UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
FORM
For the fiscal year ended
or
For the transition period from ____to____
Commission file number
(Exact name of registrant as specified in its charter)
|
||
(State or other jurisdiction of incorporation or organization) |
|
(I.R.S. Employer Identification No.) |
(Address of principal executive offices) (Zip Code)
Registrant’s telephone number, including area code: (
Securities registered pursuant to Section 12(b) of the Act:
Title of each class |
|
Trading Symbol(s) |
|
Name of each exchange on which registered |
|
|
Securities registered pursuant to Section 12(g) of the Act:
Title of each class |
|
Trading Symbol(s) |
|
Name of each exchange on which registered |
7.2% Cumulative Trust Preferred Securities |
|
BANFP |
|
NASDAQ Global Select Market System |
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes ☐
Indicate by check mark whether the registrant (1) has filed all reports required by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T during the preceding 12 months (or for such shorter period that the registrant was required to submit such files).
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.
|
☒ |
|
Accelerated filer |
|
☐ |
|
|
|
|
|
|||
Non-accelerated filer |
|
☐ |
|
Smaller reporting company |
|
|
|
|
|
|
|
|
|
Emerging growth company |
|
|
|
|
|
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐
Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.
If securities are registered pursuant to Section 12(b) of the Act, indicate by check mark whether the financial statements of the registrant included in the filing reflect the correction of an error to previously issued financial statements.
Indicate by check mark whether any of those error corrections are restatements that required a recovery analysis of incentive-based compensation received by any of the registrant’s executive officers during the relevant recovery period pursuant to §240.10D-1(b). ☐
Indicate by check mark whether the registrant is a shell company (as defined by Rule 12b-2 of the Exchange Act). Yes ☐ No
The aggregate market value of the Common Stock held by nonaffiliates of the registrant computed using the last sale price on June 30, 2023 was approximately $
DOCUMENTS INCORPORATED BY REFERENCE:
Portions of the Proxy Statement for the 2024 Annual Meeting of Stockholders of the registrant (the “2024 Proxy Statement”) to be filed pursuant to Regulation 14A are incorporated by reference into Part III of this report.
BANCFIRST CORPORATION
ANNUAL REPORT ON FORM 10-K
TABLE OF CONTENTS
Item |
|
|
|
Page |
|
|
PART I |
|
|
1. |
|
|
|
2 |
1A. |
|
|
|
16 |
1B. |
|
|
|
24 |
1C. |
|
|
25 |
|
2. |
|
|
|
26 |
3. |
|
|
|
26 |
4. |
|
|
|
26 |
|
|
PART II |
|
|
5. |
|
|
|
27 |
6. |
|
|
|
27 |
7. |
|
Management’s Discussion and Analysis of Financial Condition and Results of Operations |
|
28 |
7A. |
|
|
|
49 |
8. |
|
|
|
50 |
9. |
|
Changes in and Disagreements with Accountants on Accounting and Financial Disclosure |
|
104 |
9A. |
|
|
|
104 |
9B. |
|
|
|
107 |
9C. |
|
Disclosure Regarding Foreign Jurisdictions that Prevent Inspections |
|
107 |
|
|
PART III |
|
|
10. |
|
|
107 |
|
11. |
|
|
|
107 |
12. |
|
Security Ownership of Certain Beneficial Owners and Management |
|
107 |
13. |
|
Certain Relationships and Related Transactions, and Director Independence |
|
107 |
14. |
|
|
|
107 |
|
|
PART IV |
|
|
15. |
|
|
108 |
|
|
|
111 |
PART I
Item 1. Business.
General
BancFirst Corporation (the “Company”) is a financial holding company headquartered in Oklahoma City, Oklahoma and registered under the Bank Holding Company Act of 1956, as amended (the “BHC Act”). It conducts a vast majority of its operating activities through its wholly-owned subsidiary, BancFirst (“BancFirst”), an Oklahoma state-chartered bank headquartered in Oklahoma City, Oklahoma. The Company also conducts operating activities through its wholly-owned subsidiaries, Pegasus Bank (“Pegasus”), a Texas state-chartered bank headquartered in Dallas, Texas and Worthington Bank ("Worthington"), a Texas state-chartered bank headquartered in Arlington, Texas. In addition, the Company owns 100% of the common securities of BFC Capital Trust II (a Delaware business trust), 100% of Council Oak Partners LLC, an Oklahoma limited liability company engaging in investing activities and 100% of BancFirst Insurance Services, Inc., an Oklahoma business corporation operating as an independent insurance agency.
The Company was incorporated as United Community Corporation in July 1984 to become a bank holding company. In June 1985, it merged with seven Oklahoma bank holding companies that had operated under common ownership and the Company has conducted business as a bank holding company since that time. Over the next several years, the Company acquired additional banks and bank holding companies, and in November 1988, the Company changed its name to BancFirst Corporation. Effective April 1, 1989, the Company consolidated its 12 subsidiary banks and formed BancFirst. Over the intervening decades, the Company has continued to expand through acquisitions and de-novo branches. BancFirst currently has 106 banking locations serving 59 communities throughout Oklahoma, Pegasus has 3 banking locations in the Dallas Metroplex area and Worthington has 5 locations in the Dallas-Fort Worth Metroplex area.
BancFirst’s strategy focuses on providing a full range of commercial banking services to retail customers and small to medium-sized businesses in both the non-metropolitan trade centers and cities in the metropolitan statistical areas of Oklahoma. BancFirst operates as a “super community bank”, managing its community banking offices on a decentralized basis, which permits them to be responsive to local customer needs. Underwriting, funding, customer service and pricing decisions are made by presidents in each market within BancFirst’s strategic parameters. At the same time, BancFirst generally has a larger lending capacity, broader product line and greater operational scale than its principal competitors do in the non-metropolitan market areas (which typically are independently owned community banks). In the metropolitan markets served by BancFirst, the Company’s strategy is to focus on the needs of local businesses that seek more responsive services than are available at larger institutions.
BancFirst maintains a strong community orientation by, among other things, selecting members of the communities in which BancFirst’s branches operate to local consulting boards that assist in marketing and providing feedback on BancFirst’s products and services to meet customer needs. As a result of the development of broad banking relationships with its customers and community branch network, BancFirst’s lending and investing activities are funded almost entirely by core deposits.
BancFirst centralizes virtually all of its processing, support and investment functions in order to achieve consistency and operational efficiencies. BancFirst maintains centralized control functions such as operations support, bookkeeping, accounting, loan review, compliance and internal auditing to ensure effective risk management. BancFirst also provides, on a centralized basis, certain specialized financial services that require unique expertise.
BancFirst provides a wide range of retail and commercial banking services, including: commercial, real estate, energy, agricultural and consumer lending; depository and funds transfer services; collections; safe deposit boxes; cash management services; trust services; and other services tailored for both individual and corporate customers. BancFirst provides item processing, research and other correspondent banking services to financial institutions and governmental units.
BancFirst’s primary lending activity is the financing of business and industry in its market areas. Its commercial loan customers are generally small to medium-sized businesses engaged in light manufacturing, local wholesale and retail trade, commercial and residential real estate development and construction, services, agriculture and the energy industry. Most forms of commercial lending are offered, including commercial mortgages, other forms of asset-based financing and working capital lines of credit. In addition, BancFirst offers Small Business Administration (“SBA”) guaranteed loans through BancFirst Commercial Capital, a division established in 1991.
2
Consumer lending activities of BancFirst consist of traditional forms of financing for automobiles, home equity loans and other personal loans. Residential loans consist primarily of home loans in non-metropolitan areas, which are generally shorter in duration than typical mortgages and reprice within five years.
BancFirst’s range of deposit services include checking accounts, Negotiable Order of Withdrawal (“NOW”) accounts, savings accounts, money market accounts, sweep accounts, club accounts, individual retirement accounts and certificates of deposit. Overdraft protection and auto draft services are also offered.
Trust services offered through BancFirst’s Trust and Investment Management Division (the “Trust Division”) consist primarily of investment management and administration of trusts for individuals, corporations and employee benefit plans. In addition, the Trust Division serves as bond trustee and paying agent for various Oklahoma municipalities and governmental entities.
Insurance services offered through BancFirst Insurance Services, Inc. consists of business and personal insurance, employee benefits, surety bonds and claims and risk management.
BancFirst has the following 100% owned principal subsidiaries: BancFirst Agency, Inc., a credit life insurance agency, BFC-PNC, LLC and BF Brazito, LLC, both operating subsidiaries to hold other real estate owned, BFTower, LLC (which owns a 49% ownership interest in SFPG, LLC, a parking garage, and a 50% ownership interest in ParcFirst@Bricktown, LLC, a surface parking lot). All of these companies are Oklahoma entities.
Pegasus and Worthington's lending activities include private banking, commercial and residential real estate, commercial and industrial and energy loans. They each have a full complement of deposit products including sweep accounts and securities investment products. They provide a wide range of banking services to individual and corporate customers and are subject to competition from other local, regional, and national financial institutions.
Human Capital Resources
As of December 31, 2023, the Company employed 2,109 full time equivalent employees. None of its employees are represented by collective bargaining agreements. The Company views its employees as a differentiator, enabling the Company to meet customers’ needs through highly trained and motivated employees. The Company’s approach to human capital resources focuses on objectives that include, but are not limited to, providing fair and equitable compensation, training employees to reach heightened skill sets and standards of motivation, identifying and developing the proficiencies of all employees, and enhancing ongoing diversity, equity, and inclusion initiatives.
The Company recognizes the importance of maintaining a culture of feedback and employee recognition, and asks its supervisors to focus on ensuring that the Company’s employees feel a sense of belonging at work, fostering peer-to-peer connections and appropriate subordinate/supervisor relationships and communications. The Company provides its employees with competitive compensation and benefits packages. The Company encourages its employees to be alert for opportunities to improve quality and efficiency. In addition, the Company affords its employees opportunities to learn how their work fits into the bigger picture and to gain a deeper appreciation for how they are making an impact within and outside the Company. Training resources and educational assistance are readily available, and the Company strives to promote, where practical, from within the Company. The Company identifies high potential candidates and provides specifically tailored plans for actualizing their development goals and career trajectories.
The Company views diversity, equity, and inclusion as a cultural and business imperative that must permeate its culture. By affirmatively recruiting, promoting, and developing an increasingly diverse group of prospective and current employees into managerial roles, the Company works to create a more appealing work environment for attracting and retaining larger numbers of diverse employees. The Company is committed to a policy of consistent treatment and equal employment opportunity in all recruitment and employment practices and is an affirmative action employer.
Climate-Related and Other Environmental, Social and Governance Developments
In recent years, federal, state and international lawmakers and regulators have increased their focus on risk oversight, disclosures and practices in connection with climate change and other environmental, social and governance matters. For example, in March 2022, the SEC issued a proposed rule on the enhancement and standardization of climate-related disclosures for investors. The proposed rule would require public issuers, including us, to significantly expand the scope of climate-related disclosures in their SEC filings and,
3
based on the SEC rules hearing agenda, is expected to be adopted in April, 2024. The SEC has also announced plans to propose rules to require enhanced disclosure regarding human capital management and board diversity for public issuers; those rules are, based on the SEC rules hearing agenda, expected to be proposed in April, 2024.
Market Areas and Competition
The banking environment in Oklahoma is very competitive. The geographic dispersion of the BancFirst’s banking locations presents several different levels and types of competition. In general, however, each location competes with other banking institutions, savings and loan associations, brokerage firms, personal loan finance companies and credit unions within their respective market areas. The communities in which BancFirst maintains offices are generally local trade centers throughout Oklahoma. The major areas of competition include interest rates charged on loans, underwriting terms and conditions, interest rates paid on deposits, fees on non-credit services, levels of service charges on deposits, completeness of product lines and quality of service.
Management believes BancFirst is in an advantageous competitive position operating as a “super community bank.” Under this strategy, BancFirst provides a broad line of financial products and services for small to medium-sized businesses and consumers through full service community banking offices with decentralized management, while achieving operating efficiency and product scale through product standardization and centralization of processing and other functions. Each full-service banking office has senior management with significant lending experience who exercise substantial autonomy over credit and pricing decisions. This decentralized management approach, coupled with continuity of service by the same staff members, enables BancFirst to develop long-term customer relationships, maintain high-quality service and respond quickly to customer needs. The majority of its competitors in the non-metropolitan areas are much smaller, and do not offer the range of products and services nor have the lending capacity of BancFirst. In the metropolitan communities, BancFirst’s strategy is to be more responsive to, and more focused on, the needs of local businesses that are not served effectively by larger institutions. As reported by the Federal Deposit Insurance Corporation (“FDIC”), the Company’s market share of deposits within the state of Oklahoma was 6.86% as of June 30, 2023 and 7.19% as of June 30, 2022.
Marketing to existing and potential customers is performed through a variety of media advertising, direct mail and direct personal contacts. BancFirst monitors the needs of its customer base through its Product Development Group, which develops and enhances products and services in response to such needs. Sales, customer service, compliance and product training are coordinated with incentive programs to sell BancFirst’s products and services.
The banking environment in North Texas is one of the most competitive in the nation. Pegasus and Worthington's marketing avoids media campaigns and their growth is dependent on the experience, knowledge and contacts of their relationship officers and directors.
Operating Segments
The Company has six principal business units: BancFirst metropolitan banks, BancFirst community banks, Pegasus, Worthington, other financial services and executive operations and support. For more information on the Company’s Operating Segments, see Note (23), “Segment Information,” to the Company’s Consolidated Financial Statements.
Control of Company
Affiliates of the Company beneficially own approximately 38% of the outstanding shares of the Company’s common stock as of January 31, 2024. Under the Company’s Bylaws, holders of a majority of the outstanding shares of common stock are able to elect all of the directors and approve significant corporate actions, including business combinations. Accordingly, while the Company’s affiliates do not have legal control, i.e., a majority of the outstanding shares of common stock, they have effective control of the Company.
Supervision and Regulation
Banking is a complex, highly regulated industry. The growth and earnings performance of the Company, BancFirst, Pegasus and Worthington can be affected by management decisions, general and local economic conditions, statutes, and the regulations and policies administered by various governmental regulatory authorities. These authorities include, but are not limited to, the Board of Governors of the Federal Reserve System (the “Federal Reserve Board”), the FDIC, the Oklahoma Banking Department and the Texas Department of Banking.
4
The primary goals of the bank regulatory framework are to maintain a safe and sound banking system and to facilitate the conduct of monetary policy. This regulatory framework is intended primarily for the protection of a financial institution’s depositors, rather than the institution’s stockholders and creditors. The following discussion describes certain of the material elements of the regulatory framework applicable to bank holding companies and financial holding companies and their subsidiaries and provides certain specific information relevant to the Company, which is both a bank holding company and a financial holding company. The descriptions are qualified in their entirety by reference to the specific statutes and regulations discussed. Further, such statutes, regulations and policies are continually under review by Congress and state legislatures, and federal and state regulatory agencies. A change in statutes, regulations or regulatory policies applicable to the Company, including changes in interpretation or implementation thereof, could have a material effect on the Company’s business.
