EX-99.1 2 cvly_ex991.htm SEPTEMBER 21 LETTER cvly_ex991.htm

EXHIBIT 99.1

  

 

September 21, 2021

 

Ms. Cynthia Dotzel
Mr. John Giambalvo
c/o Timothy J. Nieman, Esq.
Corporate Secretary
Codorus Valley Bancorp, Inc.
105 Leader Heights Road
York, PA 17405

 

VIA EMAIL

 

Cindy and John,

 

Reference is made to my letter to you dated September 3, 2021 (the September 3 Letter”) wherein I pointed out that, by tying a portion of the incentive compensation of named executive officers (“NEOs”) to pre-tax, pre-provision income, the board of directors (the “Board”) of Codorus Valley Bancorp, Inc (the “Corporation”; its banking subsidiary, PeoplesBank, A Codorus Valley Company, the “Bank”) and the compensation committee thereof (the “Compensation Committee”) had created an incentive for NEOs to add more loans with little regard to the consequences if those loans went bad.[1]

 

Based on my review of the Corporation’s 2020 Proxy Statement, it does not appear that the Board has a loan review or risk committee comprised entirely of directors. Rather, the Corporation has an enterprise risk management committee (the “Enterprise Risk Management Committee”) that:

 

provides general risk oversight and is generally responsible for risk management, which includes monitoring and ensuring that credit risk, interest rate risk, liquidity risk, price risk, transaction risk, compliance risk, strategic risk and reputation risk assumed by the Corporation is consistent with the levels established by the Board.[2]

 

Per the 2020 Proxy Statement, the Enterprise Risk Management Committee is comprised of:

 

Chief Risk Officer, President and Chief Executive Officer of the Bank, General Counsel, Chief Financial Officer, Chief Credit Officer, BSA and Security Officer, and Loan Review Officer, as well as representatives from the Board of Directors (currently Sarah M. Brown, Larry J. Miller and Harry R. Swift, Esq.). Mr. Swift chairs the committee.

 

___________________________

1 The Corporation’s 2021 notice of annual meeting of shareholders and proxy statement (the “2020 Proxy Statement”) named the following as executive officers:

 

Larry J. Miller

Chairman, President and Chief Executive Officer of the Corporation; Executive Chairman of the Bank

Craig L. Kauffman

Executive Vice President and Chief Operating Officer of the Corporation; President and Chief Executive Officer of the Bank

Larry D. Pickett-

Treasurer of the Corporation; Executive Vice President and Chief Financial Officer of the Bank

Diane E. Baker-

Vice President, Assistant Treasurer and Assistant Secretary of the Corporation; Executive Vice President, Chief Operating and Chief Risk Officer of the Bank

Amy L. Doll

Senior Vice President, Chief Revenue and Chief Lending Officer of the Bank

 

2 The 2020 Proxy Statement also indicates that the Enterprise Risk Management Committee “operates pursuant to a written charter,” but it does not appear that the charter is publicly available. https://www.sec.gov/Archives/edgar/data/806279/000089710121000271/codorus210474_def14a.htm

The Board’s audit committee, per its charter, is not responsible for oversight regarding credit risk: its oversight responsibility is limited to “Codorus Valley Bancorp’s consolidated financial statements and the annual independent audit of those statements, the financial reporting process, systems of internal accounting and financial controls, the Corporation’s compliance with laws, regulations, and its Code of Conduct, and the internal audit function, which shall include information technology security and control.”

https://s25.q4cdn.com/799964164/files/doc_downloads/2021/03/Audit-Committee-Charter-2020.pdf

 

 

1

 

    

Of the Enterprise Risk Management Committee’s ten members, at least four of them are NEOs. The 2020 Proxy Statement does not disclose whether the non-NEO management members of the Enterprise Risk Management Committee have the same type of bonus arrangements as the NEOs. Of the three directors who serve on the Enterprise Risk Management Committee, one, Larry Miller, is a NEO and another, Harry Swift (who has subsequently retired) was a long serving employee of the Corporation.

 

To put it bluntly, not only has the Board created a bonus arrangement that may encourage excessive risk taking, but the committee that “provides general risk oversight and is generally responsible for risk management” includes at least four members who are compensated pursuant to that bonus arrangement. What is the point of the Enterprise Risk Management Committee if so many of its members have been incentivized—by the Board and the Compensation Committee—to take greater risks? At the risk of pointing out the obvious, such an arrangement is tantamount to the fox guarding the henhouse.

 

To put it even more bluntly, the Corporation’s governance has been and continues to be fundamentally flawed and the mere “retirement” of Larry Miller as the Corporation’s chief executive officer does little to remedy the Board’s massive failures of oversight, nor does it provide confidence that the Board is capable of exercising appropriate and effective oversight in the future. It is time for the Board to do what is right for shareholders and run a sale process.

 

* * *

 

I previously mentioned to Tim Nieman, the Corporation’s general counsel, that I would like to set a time to talk with you again, preferably in person. Please advise when you would be available for a meeting. In addition, I am still waiting for the list of companies the Corporation uses for peer analysis that you had promised to send to me.

 

#oversightnotalignment

 

 

Very truly yours,

 

 

 

 

 

/s/ J. Abbott R. Cooper

 

   

 

2