The occurrence of a cyber-threat scenario could cause interruptions in our operations and result in the incurrence of significant costs, including those related to forensic analysis and legal counsel, each of which may be required to ascertain the extent of any potential harm to our customers, or employees, or damage to our information systems and any legal or regulatory obligations that may result therefrom. The SEC recently adopted rules that require us to publicly disclose information about a material cybersecurity incident, including the impact or reasonably likely impact. Disclosure may be required before the incident has been resolved or fully investigated. The occurrence of a cyber-threat may therefore have a material adverse effect on our reputation, financial condition and results of operations. Risks and exposures related to cybersecurity attacks are expected to remain high for the foreseeable future due to the rapidly evolving nature and sophistication of these threats, as well as due to the expanding use of Internet banking, mobile banking and other technology-based products and services by us and our clients. Due to the increasing sophistication of such attacks, we may not be able to prevent denial-of-service or other cyber-attacks that could compromise our normal business operations or the normal business operations of our clients, or result in the unauthorized use or disclosure of clients' confidential and proprietary information. The occurrence of any failure, interruption or security breach of network and computer systems resulting from denial-of-service or other cyber-attacks or security incidents could impact our ability to operate and serve our clients, damage our reputation, result in a loss of client business, subject us to additional regulatory scrutiny, or expose us to civil litigation and possible financial liability, any of which could adversely affect our business, results of operations or financial condition.

Technology1 | 1.9%

Technology - Risk 1

Our operations are reliant on effective implementation and use of technology and require us to adapt to new technologies, and a breach, interruption or failure of our technology services or the inability to effectively integrate new technologies could have an adverse effect on our business, financial condition or results of operations.

We rely heavily on communications and information systems to conduct business. In particular, we rely on technology to provide key components of our information system infrastructure, including loan, deposit and general ledger processing, risk management information collection and processing for internal control purposes, internet connections and network access. Any disruption in service of these key components, for example due to system errors, a natural catastrophe, or the termination of any third-party software licenses upon which any of these systems is based, could adversely affect our ability to effectively deliver products and services to clients, to detect, assess and manage risk and otherwise to conduct operations. See "- We rely on third parties to provide services that are integral to our ordinary operations, and their failure to perform in a satisfactory manner could negatively affect us." Furthermore, any security breach, due to computer viruses, programming, malfeasance or human errors or other events or developments, of information systems or data, whether managed by us or third parties, could interrupt our business, harm our reputation or cause a decrease in the number of clients using our services. The financial services industry is continually undergoing rapid technological change with frequent introductions of new, and technology-driven products and services. We face the risk of having to establish and maintain further improved technological capabilities, and our future success depends, in part, on our ability to recognize and implement new technologies to address our operational and internal control needs, operational efficiencies and to meet the demands of our clients. See "- Cyber-attacks, distributed denial of service attacks and other cybersecurity matters, if successful, could have an adverse effect on our business, financial condition or results of operations." The widespread adoption of new technologies, including cryptocurrencies, blockchain, machine learning and artificial intelligence, have and could continue to require substantial expenditures to modify or adapt our existing products and services as we continue to grow our internet and mobile banking capabilities or other technological-based distribution channels. The persistence or acceleration of this shift in demand towards internet and mobile banking has and may continue to necessitate changes to our retail distribution strategy, which include restructuring our branches and work force. These actions could lead to losses on these assets and may lead to increased expenditures to reform our retail distribution channel. Many of our competitors have substantially greater resources to invest in technological improvements than we do. We may not be able to effectively implement new, technology-driven products and services or be successful in marketing these products and services to our customers. In addition, the implementation of technological changes and upgrades to maintain current systems and integrate new ones may also cause service interruptions, transaction processing errors and system conversion delays and may cause us to fail to comply with applicable laws. Failure to successfully keep pace with technological change affecting the financial services industry and avoid interruptions, errors and delays could have an adverse effect on our business, financial condition, results of operations, or competitive position.

Production

Total Risks: 4/54 (7%)Below Sector Average

Employment / Personnel1 | 1.9%

Employment / Personnel - Risk 1

We could fail to attract, retain or motivate highly skilled and qualified personnel, including our senior management, other key employees or members of the Board, which could adversely affect our business.