Regulatory Agencies
In the U.S., banking is regulated at both the federal and state level. Commercial banks in the United States are able to choose to organize as national banks with a charter issued by the Office of the Comptroller of the Currency (“OCC”) or as state banks with a charter issued by a state government. The choice of charter determines which agency will supervise the bank: the primary supervisor of nationally chartered banks is the OCC, whereas state-chartered banks are supervised jointly by their state chartering authority and either the FDIC or the Federal Reserve Board, depending upon whether the state-chartered bank is a member of the Federal Reserve System. BancFirst is chartered by the State of Oklahoma and at the state level is supervised and regulated by the Oklahoma Banking Department under the Oklahoma Banking Code. Pegasus and Worthington are chartered by the State of Texas and at the state level are supervised and regulated by the Texas Department of Banking. On August 11, 2023, BancFirst became a Federal Reserve System member bank, which changed its primary regulator from the FDIC to the Federal Reserve System. Worthington became a Federal Reserve System member bank on September 1, 2023, and Pegasus became a Federal Reserve System member bank on October 12, 2023, which changed their primary regulator from the FDIC to the Federal Reserve System. Their deposits are insured by the Deposit Insurance Fund (“DIF”) of the FDIC to the extent provided by law.
As a financial holding company and a bank holding company, the Company is subject to comprehensive regulation by the Federal Reserve Board under the BHC Act, as amended by the Gramm-Leach-Bliley Act of 1999 (the “GLB Act”), the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act”), and other legislation, as well as other federal and state laws governing the banking business. The BHC Act provides generally for regulation of financial holding companies and bank holding companies such as the Company by the Federal Reserve Board, and for functional regulation of banking activities by bank regulators, securities activities by securities regulators, and insurance activities by insurance regulators. Additionally, the Company is under the jurisdiction of the Securities and Exchange Commission (“SEC”) and is subject to the periodic reporting, information, proxy solicitation, insider trading, corporate governance and other restrictions and requirements of the SEC under the Securities Exchange Act of 1934, as amended (the “Exchange Act”). The Company’s common stock is listed on the NASDAQ Global Select Market System under the trading symbol “BANF,” and is subject to the listing and marketplace rules of the NASDAQ Stock Market, Inc. (the “NASDAQ”).
The Federal Reserve Board supervises non-banking activities conducted by companies directly and indirectly owned by the Company. In addition, the Company’s non-banking subsidiaries are subject to various other laws, regulations, supervision and examination by other regulatory agencies, all of which directly or indirectly affect the operations and management of the Company and its ability to make distributions to stockholders.
Bank Holding Company and Financial Holding Company Activities
The BHC Act generally limits the activities in which the Company and its non-banking subsidiaries may engage, to managing or controlling banks and to a range of activities that are considered to be closely related to banking. The list of activities permitted by the Federal Reserve Board includes, among other things: lending; operating a savings institution, mortgage company, finance company, credit card company or factoring company; performing certain data processing operations; providing certain investment and financial advice; underwriting and acting as an insurance agent for certain types of credit-related insurance; leasing property on a full-payout, non-operating basis; selling money orders; real estate and personal property appraising; providing tax planning and preparation services; and, subject to certain limitations, providing securities brokerage services for customers. These activities may also be affected by other federal legislation.
Bank holding companies that have elected to be treated as financial holding companies, such as the Company, may engage in a broader range of activities considered "financial in nature."
5
“Financial in nature” activities include securities underwriting, dealing and market making, sponsoring mutual funds and investment companies, insurance underwriting and agency, merchant banking and other activities that the Federal Reserve Board, in consultation with the Secretary of the U.S. Treasury, determines from time to time to be financial in nature or incidental to such financial activity or is complementary to a financial activity and does not pose a safety and soundness risk.
To maintain financial holding company status, a financial holding company and all of its depository institution subsidiaries must be “well capitalized” and “well managed.” A depository institution subsidiary is considered “well capitalized” if it satisfies the requirements for this status discussed in the section captioned “Capital Requirements,” included elsewhere in this item. A depository institution subsidiary is considered “well managed” if it received a composite rating and management rating of at least “satisfactory” in its most recent examination. A financial holding company’s status will also depend upon it maintaining its status as “well capitalized” and “well managed” under applicable Federal Reserve Board regulations. If a financial holding company ceases to meet these capital and management requirements, the Federal Reserve Board’s regulations provide that the financial holding company must enter into an agreement with the Federal Reserve Board to comply with all applicable capital and management requirements. Until the financial holding company returns to compliance, the Federal Reserve Board may impose limitations or conditions on the conduct of its activities, and the company may not commence any of the broader financial activities permissible for financial holding companies or acquire a company engaged in such financial activities without prior approval of the Federal Reserve Board. If the company does not return to compliance within 180 days, the Federal Reserve Board may require divestiture of the holding company’s depository institutions. Bank holding companies and banks must also be both well capitalized and well managed in order to acquire banks located outside their home state.
In order for a financial holding company to commence any new activity permitted by the BHC Act or to acquire a company engaged in any new activity permitted by the BHC Act, each insured depository institution subsidiary of the financial holding company must have received a rating of at least “satisfactory” in its most recent examination under the Community Reinvestment Act. See the section captioned “Community Reinvestment Act” included elsewhere in this item.
The Federal Reserve Board has the power to order any bank holding company or its subsidiaries to terminate any activity or to terminate its ownership or control of any subsidiary when the Federal Reserve Board has reasonable grounds to believe that continuation of such activity or such ownership or control constitutes a serious risk to the financial soundness, safety or stability of any bank subsidiary of the bank holding company.
Federal and state laws impose notice and approval requirements for mergers and acquisitions of other depository institutions or bank holding companies. The BHC Act requires the prior approval of the Federal Reserve Board for the direct or indirect acquisition by a bank holding company of more than 5% of the voting shares or substantially all of the assets of a commercial bank or its parent holding company (including a financial holding company). Additionally, under the Bank Merger Act, the prior approval of the Federal Reserve Board or other appropriate bank regulatory authority is required for a bank to merge with another bank, purchase the assets or assume the deposits of another bank. In determining whether to approve a proposed bank acquisition or merger, bank regulatory authorities will consider, among other factors, the competitive effect and public benefits of the transactions, the capital position of the combined organization, the risks to the stability of the U.S. banking or financial system, the applicant’s performance record under the Community Reinvestment Act (see the section captioned “Community Reinvestment Act” included elsewhere in this item) and its compliance with fair housing and other consumer protection laws and the effectiveness of the subject organizations in combating money laundering activities.
Dividend Restrictions
The principal source of the Company’s liquidity is dividends from BancFirst. Various federal and state statutory provisions and regulations limit the amount of dividends the Company’s subsidiary banks and certain other subsidiaries may pay without regulatory approval. The payment of dividends by its subsidiary banks may also be affected by other regulatory requirements and policies, such as the maintenance of adequate capital. If, in the opinion of the applicable regulatory authority, a bank under its jurisdiction is engaged in, or is about to engage in, an unsafe or unsound practice (which, depending on the financial condition of the bank, could include the payment of dividends), such authority may require, after notice and hearing, that such bank cease and desist from such practice. The appropriate federal regulatory authorities have stated that paying dividends that deplete a bank’s capital base to an inadequate level would be an unsafe and unsound banking practice and that banking organizations should generally pay dividends only out of current operating earnings. In addition, in the current financial and economic environment, the Federal Reserve Board has indicated that bank holding companies should carefully review their dividend policy and has discouraged payment ratios that are at maximum allowable levels unless both asset quality and capital are very strong.
6
Transactions with Affiliates
The Company, BancFirst, Pegasus and Worthington are deemed affiliates of each other within the meaning of the Federal Reserve Act, and covered transactions between affiliates are subject to certain restrictions, including compliance with Sections 23A and 23B of the Federal Reserve Act and their implementing regulations. These regulations limit the types and amounts of covered transactions engaged in by a financial institution and its affiliates, and generally require those transactions to be on an arm’s-length basis. “Covered transactions” are defined by statute to include a loan or extension of credit, as well as a purchase of securities issued by an affiliate, a purchase of assets (unless otherwise exempted by the Federal Reserve Board) from the affiliate, certain derivative transactions that create a credit exposure to an affiliate, the acceptance of securities issued by the affiliate as collateral for a loan and the issuance of a guarantee, acceptance or letter of credit on behalf of an affiliate. In general, these regulations require that any such transaction by a financial institution with an affiliate must be secured by designated amounts of specified collateral and must be limited to certain thresholds on an individual and aggregate basis.
Federal law also limits a bank’s authority to extend credit to its directors, executive officers and 10% stockholders, as well as to entities controlled by such persons. Among other things, extensions of credit to insiders are required to be made on terms that are substantially the same as, and follow credit underwriting procedures that are not less stringent than, those prevailing for comparable transactions with unaffiliated persons. In addition, the terms of such extensions of credit may not involve more than the normal risk of non-repayment or present other unfavorable features and may not exceed certain limitations on the amount of credit extended to such persons individually and in the aggregate.
Source of Strength
Federal Reserve Board policy requires bank holding companies to act as a source of financial and managerial strength to their subsidiary banks and, under appropriate circumstances, to commit resources to support each such subsidiary bank. This support may be required at times when the bank holding company may not have the resources to provide the support. If a bank holding company was unable to pay mandated assessments in support of its subsidiary banks, the FDIC could order the sale of the bank holding company’s stock in the subsidiary banks to cover the deficiency.
Capital loans by a bank holding company to its subsidiary banks are subordinate in right of payment to deposits and certain other indebtedness of the subsidiary banks. In addition, in the event of a bank holding company’s bankruptcy, any commitment by the bank holding company to a federal bank regulatory agency to maintain the capital of its subsidiary banks will be assumed by the bankruptcy trustee and entitled to priority of payment.
Capital Requirements
The Company, BancFirst, Pegasus and Worthington are each required to comply with applicable capital adequacy standards established by the Federal Reserve Board and the FDIC. The current risk-based capital standards applicable to the Company, BancFirst, Pegasus and Worthington are based on the Basel III Capital Rules established by the Basel Committee on Banking Supervision (the “Basel Committee”). The Basel Committee is a committee of central banks and bank supervisors/regulators from the major industrialized countries that develops broad policy guidelines for use by each country’s supervisors in determining the supervisory policies they apply. The requirements are intended to ensure that banking organizations have adequate capital given the risk levels of assets and off-balance sheet financial instruments.
As an additional means to identify problems in the financial management of depository institutions, the Federal Deposit Insurance Act (the “FDI Act”) requires federal bank regulatory agencies to establish certain non-capital safety and soundness standards for institutions for which they are the primary federal regulator. The standards relate generally to operations and management, asset quality, interest rate exposure and executive compensation. The agencies are authorized to take action against institutions that fail to meet such standards.
The Basel III Capital Rules, among other things, (i) include a capital measure called “Common Equity Tier 1” (“CET1”), (ii) specify that Tier 1 capital consists of CET1 and “Additional Tier 1 capital” instruments meeting specified requirements, (iii) define CET1 narrowly by requiring that most deductions/adjustments to regulatory capital measures be made to CETI and not to the other components of capital, and (iv) require certain deductions/adjustments to capital.
7
Under the Basel III Capital Rules, the initial minimum capital ratios are as follows:
The Basel III Capital Rules also require a “capital conservation buffer”, composed entirely of CET1, on top of these minimum risk-weighted asset ratios. The capital conservation buffer is 2.5%. The Basel III Capital Rules also provide for a “countercyclical capital buffer” that is only applicable to certain covered institutions and does not have any current applicability to the Company, BancFirst, Pegasus or Worthington. The capital conservation buffer is designed to absorb losses during periods of economic stress and effectively increases the minimum required risk-weighted capital ratios. Banking institutions with a ratio of CET1 to risk-weighted assets below the effective minimum (4.5% plus the capital conservation buffer and, if applicable, the countercyclical capital buffer) will face constraints on dividends, equity repurchases and compensation based on the amount of the shortfall.
The Basel III Capital Rules require the Company, BancFirst, Pegasus and Worthington to maintain an additional capital conservation buffer of 2.5% of CET1, effectively resulting in minimum ratios of (i) CET1 to risk-weighted assets of at least 7%, (ii) Tier 1 capital to risk-weighted assets of at least 8.5%, (iii) a minimum ratio of total capital to risk-weighted assets of at least 10.5%; and (iv) a minimum leverage ratio of 4%. For more information on the Company’s Capital Ratios, see Note (15), “Stockholders’ Equity,” to the Company’s Consolidated Financial Statements.
Liquidity Coverage Ratio
The liquidity framework under the Basel III Capital Rules (the "Basel III liquidity framework") applies a balance sheet perspective to establish quantitative standards designed to ensure that a banking organization is appropriately positioned to satisfy its short- and long-term funding needs. One test to address short-term liquidity risk is referred to as the liquidity coverage ratio ("LCR"), designed to calculate the ratio of a banking entities' ratio of high-quality liquid assets to its total net cash flows over a 30-day time horizon. The other test, referred to as the net stable funding ratio ("NSFR"), is designed to promote more medium- and long-term asset funding by incenting banking entities to increase their holdings of U.S. Treasury securities and other sovereign debt, as well as increase the use of long-term debt as a funding source. Rules applicable to certain large banking organizations have been implemented for LCR and for NSFR; however, based on our asset size, these rules do not currently apply to the Company, BancFirst, Pegasus or Worthington.
Prompt Corrective Action
The FDI Act requires federal bank regulatory agencies to take “prompt corrective action” with respect to FDIC-insured depository institutions that do not meet minimum capital requirements. A depository institution’s treatment for purposes of the prompt corrective action provisions will depend upon how its capital levels compare to various capital measures and certain other factors, as established by regulation.
Under this system, the federal banking regulators have established five capital categories: well capitalized, adequately capitalized, undercapitalized, significantly undercapitalized and critically undercapitalized, in which all depository institutions are placed. The federal banking regulators have specified by regulation the relevant capital levels for each of the categories. Under certain circumstances, a well-capitalized, adequately capitalized or undercapitalized institution may be treated as if the institution were in the next lower capital category. Federal banking regulators are required to take various mandatory supervisory actions and are authorized to take other discretionary actions with respect to institutions in the three undercapitalized categories. The severity of the action depends upon the capital category in which the institution is placed. A depository institution that is undercapitalized is required to submit a capital restoration plan. Failure to meet capital guidelines could subject a bank to a variety of enforcement remedies by federal bank regulatory agencies, including termination of deposit insurance by the FDIC, restrictions on certain business activities and appointment of the FDIC as conservator or receiver. Generally, subject to a narrow exception, the banking regulator must appoint a receiver or conservator for an institution that is critically undercapitalized.
A bank will be (i) “well capitalized” if the institution has a total risk-based capital ratio of 10.0% or greater, a CET1 capital ratio of 6.5% or greater, a Tier 1 risk-based capital ratio of 8.0% or greater, and a leverage ratio of 5.0% or greater, and is not subject to any order or written directive by any such regulatory authority to meet and maintain a specific capital level for any capital measure; (ii)
8
“adequately capitalized” if the institution has a total risk-based capital ratio of 8.0% or greater, a CET1 capital ratio of 4.5% or greater, a Tier 1 risk-based capital ratio of 6.0% or greater, and a leverage ratio of 4.0% or greater and is not “well capitalized”; (iii) “undercapitalized” if the institution has a total risk-based capital ratio that is less than 8.0%, a CET1 capital ratio less than 4.5%, a Tier 1 risk-based capital ratio of less than 6.0% or a leverage ratio of less than 4.0%; (iv) “significantly undercapitalized” if the institution has a total risk-based capital ratio of less than 6.0%, a CET1 capital ratio less than 3.0%, a Tier 1 risk-based capital ratio of less than 4.0% or a leverage ratio of less than 3.0%; and (v) “critically undercapitalized” if the institution’s tangible equity is equal to or less than 2.0% of average quarterly tangible assets. An institution may be downgraded to, or deemed to be in, a capital category that is lower than indicated by its capital ratios if it is determined to be in an unsafe or unsound condition or if it receives an unsatisfactory examination rating with respect to certain matters. A bank’s capital category is determined solely for applying prompt corrective action regulations, and the capital category may not constitute an accurate representation of the bank’s overall financial condition or prospects for other purposes.
The FDI Act generally prohibits a depository institution from making any capital distributions (including payment of a dividend) or paying any management fee to its parent holding company if the depository institution would thereafter be “undercapitalized.” “Undercapitalized” institutions are subject to growth limitations and are required to submit a capital restoration plan. The agencies may not accept such a plan without determining, among other things, that the plan is based on realistic assumptions and is likely to succeed in restoring the depository institution’s capital. In addition, for a capital restoration plan to be acceptable, the depository institution’s parent holding company must guarantee that the institution will comply with such capital restoration plan. The bank holding company must also provide appropriate assurances of performance. The aggregate liability of the parent holding company is limited to the lesser of (i) an amount equal to 5.0% of the depository institution’s total assets at the time it became undercapitalized and (ii) the amount which is necessary (or would have been necessary) to bring the institution into compliance with all capital standards applicable with respect to such institution as of the time it fails to comply with the plan. If a depository institution fails to submit an acceptable plan, it is treated as if it is “significantly undercapitalized.”
“Significantly undercapitalized” depository institutions may be subject to a number of requirements and restrictions, including orders to sell sufficient voting stock to become “adequately capitalized,” requirements to reduce total assets, and cessation of receipt of deposits from correspondent banks. “Critically undercapitalized” institutions are subject to the appointment of a receiver or conservator.
The appropriate federal banking agency may, under certain circumstances, reclassify a well-capitalized insured depository institution as adequately capitalized. The FDI Act provides that an institution may be reclassified if the appropriate federal banking agency determines (after notice and opportunity for hearing) that the institution is in an unsafe or unsound condition or deems the institution to be engaging in an unsafe or unsound practice. The appropriate agency is also permitted to require an adequately capitalized or undercapitalized institution to comply with the supervisory provisions as if the institution were in the next lower category (but not treat a significantly undercapitalized institution as critically undercapitalized) based on supervisory information other than the capital levels of the institution.
The Company believes that, as of December 31, 2023, BancFirst, Pegasus and Worthington were “well capitalized” based on the ratios provided in Note (15), “Stockholders’ Equity,” in the notes to consolidated financial statements included in Item 8.
Deposit Insurance Assessments
The deposits of BancFirst, Pegasus and Worthington are insured by the FDIC. This insurance is funded through assessments on insured depository institutions. The FDIC’s risk-based assessment system requires members to pay varying assessment rates into the DIF, depending upon the level of the institution’s capital and the degree of supervisory concern over the institution.
The FDIC insures the deposits of federally insured banks up to prescribed statutory limits for each depositor, currently $250,000 per depositor for each account ownership category. The amount of FDIC assessments paid by each insured depository institution is based on its relative risk of default as measured by regulatory capital ratios and other supervisory factors. The FDIC’s deposit insurance premium assessment is based on an institution’s average consolidated total assets minus average tangible equity. At least semi-annually, the FDIC will update its loss and income projections for the DIF and, if needed, will increase or decrease assessment rates, following notice-and-comment rulemaking, if required. If there are additional bank or financial institution failures or if the FDIC otherwise determines to increase assessment rates, BancFirst, Pegasus and Worthington may be required to pay higher FDIC insurance premiums. Any future increases in FDIC insurance premiums may have a material and adverse effect on BancFirst’s, Pegasus’ and Worthington's and hence the Company’s, earnings. In October 2022, the FDIC adopted a final rule to increase the initial base deposit insurance assessment rate schedules uniformly by 2 basis points beginning with the first quarterly assessment period of 2023. The increased assessment is expected to improve the likelihood that the DIF reserve ratio would reach the statutory minimum of 1.35% by the statutory deadline prescribed under the FDIC's amended restoration plan.
9
The Company’s FDIC deposit insurance assessment expense totaled $5.8 million, $4.7 million and $3.5 million in 2023, 2022 and 2021, respectively.
As insurer, the FDIC is authorized to conduct examinations of and to require reporting by DIF-insured institutions. It also may prohibit any DIF-insured institution from engaging in any activity the FDIC determines by regulation or order to pose a serious threat to the DIF. The FDIC also has the authority to take enforcement actions against insured institutions.
Insurance of deposits may be terminated by the FDIC upon a finding that the institution has engaged or is engaging in unsafe and unsound practices, is in an unsafe or unsound condition to continue operations or has violated any applicable law, regulation, rule, order or condition imposed by the FDIC or written agreement entered into with the FDIC. The Company does not know of any practice, condition or violation that might lead to termination of deposit insurance for its banking subsidiaries.
Safety and Soundness Standards
The FDI Act requires the federal bank regulatory agencies to prescribe standards, by regulations or guidelines, relating to internal controls, information systems and internal audit systems, loan documentation, credit underwriting, interest rate risk exposure, asset growth, asset quality, earnings, stock valuation and compensation, fees and benefits and such other operational and managerial standards as the agencies deem appropriate. In general, the guidelines require, among other things, appropriate systems and practices to identify and manage the risk and exposures specified in the guidelines. The guidelines prohibit excessive compensation as an unsafe and unsound practice and describe compensation as excessive when the amounts paid are unreasonable or disproportionate to the services performed by an executive officer, employee, director or principal stockholder. In addition, the agencies adopted regulations that authorize, but do not require, an agency to order an institution that has been given notice by an agency that it is not satisfying any of such safety and soundness standards to submit a compliance plan. If, after being so notified, an institution fails to submit an acceptable compliance plan or fails in any material respect to implement an acceptable compliance plan, the agency must issue an order directing action to correct the deficiency and may issue an order directing other actions of the types to which an undercapitalized institution is subject under the “prompt corrective action” provisions of the FDI Act. See “--Prompt Corrective Action” above. If an institution fails to comply with such an order, the agency may seek to enforce such order in judicial proceedings and to impose civil money penalties.
Federal Banking Agency Compensation Guidelines
The Federal Reserve Board reviews, as part of its regular, risk-focused examination process, the incentive compensation arrangements of banking organizations, such as the Company, that are not “large, complex banking organizations.” These reviews are tailored to each organization based on the scope and complexity of the organization’s activities and the prevalence of incentive compensation arrangements. The findings of this supervisory initiative will be included in reports of examination. Deficiencies will be incorporated into the organization’s supervisory ratings, which can affect the organization’s ability to make acquisitions and take other actions. Enforcement actions may be taken against a banking organization if its incentive compensation arrangements, or related risk-management control or governance processes, pose a risk to the organization’s safety and soundness and the organization is not taking prompt and effective measures to correct the deficiencies.
Guidance issued by the Federal Reserve Board, OCC and FDIC is intended to ensure that the incentive compensation policies of banking organizations do not undermine the safety and soundness of such organizations by encouraging excessive risk-taking. The guidance, which covers all employees that have the ability to materially affect the risk profile of an organization, either individually or as part of a group, is based upon the key principles that a banking organization’s incentive compensation arrangements should (i) provide incentives that do not encourage risk-taking beyond the organization’s ability to effectively identify and manage risks, (ii) be compatible with effective internal controls and risk-management and (iii) be supported by strong corporate governance, including active and effective oversight by the organization’s board of directors.
In April 2016, the U.S. financial regulators, including the Federal Reserve Board and the SEC, proposed revised rules on incentive-based payment arrangements at specified regulated entities having at least $1 billion in total assets (which would include the Company, BancFirst and Pegasus). The proposed revised rules would establish general qualitative requirements applicable to all covered entities, which would include (i) prohibiting incentive arrangements that encourage inappropriate risks by providing excessive compensation; (ii) prohibiting incentive arrangements that encourage inappropriate risks that could lead to a material financial loss; (iii) establishing requirements for performance measures to appropriately balance risk and reward; (iv) requiring board of director oversight of incentive arrangements; and (v) mandating appropriate record-keeping. Under the proposed rule, larger financial institutions with total consolidated assets of at least $50 billion would be subject to additional requirements applicable to such institutions’ “senior executive officers” and “significant risk-takers.” These additional requirements, in which federal regulators were reported still to be interested in 2019, would not be applicable to the Company, BancFirst, Pegasus or Worthington.
10
Effective on October 2, 2023, pursuant to a final rule adopted by the SEC, NASDAQ adopted listing standards mandating the recovery or “clawback” of excess incentive-based compensation earned by a current or former executive officer during the three fiscal years preceding the date the listed company is required to prepare an accounting restatement, including to correct an error that would result in a material misstatement if the error were corrected in the current period or left uncorrected in the current period. Each listed company was required to adopt by December 1, 2023, a compliant policy governing recovery of erroneously awarded compensation as required by the new listing standards. The Company has adopted a compliant policy governing the recovery of erroneously awarded compensation as required by the listing standards, which is filed as Exhibit 97 to this Form 10-K.
The scope, content and application of the U.S. banking regulators' policies on incentive compensation continue to evolve. It cannot be determined at this time whether compliance with such policies will adversely affect the ability of the Company, BancFirst, Pegasus and Worthington to hire, retain and motivate key employees.
Cybersecurity
Federal agencies have issued statements regarding cybersecurity. Financial institutions are expected to design multiple layers of security controls to establish lines of defense and to ensure that their risk management processes also address the risk posed by compromised customer credentials, including security measures, to reliably authenticate customers accessing internet-based services of the financial institution. Management is expected to maintain sufficient business continuity planning processes to ensure the rapid recovery, resumption and maintenance of the institution’s operations after a cyber-attack involving destructive malware. A financial institution is also expected to develop appropriate processes to enable recovery of data and business operations and address rebuilding network capabilities and restoring data if the institution or its critical service providers fall victim to this type of cyber-attack. Failure to observe the regulatory guidance could subject the Company, BancFirst, Pegasus and Worthington to various regulatory sanctions, including financial penalties.
In the ordinary course of business, the Company, BancFirst, Pegasus and Worthington rely on electronic communications and information systems to conduct operations and to store sensitive data. They employ an in-depth, layered, defensive approach that leverages people, processes and technology to manage and maintain cybersecurity controls. The Company, BancFirst, Pegasus and Worthington employ a variety of preventative and detective tools to monitor, block, and provide alerts regarding suspicious activity, as well as to report on any suspected advanced persistent threats. Notwithstanding the strength of their defensive measures, the threat from cyber-attacks is severe, attacks are sophisticated and increasing in volume, and attackers respond rapidly to changes in defensive measures. While to date, the Company, BancFirst, Pegasus and Worthington have not detected a significant compromise, significant data loss or any material financial losses related to cybersecurity attacks, the Company, BancFirst, Pegasus and Worthington's systems and those of their customers and third-party service providers are under constant threat and it is possible that the Company, BancFirst, Pegasus and Worthington could experience a significant event in the future.
In November 2021, federal banking agencies, including the Federal Reserve Board and the FDIC, issued a final rule to improve the sharing of information about cyber incidents, compliance was required by May 1, 2022. Under the final rule a banking organization’s primary federal regulator must receive notification as soon as possible and no later than 36 hours after the banking organization determines that a significant computer-security incident, known as a “notification incident,” has occurred. Further, the final rule separately requires a bank service provider to notify each of its affected banking organization customers as soon as possible when the provider determines that it has experienced a computer-security incident that has caused, or is reasonably likely to cause, a material service disruption or degradation for four or more hours.
In June 2023, the Federal Trade Commission's amendments to the Gramm-Leach-Bliley Act's Safeguards Rule went into effect requiring financial institutions to: (i) appoint a qualified individual to oversee and implement their information security programs; (ii) implement additional criteria for information security risk assessments; (iii) implement safeguards identified by assessments, including access controls, data inventory, data disposal, change management, and monitoring, among other things; (iv) implement information system monitoring in the form of either "continuous monitoring" or "periodic penetration testing;" (v) implement additional controls including training for security personnel, periodic assessment of service providers, written incident response plans, and periodic reports from the qualified individual to the board of directors.
See Item 1A. Risk Factors for a further discussion of risks related to cybersecurity and Item 1C. Cybersecurity for a further discussion of risk management strategies and governance processes related to cybersecurity.
11
Fiscal and Monetary Policies
The Company’s business and earnings are affected significantly by the fiscal and monetary policies of the federal government and its agencies. The Company is particularly affected by the policies of the Federal Reserve Board, which regulates the supply of money and credit in the United States. Among the instruments of monetary policy available to the Federal Reserve Board are (a) conducting open market operations in United States government securities, (b) changing the discount rates of borrowings of depository institutions, (c) imposing or changing reserve requirements against depository institutions’ deposits and (d) imposing or changing reserve requirements against certain borrowings by banks and their affiliates. These methods are used in varying degrees and combinations to directly affect the availability of bank loans and deposits, as well as the interest rates charged on loans and paid on deposits. The policies of the Federal Reserve Board may have a material effect on the Company’s business, results of operations and financial condition.
Privacy Provisions of the GLB Act
Federal banking regulators, as required under the GLB Act, have adopted rules limiting the ability of banks and other financial institutions to disclose nonpublic information about consumers to nonaffiliated third parties. The rules require disclosure of privacy policies to consumers and, in some circumstances, allow consumers to prevent disclosure of certain personal information to nonaffiliated third parties. The privacy provisions of the GLB Act affect how consumer information is transmitted through diversified financial services companies and conveyed to outside vendors.