Our ability to implement our strategic plan and our future success depends on our ability to continue to attract, retain and motivate highly skilled, diverse and qualified personnel, including our senior management and other key employees and directors, competitively with our peers. The marketplace for skilled personnel is competitive, which means the cost of hiring, incentivizing and retaining skilled personnel may continue to increase. For example, labor shortages and increased turnover in recent years has increased the cost of hiring, incentivizing and retaining skilled personnel. Increased turnover and the shortage of employees may put stress on internal control environments. While the Bank has experienced slightly higher turnover levels in 2022 and 2023 as compared to historical averages, we do not consider them to be material or systemic in nature. The failure to attract or retain, including as a result of an untimely death or illness of key personnel, or replace a sufficient number of appropriately skilled and key personnel could place us at a significant competitive disadvantage and prevent us from successfully implementing our strategy or effectively managing our risk framework and business operations. This could impair our ability to implement our strategic plan successfully, achieve our performance targets and otherwise have an adverse effect on our business, financial condition or results of operations. We may also be unable to attract and retain staff due to our locations. Many of our employees are employed in Bermuda, the Cayman Islands, and the Channel Islands, which are small markets. Therefore, location may be an impediment to attracting and retaining experienced personnel. Further, immigration laws in small markets impose limitations on attracting experienced personnel. In addition, governmental scrutiny with respect to matters relating to compensation and other business practices in the financial services industry has increased dramatically in the past several years and has resulted in more aggressive and intense regulatory supervision in certain markets in which we operate or are regulated. Future legislation or regulation or government views on compensation may result in us altering compensation practices in ways that could adversely affect our ability to attract and retain talented employees.

Supply Chain1 | 1.9%

Supply Chain - Risk 1

We rely on third parties to provide services that are integral to our ordinary operations, and their failure to perform in a satisfactory manner could negatively affect us.

We rely on third parties to provide services that are integral to our ordinary course operations, including providers of information technology, administrative or investment advisory services. These third party supported functions or operating systems may not function properly, become insufficient to support our evolving business needs or become defective or damaged as a result of a number of factors including events beyond our control. Enhancements and upgrades to third party supported infrastructure or operating systems entail significant time and costs, and create risks associated with implementing new systems and integrating them with existing ones. Due to the complexity of our systems, across multiple jurisdictions and product types, the process of enhancing our infrastructure and operating systems, including their security measures and controls, can create a risk of system disruptions and security issues. Similarly, we may not be able to timely recover critical business processes or operations that have been disrupted, which may further increase the associated costs and consequences of such disruptions. Although we have business continuity plans in place, cybersecurity and other safeguards in place to help provide operational resiliency, our business operations may be adversely affected by significant and prolonged disruption to our operating systems that support our businesses and customers. Furthermore, third parties on which we rely, could also introduce operational risk to us, including from information breaches or loss, breakdowns, cyber incidents, disruptions or failures of their own systems or infrastructure, or any deficiencies in the performance of their responsibilities. A material breach of customer data may negatively impact our business reputation and cause a loss of customer business; may result in increased expense to contain the event and/or require that we provide credit monitoring services for affected customers; may result in regulatory fines and sanctions; and/or may result in litigation. We rely on our outsourced service providers to implement and maintain prudent cybersecurity controls. We have procedures in place designed to assess a vendor's cybersecurity controls prior to establishing a contractual relationship and to periodically review assessments of those control systems; however, these procedures are not infallible and a vendor's system can be breached despite the procedures we employ. In addition, outsourcing is subject to regulatory controls in certain jurisdictions in which we operate and we may not always be able to obtain approval to outsource on terms available or sought by us, which could adversely affect our ability to enter into outsourcing arrangements. In addition, BNYM and Wells Fargo act as clearing houses for all our US Dollar transactions and, if our relationships with BNYM and Wells Fargo are terminated, we could lose our ability to engage in US Dollar transactions. For more information see " - We could be negatively affected if the soundness of other financial institutions and counterparties deteriorates or if such counterparties, including clearing houses, are unwilling to do business with us, in particular in respect of US Dollar transactions."

Costs2 | 3.7%

Costs - Risk 1

Our insurance coverage may not be adequate to cover all possible losses that we could suffer, and our insurance costs could increase in the future.

Our insurance policies do not cover all types of potential losses and liabilities and are subject to limits and deductibles. There can be no assurance that our insurance will be sufficient to cover the full extent of all losses or liabilities for which we are ultimately responsible, which could result in losses being incurred by the Bank. Additionally, we cannot guarantee that we will be able to renew our current insurance policies on favorable terms, or at all.

Costs - Risk 2

Changed

The costs of complying with, or our failure to comply with, domestic and foreign laws related to privacy, data security and data protection, such as the EU General Data Protection Regulation, could adversely affect our financial condition, operating results and reputation.

Regulatory authorities have increased their focus on how companies collect, process, use, store, share and transmit personal data. Data privacy laws and regulations, including the UK's Data Protection Act 2018, the Data Protection (Jersey) Law 2018, the Data Protection (Bailiwick of Guernsey) Law 2017, The Cayman Islands Data Protection Act 2021, Bermuda's Personal Information Protection Act 2016(which will become effective in January 2025), and the EU General Data Protection Regulation 2016, pose increasingly complex and rigorous compliance challenges, which may increase our compliance costs. Any failure to comply with data privacy laws and regulations could result in significant penalties, fines, legal challenges and reputational harm. See Item 4.B. "Business Overview - Supervision and Regulation".