Durbin Amendment
The Durbin Amendment is part of the Dodd-Frank Act that limits transaction fees imposed upon merchants by debit card issuers. Interchange fees or "debit card swipe fees" are paid to banks by acquirers for the privilege of accepting payment cards. Federal Reserve Board rules applicable to financial institutions that have assets of $10 billion or more provide that the maximum permissible interchange fee for an electronic debit transaction is the sum of 21 cents per transaction and 5 basis points multiplied by the value of the transaction. An upward adjustment of no more than 1 cent to an issuer's debit card interchange fee is allowed if the card issuer develops and implements policies and procedures reasonably designed to achieve certain fraud-prevention standards. The Federal Reserve Board also has rules governing routing and exclusivity that require issuers to offer two unaffiliated networks for routing transactions on each debit or prepaid product.
The Company exceeded $10 billion in total assets at December 31, 2022. Pursuant to the Durbin Amendment of the Dodd-Frank Act this triggered a reduction of annual pretax income from debit card interchange fees that began July 1, 2023. Additional information regarding the Durbin Amendment is presented in Item 1A. Risk Factors.
In October 2023, the Federal Reserve issued a proposal under which, if adopted, the maximum permissible interchange fee for an electronic debit transaction would be the sum of 14.4 cents per transaction and 4 basis points multiplied by the value of the transaction. Furthermore, the fraud-prevention adjustment would increase from a maximum of 1 cent to 1.3 cents. The proposal would, if adopted, adopt an approach for future adjustments to the interchange fee cap, which would occur every other year based on issuer cost data gathered by the Federal Reserve from large debit card issuers.
Anti-Money Laundering and the Patriot Act
The USA Patriot Act of 2001 (the “Patriot Act”) facilitates the ability of U.S. law enforcement agencies and intelligence communities to work together to combat terrorism on a variety of fronts. The Patriot Act imposes significant compliance and due diligence obligations, specifies crimes and penalties and establishes the extra-territorial jurisdiction of the United States. The U.S. Treasury Department has issued a number of implementing regulations, which apply various requirements of the Patriot Act to financial institutions such as BancFirst, Pegasus and Worthington. Those regulations impose obligations on financial institutions to maintain appropriate policies, procedures and controls to detect, prevent and report money laundering and terrorist financing, and have significant implications for depository institutions, brokers, dealers and other businesses involved in the transfer of money. The Patriot Act also requires federal bank regulators to evaluate the effectiveness of an applicant in combating money laundering in determining whether to approve a proposed bank acquisition. Failure of a financial institution to maintain and implement adequate programs to combat money laundering and terrorist financing, or to comply with all of the relevant laws or regulations, could have serious legal and reputational consequences for the institution, including causing applicable bank regulatory authorities not to approve merger or acquisition
12
transactions when regulatory approval is required or to prohibit such transactions even if approval is not required. Regulatory authorities have imposed cease and desist orders and civil money penalties against institutions found to be violating these obligations.
Office of Foreign Assets Control Regulation
The U.S. Treasury Department’s Office of Foreign Assets Control, or OFAC, administers and enforces economic and trade sanctions against targeted foreign countries and regimes, under authority of various laws, including designated foreign countries, nationals and others. OFAC publishes lists of specially designated targets and countries.
Banking regulators examine banks for compliance with the economic sanctions regulations administered by OFAC. Financial institutions are responsible for, among other things, blocking accounts of, and transactions with, such targets and countries, prohibiting unlicensed trade and financial transactions with them and reporting blocked transactions after their occurrence. Failure to comply with these sanctions could have serious financial, legal and reputational consequences, including causing applicable bank regulatory authorities not to approve merger or acquisition transactions when regulatory approval is required or to prohibit such transactions even if approval is not required. Regulatory authorities have imposed cease and desist orders and civil money penalties against institutions found to be violating these obligations.
Community Reinvestment Act
The Community Reinvestment Act of 1977 (the “CRA”), requires depository institutions to assist in meeting the credit needs of their market areas consistent with safe and sound banking practices. Under the CRA, each depository institution is required to help meet the credit needs of its market areas by, among other things, providing credit to low- and moderate-income individuals and communities. Depository institutions are periodically examined for compliance with the CRA and are assigned ratings. In order for a financial holding company to commence any new activity permitted by the BHC Act, or to acquire any company engaged in any new activity permitted by the BHC Act, each insured depository institution subsidiary of the financial holding company must have received a rating of at least “satisfactory” in its most recent examination under the CRA. Furthermore, banking regulations take into account the CRA rating when considering approval of a proposed transaction. During its last examination in 2021, a rating of “satisfactory” was received by BancFirst. During its last examination in 2020, a rating of “satisfactory” was received by Pegasus. During its last examination in 2018, a rating of "outstanding" was received by Worthington.
On October 24, 2023, the OCC, the Federal Reserve Board and the FDIC, issued a joint final rule to modernize the CRA regulatory framework. The final rule is intended, among other things, to adapt to changes in the banking industry, including the expanded role of mobile and online banking, and to tailor performance standards to account for differences in bank size and business models. The final rule introduces new tests under which the performance of banks with over $2 billion in assets will be assessed. The new rule also includes data collection and reporting requirements, some of which are applicable only to banks with over $10 billion in assets, such as BancFirst. Most provisions of the final rule will become effective on January 1, 2026, and the data reporting requirements will become effective on January 1, 2027.
Consumer Laws and Regulations
Banks and other financial institutions are subject to numerous laws and regulations intended to protect consumers in their transactions with banks. These laws include the Equal Credit Opportunity Act, the Fair Credit Reporting Act, the Truth in Lending Act, the Truth in Savings Act, the Electronic Fund Transfer Act, the Expedited Funds Availability Act, the Home Mortgage Disclosure Act, the Fair Housing Act, the Real Estate Settlement Procedures Act, the Fair Debt Collection Practices Act, the Service Members Civil Relief Act and these laws’ respective state-law counterparts, as well as state usury laws and laws regarding unfair and deceptive acts and practices. These and other federal laws, among other things, require disclosures of the cost of credit and terms of deposit accounts, provide substantive consumer rights, prohibit discrimination in credit transactions, regulate the use of credit report information, provide financial privacy protections, prohibit unfair, deceptive and abusive practices, restrict the Company’s ability to raise interest rates and subject the Company to substantial regulatory oversight. Violations of applicable consumer protection laws can result in significant potential liability from litigation brought by customers, including actual damages, restitution and attorneys’ fees. Federal bank regulators, state attorneys general and state and local consumer protection agencies may also seek to enforce consumer protection requirements and obtain these and other remedies, including regulatory sanctions, customer rescission rights, action by the state and local attorneys general in each jurisdiction in which the Company operates and civil money penalties. Failure to comply with consumer protection requirements may also result in the Company’s failure to obtain any required bank regulatory approval for merger or acquisition transactions the Company may wish to pursue or its prohibition from engaging in such transactions even if approval is not required.
13
The Consumer Financial Protection Bureau (“CFPB”) is a federal agency responsible for implementing, examining and enforcing compliance with federal consumer protection laws. The CFPB focuses on:
The CFPB has broad rulemaking authority for a wide range of consumer financial laws that apply to all banks, including, among other things, the authority to prohibit “unfair, deceptive or abusive” acts and practices. Abusive acts or practices are defined as those that materially interfere with a consumer’s ability to understand a term or condition of a consumer financial product or service or take unreasonable advantage of a consumer’s (i) lack of financial savvy, (ii) inability to protect himself in the selection or use of consumer financial products or services, or (iii) reasonable reliance on a covered entity to act in the consumer’s interests. The CFPB can issue cease-and-desist orders against banks and other entities that violate consumer financial laws. The CFPB may also institute a civil action against an entity in violation of federal consumer financial law in order to impose a civil penalty or injunction. The CFPB has examination and enforcement authority over all banks with more than $10 billion in assets, as well as their affiliates. Banking regulators take into account compliance with consumer protection laws when considering approval of a proposed transaction.
Interstate Banking and Branching
Under the Riegle-Neal Interstate Banking and Branching Efficiency Act, as amended by the Dodd-Frank Act (the “Riegle-Neal Act”), a bank holding company may acquire banks in states other than its home state, subject to any state requirement that the bank has been organized and operating for a minimum period of time, not to exceed five years, and the requirement that the bank holding company, prior to or following the proposed acquisition, control no more than 10% of the total amount of deposits of insured depository institutions nationwide and no more than 30% of such deposits in that state (or such amount as set by the state if such amount is lower than 30%).
The Riegle-Neal Act also authorizes banks to merge across state lines, thereby creating interstate branches. Banks are also permitted to either acquire existing banks or to establish new branches in other states where authorized under the laws of those states. The Dodd-Frank Act also requires that a bank holding company or bank be well-capitalized and well-managed (rather than simply adequately capitalized and adequately managed) in order to take advantage of these interstate banking and branching provisions.
The Volcker Rule
The Volcker Rule under the Dodd-Frank Act restricts banks and their affiliates from engaging in proprietary trading and investing in and sponsoring hedge funds and private equity funds. The Volcker Rule does not significantly impact the operations of the Company as it does not engage in the businesses prohibited by the Volcker Rule.
Depositor Preference
The FDI Act provides that, in the event of the “liquidation or other resolution” of an insured depository institution, the claims of depositors of the institution (including the claims of the FDIC as subrogee of insured depositors) and certain claims for administrative expenses of the FDIC as a receiver, will have priority over other general unsecured claims against the institution. If an insured depository institution fails, insured and uninsured depositors, along with the FDIC, will have priority in payment ahead of unsecured, non-deposit creditors with respect to any extensions of credit they have made to such insured depository institution.
Changes in Laws, Regulations or Policies
Banking is a heavily regulated industry. Additional initiatives may be proposed or introduced before Congress and other government bodies in the future. Such proposals, if enacted, may further alter the structure, regulation and competitive relationship among financial institutions and may subject the Company to increased supervision and disclosure and reporting requirements. In addition, the various bank regulatory agencies often adopt new rules, regulations, and policies to implement and enforce existing legislation. It cannot be predicted whether, or in what form, any such legislation or regulatory changes in policy may be enacted or the extent to which the business of the Company would be affected thereby.
14
State Regulation
BancFirst is an Oklahoma-chartered state bank. Accordingly, BancFirst’s operations are subject to various requirements and restrictions of Oklahoma state law relating to loans, lending limits, interest rates payable on deposits, investments, mergers and acquisitions, borrowings, dividends, capital adequacy and other matters. However, Oklahoma banking law specifically empowers a state-chartered bank such as BancFirst to exercise the same powers as are conferred upon national banks by the laws of the United States and the regulations and policies of the Office of the Comptroller of the Currency, unless otherwise prohibited or limited by the Oklahoma Banking Commissioner or the Oklahoma State Banking Board. Accordingly, unless a specific provision of Oklahoma law otherwise provides, a state-chartered bank is empowered to conduct all activities that a national bank may conduct.
Pegasus and Worthington are Texas-chartered state banks. Accordingly, their operations are subject to various requirements and restrictions of Texas state law relating to loans, lending limits, interest rates payable on deposits, investments, mergers and acquisitions, borrowings, dividends, capital adequacy and other matters. However, Texas banking law specifically empowers state-chartered banks such as Pegasus and Worthington to exercise the same powers as are conferred upon national banks by the laws of the United States and the regulations and policies of the Office of the Comptroller of the Currency, unless otherwise prohibited or limited by the Texas Banking Commissioner or the Texas Finance Commission. Accordingly, unless a specific provision of Texas law otherwise provides, a state-chartered bank is empowered to conduct all activities that a national bank may conduct.
National banks are authorized by the GLB Act to engage, through “financial subsidiaries,” in any activity that is permissible for a financial holding company and any activity that the Secretary of the Treasury, in consultation with the Federal Reserve Board, determines is financial in nature or incidental to any such financial activity, except (1) insurance underwriting, (2) real estate development or real estate investment activities (unless otherwise permitted by law), (3) insurance company portfolio investments and (4) merchant banking. The authority of a national bank to invest in a financial subsidiary is subject to a number of conditions, including, among other things, requirements that the bank must be well managed and well capitalized (after deducting from the bank’s capital outstanding investments in financial subsidiaries). The GLB Act provides that state member banks, such as BancFirst, Pegasus and Worthington, may invest in financial subsidiaries (assuming they have the requisite investment authority under applicable state law), subject to the same conditions that apply to national bank investments in financial subsidiaries.
As a state member bank, BancFirst is subject to primary supervision, periodic examination and regulation by the Oklahoma Banking Department and the Federal Reserve Bank of Kansas City, and Oklahoma law provides that BancFirst must maintain reserves against deposits as required by the FDI Act. The Oklahoma Banking Commissioner is authorized by statute to accept a Federal Reserve Bank examination in lieu of a state examination. In practice, the Federal Reserve Bank of Kansas City and the Oklahoma Banking Department alternate examinations of BancFirst. If, as a result of an examination of a bank, the Oklahoma Banking Department determines that the financial condition, capital resources, asset quality, earnings prospects, management, liquidity, or other aspects of the bank’s operations are unsatisfactory or that the management of the bank is violating or has violated any law or regulation, various remedies, including the remedy of injunction, are available to the Oklahoma Banking Department. Oklahoma law permits the acquisition of an unlimited number of wholly-owned bank subsidiaries so long as aggregate deposits at the time of acquisition in a multi-bank holding company do not exceed 20% of the total amount of deposits of insured depository institutions located in Oklahoma.
As state member banks, Pegasus and Worthington are subject to primary supervision, periodic examination and regulation by the Texas Department of Banking and the Federal Reserve Bank of Dallas, and Texas law provides that Pegasus and Worthington must maintain reserves against deposits as required by the FDI Act. The Texas Department of Banking is authorized by statute to accept a Federal Reserve Bank examination in lieu of a state examination. In practice, the Federal Reserve Bank of Dallas and the Texas Department of Banking alternate examinations. If, as a result of an examination of a bank, the Texas Department of Banking determines that the financial condition, capital resources, asset quality, earnings prospects, management, liquidity, or other aspects of the bank’s operations are unsatisfactory or that the management of the bank is violating or has violated any law or regulation, various remedies, including the remedy of injunction, are available to the Texas Department of Banking.
15
In addition to the provisions of the GLB Act that authorize state member banks to invest in financial subsidiaries (assuming they have the requisite investment authority under applicable state law) on the same conditions that apply to national banks, Federal Deposit Insurance Corporation Improvement Act (“FDICIA”) provides that FDIC-insured state banks such as BancFirst, Pegasus and Worthington may engage directly or through a subsidiary in certain activities that are not permissible for a national bank, if the activity is authorized by applicable state law, the FDIC determines that the activity does not pose a significant risk to the DIF and the bank is in compliance with its applicable capital standards.
Securities Laws
The Company’s common stock is publicly held and listed on the NASDAQ Global Select Market, and the Company is subject to the periodic reporting, information, proxy solicitation, insider trading, corporate governance and other requirements and restrictions of the Securities Exchange Act of 1934 and the regulations of the SEC promulgated thereunder as well as listing requirements of the NASDAQ. In addition, the Dodd-Frank Act includes provisions that affect corporate governance and executive compensation at most United States publicly traded companies, including the Company.
The Company is also subject to the accounting oversight and corporate governance requirements of the Sarbanes-Oxley Act of 2002, including:
Available Information
The Company maintains a website at www.bancfirst.bank. The Company provides copies of the most recently filed 10-K, 10-Q and proxy statements, and amendments to those reports filed or furnished pursuant to Section 13(a) or 15(d) of the Exchange Act as soon as reasonably practicable after the Company electronically files the material with, or furnishes it to, the SEC. The website also provides links to the SEC’s website (http://www.sec.gov) where all of the Company’s filings with the SEC can be obtained immediately upon filing. You may also request a copy of the Company’s filings, at no cost, by writing or telephoning the Company at the following address:
BancFirst Corporation
100 N. Broadway Ave.
Oklahoma City, Oklahoma 73102
ATTENTION: Randy Foraker
Executive Vice President
(405) 270-1044
1A. Risk Factors
In the course of conducting our business operations, we are exposed to a variety of risks that are inherent to the financial services industry. The following discusses some of the key inherent risk factors that could affect our business and operations. The risks and uncertainties described below are not the only ones we are facing. Other factors besides those discussed below or elsewhere in this report also could adversely affect our business and operations, and the risk factors discussed below should not be considered a complete list of potential risks that may affect us. Further, to the extent that any of the information contained in this report constitutes forward-looking statements, the risk factors set forth below also are cautionary statements identifying important factors that could cause our actual results to differ materially from those expressed in any forward-looking statements made by or on behalf of us.
16
Risks Related to Our Business
Interest Rate Risks
Fluctuations in interest rates could reduce our profitability.
We realize income primarily from the difference between interest earned on loans and investments and the interest paid on deposits and borrowings. We expect that we will periodically experience “gaps” in the interest rate sensitivities of our assets and liabilities, meaning that either our interest-earning assets will be more sensitive to changes in market interest rates than our interest-bearing liabilities, or vice versa. Changes in market interest rates could either positively or negatively affect our net interest income and our profitability, depending on the magnitude, direction and duration of the change. If interest rates decline, our net interest margin could experience compression.
We are unable to predict fluctuations of market interest rates, which are affected by, among other factors, changes in inflation rates, economic growth, money supply, government debt, domestic and foreign financial markets and political developments, including terrorist acts and acts of war. Our asset-liability management strategy, which is designed to mitigate our risk from changes in market interest rates, may not be able to mitigate changes in interest rates from having a material adverse effect on our results of operations and financial condition.
Credit and Lending Risks
We may be adversely affected by declining crude oil and natural gas prices.
As of December 31, 2023, the price per barrel of crude oil was approximately $76 down from $78 at December 31, 2022. At December 31, 2023, the price per million British thermal units of natural gas was approximately $2.51 down from $4.48 at December 31, 2022. If oil and natural gas prices drop below the marginal cost of production for an extended period, we would expect to experience weaker energy loan demand and increased losses within our energy portfolio. Furthermore, a prolonged period of low oil and natural gas prices could also have a negative impact on the energy producing economies and, in particular, the economies of states such as Oklahoma and Texas, where the energy industry is a significant driver of economic activity. Although as of December 31, 2023, oil and gas loans comprised 7.66% of our loan portfolio, the impact of lower oil and natural gas prices could have an indirect impact on our other loan portfolio segments, for example, commercial real estate (“CRE”).
A substantial portion of our loan portfolio is secured by real estate, in particular commercial real estate. Deterioration in the real estate markets could lead to losses, which could have a material negative effect on our financial condition and results of operations.
Loans secured by real estate constitute a significant portion of our loan portfolio. At December 31, 2023, this percentage was approximately 69%. While our record of asset quality has historically been solid, we cannot guarantee that our record of asset quality will be maintained in future periods. The ability of our borrowers to repay their loans could be adversely impacted by a significant change in market conditions, which not only could result in our experiencing an increase in charge-offs, but also could necessitate increasing our provision for credit losses. In addition, because one to four family residential and commercial real estate loans represent the majority of our real estate loans outstanding, a decline in tenant occupancy due to such factors or for other reasons could adversely impact the ability of our borrowers to repay their loans on a timely basis, which could have a negative impact on our financial condition and results of operations.
We are subject to environmental liability risk associated with lending activities.
A significant portion of our loan portfolio is secured by real property. During the ordinary course of business, we may foreclose on and take title to properties securing certain loans. In doing so, there is a risk that hazardous or toxic substances could be found on these properties. If hazardous or toxic substances are found, we may be liable for remediation costs, as well as for personal injury and property damage. Environmental laws may require us to incur substantial expenses and may materially reduce the affected property’s value or limit our ability to use or sell the affected property. In addition, future laws or more stringent interpretations or enforcement policies with respect to existing laws may increase our exposure to environmental liability. Although we have policies and procedures to perform an environmental review before initiating any foreclosure action on real property, these reviews may not be sufficient to detect all potential environmental hazards. The remediation costs and any other financial liabilities associated with an environmental hazard could have a material adverse effect on our financial condition and results of operations.
17
If a significant number of customers fail to perform under their loans, our business, profitability and financial condition would be adversely affected.
There are inherent risks associated with our lending activities. As a lender, we face the risk that a significant number of our borrowers will fail to pay their loans because of other factors, including the impact of changes in interest rates and changes in the economic conditions in the markets where we operate. If borrower defaults cause losses in excess of our allowance for credit losses, it could have an adverse effect on our business, profitability and financial condition. We have established an evaluation process designed to recognize credit losses as they occur. While this evaluation process uses historical and other objective information, the classification of loans and the estimation of credit losses are dependent to a great extent on our experience and judgment. If charge-offs in future periods exceed the allowance for credit losses, we will need additional provisions to increase the allowance for credit losses. Any increases in the allowance for credit losses will result in a decrease in net income and capital, and may have a material adverse effect on our financial condition and results of operations. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations” located elsewhere in this report for further discussion related to our process for determining the appropriate level of the allowance for credit losses. We cannot assure you that our future credit losses will not have any material adverse effects on our business, profitability or financial condition.
External and Market-Related Risks
Changes in economic conditions, especially in the State of Oklahoma, pose significant challenges for us and could adversely affect our financial condition and results of operations.
Our business is affected by conditions outside our control, including the rate of economic growth in general, the level of unemployment, increases in inflation and the level of interest rates. Economic conditions affect the level of demand for and the profitability of our products and services. A slowdown in the general economic activity, particularly in Oklahoma, could negatively impact our business. BancFirst operates exclusively within the State of Oklahoma and, unlike larger national or superregional banks that serve a broader and more diverse geographic region; BancFirst lending is also primarily concentrated in the State of Oklahoma. As a result, our financial condition, results of operations and cash flows are subject to changes in the economic conditions in the State of Oklahoma. Our continued success is largely dependent upon the continued growth or stability of the communities we serve. A decline in the economies of these communities could negatively impact our net income and profitability. Additionally, declines in the economies of these communities and of the State of Oklahoma in general could affect our ability to generate new loans, receive repayments of existing loans and our ability to attract new deposits, adversely affecting our financial condition.
Maintaining or increasing our market share depends on market acceptance and regulatory approval of new products and services.
Our success depends, in part, upon our ability to adapt our products and services to evolving industry standards and consumer demand. There is increasing pressure on financial services companies to provide products and services at lower prices. In addition, the widespread adoption of new technologies, including Internet-based services, could require us to make substantial expenditures to modify or adapt our existing products or services. A failure to achieve market acceptance of any new products we introduce, or a failure to introduce products that the market may demand, could have an adverse effect on our business, profitability or growth prospects.
Changes in consumer use of banks and changes in consumer spending and savings habits could adversely affect our financial results.
Technology and other changes now allow many customers to complete financial transactions without using banks. For example, consumers can pay bills and transfer funds directly without going through a bank. This process of eliminating banks as intermediaries could result in the loss of fee income, as well as the loss of customer deposits and income generated from those deposits. In addition, changes in consumer spending and savings habits could adversely affect our operations, and we may be unable to timely develop competitive new products and services in response to these changes.
The soundness of other financial institutions could have a material adverse effect on our business, growth and profitability.
Financial services institutions are interrelated because of trading, clearing, counterparty or other relationships. We have exposure to many different industries and counterparties, and routinely execute transactions with counterparties in the financial services industry, including commercial banks, brokers and dealers, investment banks and other institutional clients. Many of these transactions expose our business to credit risk in the event of a default by a counterparty or client. In addition, our credit risk may be exacerbated when the collateral we hold cannot be realized upon or is liquidated at prices not sufficient to recover the full amount of the credit or derivative exposure due to us. Any such losses could have a material adverse effect on our financial condition and results of operations.
18
Negative developments in the banking industry could adversely affect our financial condition and results of operations.
The bank failures and related negative media attention in early 2023 have generated significant market trading volatility among publicly traded bank holding companies and, in particular, regional, as well as community banks like the Company. These developments have negatively impacted customer confidence in regional and community banks that are not considered too big to fail, which has prompted customers to move uninsured deposits to banks that are perceived as too big to fail. Further, competition for deposits has recently increased and available yields have similarly increased, causing non-interest bearing deposits to move to interest bearing deposits and sweeps. If such movement is permanent, it will reduce our net interest margin going forward. The financial impact on the Company of ongoing market volatility, continued inflation and rising interest rates will depend on future developments which are highly uncertain and difficult to predict.
Competition with other financial institutions could adversely affect our profitability.
We face vigorous competition from banks and other financial institutions, including savings and loan associations, savings banks, finance companies and credit unions. A portion of these banks and other financial institutions have substantially greater resources and lending limits, larger branch systems and other banking services that we do not offer. To a limited extent, we also compete with other providers of financial services, such as money market mutual funds, brokerage firms, consumer finance companies and insurance companies. When new competitors seek to enter one of our markets, or when existing market participants seek to increase their market share, they sometimes undercut the pricing and/or credit terms prevalent in that market. This competition may reduce or limit our margins on banking and trust services, reduce our market share and adversely affect our results of operations and financial condition.
Failure to keep pace with technological change could adversely affect our results of operations and financial condition.
The financial services industry is undergoing rapid technological changes with frequent introductions of new technology-driven products and services. In addition to better serving our customers, the effective use of technology increases our efficiency and enables us to reduce costs. Our future success will depend in part upon our ability to address the needs of our customers by using technology to provide products and services that will satisfy customer demands for convenience as well as to create additional efficiencies in our operations as we continue to grow and expand our market area. Many of our larger competitors have substantially greater resources to invest in technological improvements. As a result, they may be able to offer additional or superior products to those that we will be able to offer, which would put us at a competitive disadvantage. Accordingly, we cannot assure you that we will be able to effectively implement new technology-driven products and services or be successful in marketing such products and services to our customers.
Compliance and Regulatory Risks
We operate in a highly regulated environment and may be adversely affected by changes in federal and state laws and regulations.
We are subject to extensive regulation, supervision and examination by federal and state banking authorities. Any change in applicable regulations or federal or state legislation could have a substantial impact on us and our results of operations. Changes to statutes, regulations or regulatory policies or supervisory guidance, including changes in interpretation or implementation of statutes, regulations, policies or supervisory guidance, could affect us in substantial and unpredictable ways. Such changes could subject us to additional costs, limit the types of financial services and products we may offer and/or increase the ability of non-banks to offer competing financial services and products, among other things. Failure to comply with laws, regulations, policies or supervisory guidance could result in enforcement and other legal actions by federal or state authorities, including criminal and civil penalties, the loss of FDIC insurance, the revocation of a banking charter, other sanctions by regulatory agencies, civil money penalties and/or reputational damage. In this regard, government authorities, including the bank regulatory agencies, are pursuing aggressive enforcement actions with respect to compliance and other legal matters involving financial activities, which heightens the risks associated with actual and perceived compliance failures. Any of the foregoing could have a material adverse effect on our business, financial condition and results of operations.
See the section captioned “Supervision and Regulation” included in Item 1. Business, located elsewhere in this report.
Changes in monetary policies may have an adverse effect on our business.
Our results of operations are affected by credit policies of monetary authorities, particularly the Federal Reserve Board. Actions by monetary and fiscal authorities, including the Federal Reserve Board, could have an adverse effect on our deposit levels, loan demand or business earnings. See “Item 1 - Business-Supervision and Regulation.” Our profitability is greatly dependent upon our earning a positive interest spread between our loan and securities portfolio, and our funding deposits and borrowings. Changes in the level of interest rates, a prolonged unfavorable interest rate environment or a decrease in our level of deposits that increases our cost of funds could negatively affect our profitability and financial condition.
19
Acquisition Related Risk
There can be no assurance that the integration of our acquisitions will be successful or will not result in unforeseen difficulties that may absorb significant management attention.
Our completed acquisitions, or any future acquisition, may not produce the revenue, cost savings, earnings or synergies that we anticipated. The process of integrating acquired companies into our business may also result in unforeseen difficulties. Unforeseen operating difficulties may absorb significant management attention, which we might otherwise devote to our existing business. Also, the process may require significant financial resources that we might otherwise allocate to other activities, including the ongoing development or expansion of our existing operations. Additionally, we may be exposed to potential asset quality issues or unknown or contingent liabilities of the banks, businesses, assets and liabilities we acquire. If these issues or liabilities exceed our estimates, our results of operations and financial condition may be negatively affected.
If we pursue a future acquisition, our management could spend a significant amount of time and effort identifying and completing the acquisition. If we make a future acquisition, we could issue equity securities, which would dilute current stockholders’ percentage ownership, incur substantial debt, assume contingent liabilities and be required to record an impairment of goodwill or any combination of the foregoing.
Liquidity Risk
We are subject to liquidity risk.
Liquidity is the ability to fund increases in assets and meet obligations as they come due, all without incurring unacceptable losses. Banks are especially vulnerable to liquidity risk because of their role in the transformation of demand or short-term deposits into longer-term loans or other extensions of credit. We, like other financial-services companies, rely to a significant extent on external sources of funding (such as deposits and borrowings) for the liquidity needed in the conduct of our business. A number of factors beyond our control, however, could have a detrimental impact on the level or cost of that funding and thus on our liquidity. These include market disruptions, changes in our credit ratings or the sentiment of our investors, the loss of substantial deposit relationships and reputational damage. Unexpected declines or limits on the dividends declared and paid by our subsidiaries also could adversely affect our liquidity position. While our policies and controls are designed to ensure that we maintain adequate liquidity to conduct our business in the ordinary course even in a stressed environment, there can be no assurance that our liquidity position will never become compromised. In such an event, we may be required to sell assets at a loss in order to continue our operations. This could damage the performance and value of our business, prompt regulatory intervention and harm our reputation, and if the condition were to persist for any appreciable period of time, our viability as a going concern could be threatened. See “Quantitative and Qualitative Disclosures about Market Risk—Liquidity Risk” in Part II, Item 7A for a discussion of how we monitor and manage liquidity risk.