See a full breakdown of risk according to category and subcategory. The list starts with the category with the most risk. Click on subcategories to read relevant extracts from the most recent report.

FAQ

What are “Risk Factors”?

Risk factors are any situations or occurrences that could make investing in a company risky.

The Securities and Exchange Commission (SEC) requires that publicly traded companies disclose their most significant risk factors. This is so that potential investors can consider any risks before they make an investment.

They also offer companies protection, as a company can use risk factors as liability protection. This could happen if a company underperforms and investors take legal action as a result.

It is worth noting that smaller companies, that is those with a public float of under $75 million on the last business day, do not have to include risk factors in their 10-K and 10-Q forms, although some may choose to do so.

How do companies disclose their risk factors?

Publicly traded companies initially disclose their risk factors to the SEC through their S-1 filings as part of the IPO process.

Additionally, companies must provide a complete list of risk factors in their Annual Reports (Form 10-K) or (Form 20-F) for “foreign private issuers”.

Quarterly Reports also include a section on risk factors (Form 10-Q) where companies are only required to update any changes since the previous report.

According to the SEC, risk factors should be reported concisely, logically and in “plain English” so investors can understand them.

How can I use TipRanks risk factors in my stock research?

Use the Risk Factors tab to get data about the risk factors of any company in which you are considering investing.

You can easily see the most significant risks a company is facing. Additionally, you can find out which risk factors a company has added, removed or adjusted since its previous disclosure. You can also see how a company’s risk factors compare to others in its sector.

Without reading company reports or participating in conference calls, you would most likely not have access to this sort of information, which is usually not included in press releases or other public announcements.

A simplified analysis of risk factors is unique to TipRanks.

What are all the risk factor categories?

TipRanks has identified 6 major categories of risk factors and a number of subcategories for each. You can see how these categories are broken down in the list below.

1. Financial & Corporate

Accounting & Financial Operations - risks related to accounting loss, value of intangible assets, financial statements, value of intangible assets, financial reporting, estimates, guidance, company profitability, dividends, fluctuating results.
Share Price & Shareholder Rights – risks related to things that impact share prices and the rights of shareholders, including analyst ratings, major shareholder activity, trade volatility, liquidity of shares, anti-takeover provisions, international listing, dual listing.
Debt & Financing – risks related to debt, funding, financing and interest rates, financial investments.
Corporate Activity and Growth – risks related to restructuring, M&As, joint ventures, execution of corporate strategy, strategic alliances.

2. Legal & Regulatory

Litigation and Legal Liabilities – risks related to litigation/ lawsuits against the company.
Regulation – risks related to compliance, GDPR, and new legislation.
Environmental / Social – risks related to environmental regulation and to data privacy.
Taxation & Government Incentives – risks related to taxation and changes in government incentives.

3. Production

Costs – risks related to costs of production including commodity prices, future contracts, inventory.
Supply Chain – risks related to the company’s suppliers.
Manufacturing – risks related to the company’s manufacturing process including product quality and product recalls.
Human Capital – risks related to recruitment, training and retention of key employees, employee relationships & unions labor disputes, pension, and post retirement benefits, medical, health and welfare benefits, employee misconduct, employee litigation.

4. Technology & Innovation

Innovation / R&D – risks related to innovation and new product development.
Technology – risks related to the company’s reliance on technology.
Cyber Security – risks related to securing the company’s digital assets and from cyber attacks.
Trade Secrets & Patents – risks related to the company’s ability to protect its intellectual property and to infringement claims against the company as well as piracy and unlicensed copying.

5. Ability to Sell

Demand – risks related to the demand of the company’s goods and services including seasonality, reliance on key customers.
Competition – risks related to the company’s competition including substitutes.
Sales & Marketing – risks related to sales, marketing, and distribution channels, pricing, and market penetration.
Brand & Reputation – risks related to the company’s brand and reputation.

6. Macro & Political

Economy & Political Environment – risks related to changes in economic and political conditions.
Natural and Human Disruptions – risks related to catastrophes, floods, storms, terror, earthquakes, coronavirus pandemic/COVID-19.
International Operations – risks related to the global nature of the company.
Capital Markets – risks related to exchange rates and trade, cryptocurrency.

Become an Expert with TipRanks Premium

What am I Missing?

Make informed decisions based on Top Analysts' activity

Know what industry insiders are buying

Get actionable alerts from top Wall Street Analysts

Find out before anyone else which stock is going to shoot up

Get powerful stock screeners & detailed portfolio analysis

Subscribe Now See Plans & Pricing