Operational Risks
Our accounting estimates and risk-management processes may not be effective in mitigating risk and loss.
We maintain an enterprise risk-management program that is designed to identify, quantify, monitor, report and control the risks that it faces. These include interest-rate risk, credit risk, liquidity risk, operational risk, reputational risk and compliance and litigation risk. While we assess and improve this program on an ongoing basis, there can be no assurance that its approach and framework for risk-management and related controls will effectively mitigate risk and limit losses in our business. To comply with generally accepted accounting principles, management must sometimes exercise judgment in selecting, determining and applying accounting methods, assumptions and estimates. This can arise, for example, in determining the allowance for credit losses or the fair value of assets or liabilities. The judgments required of management can involve difficult, subjective, or complex matters with a high degree of uncertainty, and several different judgments could be reasonable under the circumstances and yet result in significantly different results being reported. See “Critical Accounting Policies and Estimates” in Part II, Item 7. If management’s judgments later prove to have been inaccurate, we may experience unexpected losses that could be substantial.
20
Additionally, the processes we use to estimate our expected credit losses and to measure the fair value of financial instruments, as well as the processes used to estimate the effects of changing interest rates and other market measures on our financial condition and results of operations, depends upon the use of analytical and forecasting models. These models reflect assumptions that may not be accurate, particularly in times of market stress or other unforeseen circumstances. Even if these assumptions are adequate, the models may prove to be inadequate or inaccurate because of other flaws in their design or their implementation. If the models we use for interest rate risk and asset-liability management are inadequate, we may incur increased or unexpected losses upon changes in market interest rates or other market measures. If the models we use for determining our probable credit losses are inadequate, the allowance for credit losses may not be sufficient to support future charge-offs. If the models we use to measure the fair value of financial instruments are inadequate, the fair value of such financial instruments may fluctuate unexpectedly or may not accurately reflect what we could realize upon sale or settlement of such financial instruments. Any such failure in our analytical or forecasting models could have a material adverse effect on our business, financial condition and results of operations.
Technological advances in payment processing is expected to negatively impact our interchange revenue.
Interchange fees, or “swipe” fees, are charges that merchants pay to the processors who, in turn, share that revenue with us and other card-issuing banks for processing electronic payment transactions. Rapid, significant technological changes continue to confront the payments industry. Technological advances and the growth of e-commerce have made it possible for non-depository institutions to offer products and services that traditionally were banking products, and for financial institutions and other companies to provide electronic and internet-based financial solutions for processing electronic payment transactions. These include developments in smart cards, e-commerce, mobile and radio frequency and proximity payment devices, such as contactless cards. Ongoing or increased competition in payment processing may restrict our ability to generate interchange revenue in the future. For the year ended December 31, 2023, debit card interchange revenue represented 20.3% of our noninterest income.
Consumer protection laws and the Durbin Amendment will reduce our noninterest income.
We are subject to a number of federal and state consumer protection laws that extensively govern our relationship with our customers. The Dodd-Frank Act established the Consumer Financial Protection Bureau ("CFPB") with powers to supervise and enforce consumer protection laws. The CFPB has broad rule-making authority for a wide range of consumer protection laws that apply to all banks and savings institutions, including the authority to prohibit "unfair, deceptive or abusive acts and practices.” The CFPB also has examination and enforcement authority over all banks and savings institutions with more than $10 billion in assets for certain designated consumer laws and regulations. The other federal banking agencies enforce such consumer laws and regulations for banks and savings institutions under $10 billion in assets. These and other federal laws, among other things, require disclosures of the cost of credit and terms of deposit accounts, provide substantive consumer rights, prohibit discrimination in credit transactions, regulate the use of credit report information, provide financial privacy protections, prohibit unfair, deceptive and abusive practices and restrict our ability to raise interest rates and charge non-sufficient funds ("NSF") fees. A significant portion of our noninterest income is derived from service charge income, including NSF fees, which represented 15.1% of our noninterest income for the year ended December 31, 2023. Violations of applicable consumer protection laws could result in enforcement actions and significant potential liability from litigation brought by customers, including actual damages, restitution and attorneys’ fees. In addition, we are subject to political pressures that could limit our ability to charge NSF and overdraft fees.
In addition, the Durbin Amendment is a provision in the larger Dodd-Frank Act that gave the Federal Reserve the authority to establish rates on debit card transactions. The Durbin Amendment aims to control debit card interchange fees and restrict anti-competitive practices. The law applies to banks with over $10 billion in assets and limits these banks on what they charge for debit card interchange fees. The Company exceeded $10 billion in total assets at December 31, 2022. Pursuant to the Durbin Amendment of the Dodd-Frank Act, which began to apply to the Company on July 1, 2023, based on current run rates, annual pretax income from debit card interchange fees will be reduced by approximately $23 million.
We have businesses other than banking.
In addition to commercial banking services, we provide property and casualty and other insurance products, as well as other business and financial services. We may in the future develop or acquire other non-banking businesses. As a result of other such businesses, our earnings could be subject to risks and uncertainties that are different from those to which our commercial banking services are subject. In developing and marketing new lines of business and/or new products and services, we may invest significant time and resources. Initial timetables for the introduction and development of new lines of business and/or new products or services may not be achieved and price and profitability targets may not prove feasible. External factors, such as compliance with regulations, competitive alternatives, and shifting market preferences, may also impact the successful implementation of a new line of business or a new product or service. Furthermore, any new line of business and/or new product or service could have a significant impact on the
21
effectiveness of our system of internal controls. Failure to successfully manage these risks in the development and implementation of new lines of business or new products or services could have a material adverse effect on our business, financial condition and results of operations.
Our information systems may experience an interruption or breach in security.
We rely heavily on communications and information systems to conduct our business. Any failure, interruption or breach in security of these systems could result in failures or disruptions in our customer relationship management, general ledger, deposit, loan and other systems. Information security breaches and cybersecurity-related incidents may include, but are not limited to, attempts to access information, including customer and company information, malicious code, computer viruses and denial of service attacks that could result in unauthorized access, misuse, loss or destruction of data (including confidential customer information), account takeovers, unavailability of service or other events. These types of threats may derive from human error, fraud or malice on the part of external or internal parties, or may result from accidental technological failure. Further, to access our products and services our customers may use computers and mobile devices that are beyond our security control systems. Our technologies, systems, networks and software and those of other financial institutions have been, and are likely to continue to be, the target of cybersecurity threats and attacks, which may range from uncoordinated individual attempts to sophisticated and targeted measures directed at us. The risk of a security breach or disruption, particularly through cyber-attack or cyber intrusion, has increased as the number, intensity and sophistication of attempted attacks and intrusions from around the world have increased.
Our business requires the collection and retention of large volumes of customer data, including personally identifiable information in various information systems that we maintain and in those maintained by third parties with whom we contract to provide data services. We also maintain important internal company data such as personally identifiable information about our employees and information relating to our operations. The integrity and protection of that customer and company data is important to us. Our collection of such customer and company data is subject to extensive regulation and oversight, which may increase in complexity and extent in the future. Our customers and employees have been, and will continue to be, targeted by parties using fraudulent e-mails and other communications in attempts to misappropriate passwords, bank account information or other personal information or to introduce viruses or other malware through “Trojan horse” programs to our information systems and/or our customers' computers. Though we endeavor to mitigate these threats through product improvements, use of encryption and authentication technology and customer and employee education, such cyber-attacks against us or our merchants and our third party service providers remain a serious issue. The pervasiveness of cybersecurity incidents in general and the risks of cybercrime are complex and continue to evolve. More generally, publicized information concerning security and cyber-related problems could inhibit the use or growth of electronic or web-based applications or solutions as a means of conducting commercial transactions.
Although we make significant efforts to maintain the security and integrity of our information systems and have implemented various measures to manage the risk of a security breach or disruption, there can be no assurance that our security efforts and measures will be effective or that attempted security breaches or disruptions would not be successful or damaging. Even the most well protected information, networks, systems and facilities remain potentially vulnerable because attempted security breaches, particularly cyber-attacks and intrusions, or disruptions will occur in the future, and because the techniques used in such attempts are constantly evolving and generally are not recognized until launched against a target, and in some cases are designed not to be detected and, in fact, may not be detected. Accordingly, we may be unable to anticipate these techniques or to implement adequate security barriers or other preventative measures, and thus it is virtually impossible for us to entirely mitigate this risk. While we maintain specific “cyber” insurance coverage, which would apply in the event of various breach scenarios, the amount of coverage may not be adequate in any particular case. Furthermore, because cyber threat scenarios are inherently difficult to predict and can take many forms, some breaches may not be covered under our cyber insurance coverage. A security breach or other significant disruption of our information systems or those related to our customers, merchants and our third party vendors, including as a result of cyber-attacks, could (i) disrupt the proper functioning of our networks and systems and therefore our operations and/or those of certain of our customers; (ii) result in the unauthorized access to, and destruction, loss, theft, misappropriation or release of confidential, sensitive or otherwise valuable information of ours or our customers; (iii) result in a violation of applicable privacy, data breach and other laws, subjecting us to additional regulatory scrutiny and expose us to civil litigation, enforcement action, governmental fines and possible financial liability; (iv) require significant management attention and resources to remedy the damages that result; or (v) harm our reputation or cause a decrease in the number of customers that choose to do business with us. The occurrence of any of the foregoing could have a material adverse effect on our business, financial condition and results of operations.
Risks Associated with Our Common Stock
The trading volume in our common stock is less than that of other larger financial services companies.
Although our common stock is listed for trading on the NASDAQ Global Select Market, the trading volume in our common stock is generally less than that of other, larger financial services companies. A public trading market having the desired characteristics of depth, liquidity and orderliness depends on the presence in the marketplace of willing buyers and sellers of our common stock at any given time. This presence depends on the individual decisions of investors and general economic and market conditions over which we
22
have no control. Given the lower trading volume of our common stock, significant sales of our common stock, or the expectation of these sales, could cause our stock price to fall.
We may not continue to pay dividends on our common stock in the future.
We have historically paid a common stock dividend. However, as a bank holding company, our ability to declare and pay dividends is dependent on certain federal regulatory considerations, including the guidelines of the Federal Reserve Board regarding capital adequacy and dividends. Additionally, our ability to declare or pay dividends on our common stock may also be subject to certain restrictions in the event that we elect to defer the payment of interest on our junior subordinated deferrable interest debentures. There can be no certainty that our common dividend will continue to be paid at the current levels. It is possible that our common dividend could be reduced or even cease to be paid. In such case, the trading price of our common stock could decline, and investors may lose all or part of their investment.
Our directors and executive officers own a significant portion of our common stock and can influence stockholder decisions.
Our directors and executive officers, as a group, beneficially owned 33.55% of our outstanding common stock as of January 31, 2024. As a result of their ownership, the directors and executive officers have the ability for all practical purposes, by voting their shares in concert, to control the outcome of any matter submitted to our stockholders for approval, including the election of directors, which requires only a majority vote. The directors and executive officers may vote to cause us to take actions with which our other stockholders do not agree.
Our amended certificate of incorporation, as well as certain provisions of banking law and Oklahoma corporate law, could make it difficult for a third party to acquire our company.
Oklahoma corporate law and our amended certificate of incorporation contain provisions that could delay, deter or prevent a change in control of our management or us. Together, these provisions may discourage transactions that otherwise could provide for the payment of a premium over prevailing market prices of our common stock, and also could limit the price that investors are willing to pay in the future for shares of our common stock. Additionally, provisions of federal banking laws, including regulatory approval requirements, could make it more difficult for a third party to acquire us, even if doing so would be perceived to be beneficial to our shareholders. These provisions effectively inhibit a non-negotiated merger or other business combination, which, in turn, could adversely affect the market price of our common stock.
An investment in our common stock is not an insured deposit.
Our common stock is not a bank deposit and, therefore, is not insured against loss by the FDIC, any other deposit insurance fund or by any other public or private entity. Investment in our common stock inherently involves risk for the reasons described in this “Risk Factors” section and elsewhere in this report and is subject to the same market forces that affect the price of common stock in any company. As a result, if you acquire our common stock, you could lose some or all of your investment.
Our stock price can be volatile.
Stock price volatility may make it more difficult for you to resell your common stock when you want and at prices you find attractive. Our stock price can fluctuate significantly in response to a variety of factors including, among other things: actual or anticipated variations in quarterly results of operations; recommendations by securities analysts; operating and stock price performance of other companies that investors deem comparable to us; news reports relating to trends, concerns and other issues in the financial services industry; perceptions in the marketplace regarding us and/or our competitors; new technology used, or services offered by competitors; significant acquisitions or business combinations, strategic partnerships, joint ventures or capital commitments by or involving us or our competitors; failure to integrate acquisitions or realize anticipated benefits from acquisitions; changes in government regulations; and geopolitical conditions such as acts or threats of terrorism or military conflicts.
General market fluctuations, industry factors and general economic and political conditions and events, such as economic slowdowns or recessions, interest rate changes or credit loss trends, could also cause our stock price to decrease regardless of our operating results.
General Risk Factors
We rely on certain external vendors.
We are reliant upon certain external vendors to provide products and services necessary to maintain our day-to-day operations. These third party vendors are sources of operational and informational security risk to us, including risks associated with operational
23
errors, information system interruptions or breaches and unauthorized disclosures of sensitive or confidential client or customer information. If these vendors encounter any of these issues, or if we have difficulty communicating with them, we could be exposed to disruption of operations, loss of service or connectivity to customers, reputational damage and enforcement and litigation risk that could have a material adverse effect on our business and, in turn, our financial condition and results of operations.
Changes in accounting standards could impact our consolidated financial statements and reported earnings.
Accounting standard-setting bodies, such as the Financial Accounting Standards Board, periodically change the financial accounting and reporting standards that affect the preparation of the consolidated financial statements. These changes are beyond our control and could have a meaningful impact on our consolidated financial statements.
If we fail to maintain an effective system of internal controls, we may not be able to accurately report our financial results or prevent fraud.
Effective internal controls are necessary for us to provide reliable financial reports and effectively prevent fraud. Any inability to provide reliable financial reports or prevent fraud could harm our business. The Sarbanes-Oxley Act of 2002 requires management and our auditors to evaluate and assess the effectiveness of our internal control over financial reporting. These requirements may be modified, supplemented or amended from time to time. Implementing these changes may take a significant amount of time and may require specific compliance training of our personnel. We have in the past discovered, and may in the future discover, areas of our internal control over financial reporting that need improvement. If our auditors or we discover a material weakness, the disclosure of that fact, even if quickly remedied, could reduce the market’s confidence in our consolidated financial statements and have an adverse effect on our stock price. We may not be able to effectively and timely implement necessary control changes and employee training to ensure continued compliance with the Sarbanes-Oxley Act and other regulatory and reporting requirements. Our historic growth and our expansion through acquisitions present challenges to maintaining the internal control and disclosure control standards applicable to public companies. If we fail to maintain effective internal controls, we could be subject to regulatory scrutiny and sanctions, our ability to recognize revenue could be impaired and investors could lose confidence in the accuracy and completeness of our financial reports. We cannot assure you that we will continue to fully comply with the requirements of the Sarbanes-Oxley Act or that management or our auditors will conclude that our internal control over financial reporting is effective in future periods.
We may need to raise additional capital in the future, and such capital may not be available when needed or at all.
We may need to raise additional capital in the future to provide us with sufficient capital resources and liquidity to meet our commitments and business needs, particularly if our asset quality or earnings were to deteriorate significantly. Our ability to raise additional capital, if needed, will depend on, among other things, conditions in the capital markets at that time, which are outside of our control and our financial performance. Economic conditions and the loss of confidence in financial institutions may increase our cost of funding and limit access to certain customary sources of capital, including inter-bank borrowings, repurchase agreements and borrowings from the discount window of the Federal Reserve Board.
We cannot assure that such capital will be available on acceptable terms or at all. Any occurrence that may limit our access to the capital markets, such as a decline in the confidence of debt purchasers, depositors or counterparties participating in the capital markets, or a downgrade of our debt ratings, may adversely affect our capital costs and our ability to raise capital and, in turn, our liquidity. Moreover, if we need to raise capital in the future, we may have to do so when many other financial institutions are also seeking to raise capital, and we would have to compete with those institutions for investors. An inability to raise additional capital on acceptable terms when needed could have a materially adverse effect on our businesses, financial condition and results of operations.
We rely heavily on our management team, and the unexpected loss of key managers may adversely affect our operations.
Our success to-date has been strongly influenced by our ability to attract and to retain senior management experienced in banking and financial services. Our ability to retain executive officers and the current management teams of each of our lines of business will continue to be important to the successful implementation of our strategies. We do not have employment or non-compete agreements with these key employees. The unexpected loss of services of any key management personnel, or the inability to recruit and retain qualified personnel in the future, could have an adverse effect on our business and financial results.
Item 1B. Unresolved Staff Comments.
None.
24
Item 1C. Cybersecurity.
The Company recognizes the critical importance of maintaining the safety and security of its systems to protect its customers, maintain its reputation, and preserve the value of the Company and data and therefore have an enterprise-wide risk management framework for overseeing and managing cybersecurity and related risks. The process is supported by both management and its Board of Directors.
The Company relies heavily on sensitive information to run daily operations and deliver products and services. To protect the availability, integrity, and confidentiality of sensitive information and sensitive infrastructure, the Board of Directors requires the Company develop and implement a comprehensive Information Security Program, which focuses on the confidentiality, availability and security of information and systems. The Information Security Program defines the strategy that the Company uses to protect and secure its systems and media that process and maintain sensitive information. The program details the governance, management, operations, and assurance of the program, and seeks to identify, prevent and mitigate cyber threats and to respond effectively to cyber threats when they occur.
The cybersecurity function, is led by the Company's Chief Information Officer ("CIO"), who reports to The Company's Chief Operating Officer ("COO"). The Chief Information Security Officer ("CISO") reports to the CIO and generally is responsible for management of cybersecurity risk and the protection and defense of the Company's networks and systems. The CISO manages a team of cybersecurity professionals with broad experience and expertise, including threat assessments and detection, mitigation technologies, cybersecurity training, incident response, insider threats and regulatory compliance.
The Company has not, as of the date of this Form 10-K, experienced a cybersecurity threat or incident that resulted in a material adverse impact to its business or operations. Nevertheless, there are no assurances the Company will not experience such an incident in the future. Such incidents, whether or not successful, could result in the Company incurring significant costs related to, for example, rebuilding its internal systems, implementing additional threat protection measures, defending against litigation, responding to regulatory inquiries or actions, paying damages, risk of customers moving relationships with the Company to another institution, or taking other remedial steps with respect to third parties, as well as incurring significant reputational harm.
Board Oversight
Our Board of Directors is responsible for overseeing our enterprise risk management activities in general, and each of our Board committees assists the Board in the role of risk oversight. The full Board receives an update on the Company’s risk management process and the risk trends related to cybersecurity at least annually and receive reports on incidents that exceed certain thresholds and updates on responses thereto. The Information Security Committee is directly responsible for oversight of risks related to cybersecurity. The Board receives reports on information security and cybersecurity from the Information Security Committee at least four times a year.
Risk Management and Strategy
The Company continuously seeks to identify threats, vulnerabilities, and cybersecurity risks on information assets. Threats are identified through experience, regulatory requirements, information sharing, third party vendors, internal and external security assessments, and industry periodicals.
The risk assessment process identifies areas that are required to be protected and determine if adequate controls are used to safeguard the Company against threats and vulnerabilities. Adjustments required to adhere to regulatory changes are a regular function of the assessment process as well as changes to technologies, processes, and other factors. From the analyses, any additional controls are identified, prioritized and implemented.
Security Controls and Continuous Monitoring
Security controls and design are critical to mitigating risks. The Company works to protect its computing environments and products from cybersecurity threats through multi-layered defenses and applies lessons learned from its defense and monitoring efforts to help prevent future attacks. The Company utilizes data analytics to detect anomalies and monitor for possible cyber threats. The Company's Cybersecurity Operations Center provides comprehensive cyber threat detection and response capabilities and maintains a 24x7 monitoring system which complements the technology, processes and threat detection techniques the Company uses to monitor, manage and mitigate cybersecurity threats. From time to time, the Company engages third party consultants or other advisors to assist in assessing, identifying and/or managing cybersecurity threats. The Company's Internal Audit function also conducts information technology and cybersecurity reviews and assessments.
25
Threat Intelligence
The Company considers threat intelligence from third party sources to strengthen systems and network preparedness for cybersecurity risks. The Company uses associations, such as the Financial Services Information Sharing and Analysis Center ("FS-ISAC"), to stay informed of threat information.
Third Party Risk Assessments
The Company conducts information security assessments before sharing or allowing the hosting of sensitive data in computing environments managed by third parties, and its standard terms and conditions contain contractual provisions requiring certain security protections.
Incident Response and Recovery Planning
The Company has established comprehensive incident response and recovery plans and continues to regularly test and evaluate the effectiveness of those plans. The Company's incident response and recovery plans address and guide its employees, management and the Board on its response to a cybersecurity incident.
Training and Awareness
The Company provides awareness training to its employees to help identify, avoid and mitigate cybersecurity threats. All employees with network access participate annually in required training, including spear phishing and other awareness training. The Company also periodically hosts tabletop exercises with management and other employees to practice cyber incident response.
Item 2. Properties.
The principal offices of the Company are located at 100 North Broadway Ave., Oklahoma City, Oklahoma 73102.
The Company owns substantially all of the properties and buildings in which its various offices and facilities are located. These properties include the main bank and 105 additional BancFirst branches in Oklahoma. The Company also owns properties in Oklahoma for future expansion. There are no significant encumbrances on any of these properties.
The Company’s wholly-owned subsidiary, Pegasus has three banking locations in Dallas, Texas. The main bank is located at 4515 W Mockingbird Ln, Dallas, TX 75209.
The Company’s wholly-owned subsidiary, Worthington has one banking location in Arlington, Texas, one in Colleyville, Texas, one in Denton, Texas and two in Fort Worth, Texas. The main bank is located at 200 W Main St, Arlington, TX 76010.
(See Note 6 - “Premises and Equipment, Net and Other Assets” to the Consolidated Financial Statements for further information on the Company’s properties).
Item 3. Legal Proceedings.
The Company has been named as a defendant in various legal actions arising from the conduct of its normal business activities. Although the amount of any liability that could arise with respect to these actions cannot be accurately predicted, in the opinion of the Company, any such liability will not have a material adverse effect on the consolidated financial statements of the Company.
Item 4. Mine Safety Disclosures.
None.
26
PART II
Item 5. Market for the Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities.
Common Stock Market Prices and Dividends
The Company’s Common Stock is listed on the NASDAQ Global Select Market System (“NASDAQ/GS”) and is traded under the symbol “BANF”. As of January 31, 2024, there were 228 holders of record of our Common Stock.
Future dividend payments will be determined by the Company’s Board of Directors in light of the earnings and financial condition of the Company, BancFirst, Pegasus and Worthington, their capital needs, applicable governmental policies and regulations and such other factors as the Board of Directors deems appropriate.
BancFirst Corporation is a legal entity separate and distinct from BancFirst, Pegasus and Worthington, and its ability to pay dividends is substantially dependent upon dividend payments received from BancFirst. Various laws, regulations and regulatory policies limit BancFirst’s ability to pay dividends to BancFirst Corporation, as well as BancFirst Corporation’s ability to pay dividends to its stockholders. See “Liquidity and Funding” and “Capital Resources” under “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” “Item 1 - Business-Supervision and Regulation.” and Note (15) of the Notes to Consolidated Financial Statements for further information regarding limitations on the payment of dividends by BancFirst Corporation and BancFirst.
Stock Repurchases
The Company has adopted a Stock Repurchase Program (the “SRP”). The SRP may be used as a means to increase earnings per share and return on equity, to purchase treasury stock for the exercise of stock options or for distributions under the Deferred Stock Compensation Plan, to provide liquidity for optionees to dispose of stock from exercises of their stock options and to provide liquidity for stockholders wishing to sell their stock. All shares repurchased under the SRP have been retired and not held as treasury stock. The timing, price and amount of stock repurchases under the SRP may be determined by management and approved by the Company’s Executive Committee. At December 31, 2023, up to 479,784 shares could be repurchased under the Stock Repurchase Program. The amount approved is subject to amendment. The Stock Repurchase Program will remain in effect until all shares are repurchased.
No purchases were made by or on behalf of the Company or any “affiliated purchaser” (as defined in Rule 10b-18(a)(3) under the Securities Exchange Act of 1934), of the Company’s common stock during the three months ended December 31, 2023.
Equity Compensation Plan Information
Information regarding stock-based compensation awards outstanding and available for future grants as of December 31, 2023 is presented in the table below. All of the Company’s stock-based compensation plans have been approved by the Company’s stockholders. Additional information regarding stock-based compensation plans is presented in Note (13) – Stock-Based Compensation in the notes to consolidated financial statements included in Item 8. Financial Statements and Supplementary Data located elsewhere in this report.
|
|
(a) |
|
|
(b) |
|
|
(c) |
|
|||
Plan Category |
|
Number of Securities |
|
|
Weighted Average |
|
|
Number of Securities |
|
|||
Equity compensation plans approved by security holders |
|
|
1,393,041 |
|
|
$ |
52.78 |
|
|
|
486,111 |
|
Performance Graph
The Company’s performance graph is incorporated by reference from “Performance Graph” contained on the last page of this 10-K report.
Item 6. [Reserved]
27
Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations.
The following discussion and analysis presents factors that the Company believes are relevant to an assessment and understanding of the Company’s financial position and results of operations for the three years ended December 31, 2023. This discussion and analysis should be read in conjunction with the consolidated financial statements and notes thereto and the selected consolidated financial data included herein.
FORWARD-LOOKING STATEMENTS
The Company may make forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934 with respect to earnings, credit quality, corporate objectives, interest rates and other financial and business matters. Forward-looking statements include estimates and give management’s current expectations or forecasts of future events. The Company cautions readers that these forward-looking statements are subject to numerous assumptions, risks and uncertainties, including economic conditions; the performance of financial markets and interest rates; legislative and regulatory actions and reforms; competition; as well as other factors, all of which change over time. Examples of forward-looking statements include, but are not limited to: (i) projections of revenues, expenses, income or loss, earnings or loss per share, the payment or nonpayment of dividends, capital structure and other financial items; (ii) statements of plans, objectives and expectations, including those relating to products or services; (iii) statements of future economic performance; and (iv) statements of assumptions underlying such statements. Words such as “believes”, “anticipates”, “expects”, “intends”, “targeted”, “continue”, “remain”, “will”, “should”, “may” and other similar expressions are intended to identify forward-looking statements but are not the exclusive means of identifying such statements.
Forward-looking statements involve risks and uncertainties that may cause actual results to differ materially from those in such statements. Factors that could cause actual results to differ from those discussed in the forward-looking statements include, but are not limited to:
28
Actual results may differ materially from forward-looking statements.
SUMMARY
The Company’s net income for 2023 was $212.5 million, or $6.34 per diluted share, compared to $193.1 million, or $5.77 per diluted share for 2022.
In 2023, net interest income increased to $424.5 million, compared to $373.7 million in 2022. Rising short-term interest rates and loan growth contributed to the increase in net interest income in 2023. The Company’s net interest margin increased to 3.79% for 2023, compared to 3.29% for 2022.
The Company recorded a provision for credit losses of $7.5 million in 2023 compared to a provision for credit losses of $10.1 million in 2022. The Company's provision for credit losses decreased in 2023 due to improving economic forecasts.
Noninterest income totaled $185.4 million in 2023 compared to $183.7 million in 2022. The increase in noninterest income in 2023 was mostly attributable the increase in sweep fees of $12.2 million, partially offset by the reduction of interchange fees of approximately $10.9 million related to the impact of the Durbin Amendment since its application to the Company on July 1, 2023.
Noninterest expense was $332.5 million in 2023 compared to $309.9 million in 2022. Higher noninterest expenses in 2023 were primarily related to growth in salaries and employee benefits of $15.0 million related to both annual merit increases and new hires needed to comply with the increased regulatory burden associated with exceeding $10 billion in assets. In addition, 2023 included an expense from other real estate owned of $15.9 million compared to $9.9 million during 2022.
The Company’s effective tax rate in 2023 was 21.29% compared to 18.67% for 2022. During the first quarter of 2023, the Company adopted accounting standards update ("ASU") 2023-02, which increased income tax expense. The effective tax rate for 2023 was higher than the statutory rate due to the adoption of ASU 2023-02 and state tax expense. The effective tax rate for 2022 was lower than the statutory tax rate due to the recognition of certain tax credits.
The Company’s assets at year-end 2023 totaled $12.4 billion, virtually unchanged from December 31, 2022. Off-balance sheet sweep accounts totaled $4.3 billion at December 31, 2023 compared to $3.7 billion at December 31, 2022. Loans totaled $7.7 billion an increase of $710.3 million from year-end 2022. Deposits totaled $10.7 billion at December 31, 2023 a decrease of $274.1 million from December 31, 2022. The Company’s total stockholders’ equity was $1.4 billion, an increase of $183.1 million from December 31, 2022.
Asset quality remained strong with nonaccrual loans of $24.6 million, representing 0.32% of total loans at December 31, 2023. Nonaccrual loans were $15.3 million or 0.22% of total loans at December 31, 2022. The allowance for credit losses to total loans stood at 1.26% at December 31, 2023, compared to 1.33% at December 31, 2022. Net charge-offs were $3.4 million for the year or 0.05% of average loans, compared to $1.4 million or 0.02% of average loans for the year ended December 31, 2022.
See Note (2) of the Notes to Consolidated Financial Statements for disclosure regarding the Company’s recent developments, including mergers and acquisitions.
CRITICAL ACCOUNTING POLICIES AND ESTIMATES
The Company’s significant accounting policies are described in Note (1) to the consolidated financial statements. The preparation of financial statements in conformity with accounting principles generally accepted in the United States inherently involves the use of estimates and assumptions, which affect the amounts reported in the financial statements and the related disclosures. These estimates relate principally to the allowance for credit losses, income taxes, intangible assets and the fair value of financial instruments. Such estimates and assumptions may change over time and actual amounts realized may differ from those reported. The following is a summary of the accounting policies and estimates that management believes are the most critical.
29
Allowance for Credit losses
On January 1, 2020, the Company adopted Accounting Standards Codification (“ASC”) 326, which replaced the incurred loss methodology for determining its provision for credit losses and allowance for credit losses with an expected loss methodology that is referred to as current expected credit loss ("CECL"). The allowance for credit losses is management’s estimate of the current expected credit losses on financial assets measured at amortized cost.
The allowance for credit losses is increased by provisions charged to operating expense and is reduced by net loan charge-offs. The amount of the allowance for credit losses is measured using relevant information about past events, including historical credit loss experience on financial assets with similar risk characteristics, current conditions, and reasonable and supportable forecasts that affect the collectability of the remaining cash flows over the contractual term of the financial assets. A loan is considered collateral-dependent when the repayment is expected to be provided substantially through the operation or sale of the collateral when the borrower is experiencing financial difficulty based on the Company's assessment as of the reporting date. For collateral dependent loans, the standard allows institutions to use, as a practical expedient, the fair value of the collateral to measure current expected credit losses on collateral-dependent financial assets. This amount is included in the allowance for credit losses.
To estimate expected losses using historical loss information, the Company elected to utilize a methodology known as vintage loss analysis for BancFirst, Pegasus, and Worthington Bank. Vintage loss analysis measures impairment based on the age of the accounts and the historical performance of assets with similar risk characteristics. Vintage loss analysis determines expected losses by allowing the Company to calculate the cumulative loss rates of a given loan pool and, in so doing, determine the loan pool’s lifetime expected loss experience relative to the appropriate type of financial assets that share similar risk characteristics. Vintage loss analysis uses different “vintages” analyzed by year of origination through the weighted average maturity of each loan pool. The key quantitative inputs used in the Company’s estimate of the allowance for credit losses include 1) all available loan data tracked by year of origination, 2) total charge-offs for each specific loan pool recorded since year of origination, 3) recovery rate calculated by the average recovery over the previous seven years across all loan pools, and 4) a weighting factor biased to more recent loss experience. The quantitative current expected credit loss is calculated by dividing each year’s net charge-offs by the original balance. The respective vintage’s original balance remains the denominator in each annual calculation, referencing the specific vintage’s initial balance. The loss experience of this original balance is tracked annually and summed over the life of the loan for each separate loan pool, leaving a cumulative life of credit loss rate based on historic averages weighted towards more recent loss experience. These key quantitative inputs change from period to period as new loans are originated, and charge-offs and recoveries are recognized. The recovery rate is revised on an annual basis, taking into consideration the most recent seven years. The weighting factor percentages remain static; however, the most recent year receives the highest weighting percentage.
The BancFirst Senior Loan Committee (“the SLC”) establishes BancFirst qualitative adjustments. In setting the qualitative adjustments, they consider several factors, including external economic information, peer bank comparisons, and experience with the loan portfolio. The SLC also considers a Moody’s Analytics dataset in which BancFirst selects a range from three probability scenarios from two economic forecasts. To determine the appropriate correlation to the loss experience, economic indicators are compared to the prior ten years of charge-off history to arrive at a correlation factor. BancFirst then applies the correlation factor to the change in the forecast of the aforementioned economic indicators over the next 18-24 months, which is driven by management’s judgment of a reasonable and supportable forecast period to arrive at a percentage range of qualitative loss adjustment attributable to economic forecasts. The SLC establishes a qualitative adjustment for each loan pool using these factors. For periods beyond which BancFirst can make or obtain reasonable and supportable forecasts of current expected credit losses, BancFirst reverts to historical loss information.
Each quarter the SLC reviews aggregate allowance for BancFirst and adjusts the appropriateness of the allowance. In addition, annually or more frequently as needed, the SLC evaluates the qualitative adjustments used in the BancFirst allowance based on the information described above. To facilitate the SLC’s evaluation, the Asset Quality Department performs periodic reviews of business units and reports on the adequacy of management’s identification of collateral-dependent and adversely classified loans and their adherence to loan policies and procedures.
The process of evaluating the appropriateness of the allowance for credit losses necessarily involves the exercise of judgment and consideration of numerous subjective factors and, accordingly, there can be no assurance that the estimate of expected losses will not change in light of future developments and economic conditions. Changes in assumptions and conditions could result in a materially different amount for the allowance for credit losses.
Income Taxes
The Company files a consolidated income tax return. Deferred taxes are recognized under the balance sheet method based upon the future tax consequences of temporary differences between the carrying amounts and tax basis of assets and liabilities, using the tax rates expected to apply to taxable income in the periods when the related temporary differences are expected to be realized.
30
The amount of accrued current and deferred income taxes is based on estimates of taxes due or receivable from taxing authorities either currently or in the future. Changes in these accruals are reported as tax expense or benefits, and involve estimates of the various components included in determining taxable income, tax credits, other taxes and temporary differences. Changes periodically occur in the estimates due to changes in tax rates, tax laws and regulations and implementation of new tax planning strategies. The process of determining the accruals for income taxes necessarily involves the exercise of considerable judgment and consideration of numerous subjective factors.
Management performs an analysis of the Company’s tax positions annually and believes it is more likely than not that all of its tax positions will be utilized in future years.
Intangible Assets and Goodwill
Core deposit intangibles are amortized on a straight-line basis over the estimated useful lives of seven to ten years and customer relationship intangibles are amortized on a straight-line basis over the estimated useful life of three to eighteen years. Goodwill is not amortized, but is evaluated at a reporting unit level at least annually for impairment or more frequently if other indicators of impairment are present. At least annually in the fourth quarter, intangible assets, are evaluated for possible impairment. Impairment losses are measured by comparing the fair values of the intangible assets with their recorded amounts. Any impairment losses are reported in the consolidated statements of comprehensive income.
The evaluation of remaining core deposit intangibles for possible impairment involves reassessing the useful lives and the recoverability of the intangible assets. The evaluation of the useful lives is performed by reviewing the levels of core deposits of the respective branches acquired. The actual life of a core deposit base may be longer than originally estimated due to more successful retention of customers, or may be shorter due to more rapid runoff. Amortization of core deposit intangibles would be adjusted, if necessary, to amortize the remaining net book values over the remaining lives of the core deposits. The evaluation for recoverability is only performed if events or changes in circumstances indicate that the carrying amount of the intangibles may not be recoverable.
The evaluation of goodwill for possible impairment is performed by comparing the fair values of the related reporting units with their carrying amounts including goodwill. The fair values of the related business units are estimated using market data for prices of recent acquisitions of banks and branches.
The evaluation of intangible assets and goodwill for the year ended December 31, 2023 and 2022 resulted in no impairments.
Fair Value of Financial Instruments
Debt securities that are being held for indefinite periods of time, or that may be sold as part of the Company’s asset/liability management strategy, to provide liquidity or for other reasons, are classified as available for sale and are stated at estimated fair value. Unrealized gains or losses on debt securities available for sale are reported as a component of stockholders’ equity, net of income tax.
The Company reviews its portfolio of debt securities in an unrealized loss position at least quarterly. The Company first assesses whether it intends to sell, or it is more-likely-than-not that it will be required to sell, the securities before recovery of the amortized cost basis. If either of these criteria is met, the securities amortized cost basis is written down to fair value as a current period expense. If either of the above criteria is not met, the Company evaluates whether the decline in fair value is the result of credit losses or other factors. In making this assessment, the Company considers, among other things, the performance of any underlying collateral and adverse conditions specifically related to the security. At December 31, 2023 and December 31, 2022, 98% of the available for sale debt securities held by the Company were issued by the U.S. Treasury, or U.S. government-sponsored entities and agencies. The Company does not consider the unrealized position of these securities to be the result of credit factors, because the decline in fair value is attributable to changes in interest rates and illiquidity, and not credit quality, and the Company does not have the intent to sell these securities and it is likely that it will not be required to sell the securities before their anticipated recovery. Therefore, the Company has not recorded an allowance for credit losses against its debt securities portfolio, as the credit risk is not material.
The estimates of fair values of debt securities and other financial instruments are based on a variety of factors. In some cases, fair values represent quoted market prices for identical or comparable instruments. In other cases, fair values have been estimated based on assumptions concerning the amount and timing of estimated future cash flows and assumed discount rates reflecting varying degrees of risk. Accordingly, the fair values may not represent actual values of the financial instruments that could have been realized as of year-end or that will be realized in the future.
31
Future Application of Accounting Standards
See Note (1) of the Notes to Consolidated Financial Statements for a discussion of recently issued accounting pronouncements and their expected impact on the Company’s consolidated financial statements.
Segment Information
See Note (23) of the Notes to Consolidated Financial Statements for disclosure regarding the Company’s operating business segments.
RESULTS OF OPERATIONS
The following discussion and analysis presents the more significant factors that affected the Company's financial condition as of December 31, 2023 and 2022 and results of operations for each of the years then ended. Refer to Management’s Discussion and Analysis of Financial Condition and Results of Operations included in our Annual Report on Form 10-K filed with the SEC on February 24, 2023 (the “2022 Form 10-K”) for a discussion and analysis of the more significant factors that affected periods prior to 2022, which the Company incorporates by reference.
Certain reclassifications have been made to make prior periods comparable. This discussion and analysis should be read in conjunction with the Company's consolidated financial statements, notes thereto and other financial information appearing elsewhere in this report. From time to time, the Company has engaged in acquisitions. None of these acquisitions had a significant impact on the Company's consolidated financial statements. The Company accounts for acquisitions using the acquisition method, and as such, the results of operations of acquired companies are included from the date of acquisition forward.
32
Average Balances, Income Expenses and Rates
The following tables present, for the periods indicated, certain information related to the Company's consolidated average balance sheet, average yields on assets and average costs of liabilities. Such yields are derived by dividing income or expense by the average balance of the corresponding assets or liabilities. For these computations: (i) average balances are derived from daily averages, (ii) information is shown on a taxable-equivalent basis assuming a 21% tax rate, and (iii) nonaccrual loans are included in the average loan balances and any interest on such nonaccrual loans is recognized on a cash basis. Loan fees included in interest income were $21.9 million for the year ended December 31, 2023 compared to $24.1 million for the year ended December 31, 2022 and $55.5 million for the year ended December 31, 2021.
CONSOLIDATED AVERAGE BALANCE SHEETS AND INTEREST MARGIN ANALYSIS |
|
|||||||||||||||||||||||||||||||||||
Taxable Equivalent Basis |
|
|||||||||||||||||||||||||||||||||||
(Dollars in thousands) |
|
|||||||||||||||||||||||||||||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||
|
|
December 31, 2023 |
|
|
December 31, 2022 |
|
|
December 31, 2021 |
|
|||||||||||||||||||||||||||
|
|
|
|
|
Interest |
|
|
Average |
|
|
|
|
|
Interest |
|
|
Average |
|
|
|
|
|
Interest |
|
|
Average |
|
|||||||||
|
|
Average |
|
|
Income/ |
|
|
Yield/ |
|
|
Average |
|
|
Income/ |
|
|
Yield/ |
|
|
Average |
|
|
Income/ |
|
|
Yield/ |
|
|||||||||
|
|
Balance |
|
|
Expense |
|
|
Rate |
|
|
Balance |
|
|
Expense |
|
|
Rate |
|
|
Balance |
|
|
Expense |
|
|
Rate |
|
|||||||||
ASSETS |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||
Earning assets: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||
Loans (1) |
|
$ |
7,292,871 |
|
|
$ |
467,951 |
|
|
|
6.42 |
% |
|
$ |
6,611,617 |
|
|
$ |
336,739 |
|
|
|
5.09 |
% |
|
$ |
6,220,192 |
|
|
$ |
316,618 |
|
|
|
5.09 |
% |
Debt securities – taxable |
|
|
1,565,697 |
|
|
|
36,838 |
|
|
|
2.35 |
|
|
|
1,295,762 |
|
|
|
24,456 |
|
|
|
1.89 |
|
|
|
538,157 |
|
|
|
6,327 |
|
|
|
1.18 |
|
Debt securities – tax exempt |
|
|
3,339 |
|
|
|
91 |
|
|
|
2.71 |
|
|
|
3,877 |
|
|
|
118 |
|
|
|
3.03 |
|
|
|
11,372 |
|
|
|
258 |
|
|
|
2.27 |
|
Federal funds sold and interest-bearing |
|
|
2,343,182 |
|
|
|
119,486 |
|
|
|
5.10 |
|
|
|
3,450,093 |
|
|
|
58,931 |
|
|
|
1.71 |
|
|
|
3,268,443 |
|
|
|
4,366 |
|
|
|
0.13 |
|
Total earning assets |
|
|
11,205,089 |
|
|
|
624,366 |
|
|
|
5.57 |
|
|
|
11,361,349 |
|
|
|
420,244 |
|
|
|
3.70 |
|
|
|
10,038,164 |
|
|
|
327,569 |
|
|
|
3.26 |
|
Nonearning assets: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||
Cash and due from banks |
|
|
204,394 |
|
|
|
|
|
|
|
|
|
260,028 |
|
|
|
|
|
|
|
|
|
271,004 |
|
|
|
|
|
|
|
||||||
Interest receivable and other assets |
|
|
814,419 |
|
|
|
|
|
|
|
|
|
865,744 |
|
|
|
|
|
|
|
|
|
694,191 |
|
|
|
|
|
|
|
||||||
Allowance for credit losses |
|
|
(96,154 |
) |
|
|
|
|
|
|
|
|
(87,567 |
) |
|
|
|
|
|
|
|
|
(88,028 |
) |
|
|
|
|
|
|
||||||
Total nonearning assets |
|
|
922,659 |
|
|
|
|
|
|
|
|
|
1,038,205 |
|
|
|
|
|
|
|
|
|
877,167 |
|
|
|
|
|
|
|
||||||
Total assets |
|
$ |
12,127,748 |
|
|
|
|
|
|
|
|
$ |
12,399,554 |
|
|
|
|
|
|
|
|
$ |
10,915,331 |
|
|
|
|
|
|
|
||||||
LIABILITIES AND STOCKHOLDERS’ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||
Interest-bearing liabilities: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||
Money market and interest-bearing checking deposits |
|
$ |
4,361,001 |
|
|
$ |
142,275 |
|
|
|
3.26 |
% |
|
$ |
4,090,098 |
|
|
$ |
31,245 |
|
|
|
0.76 |
% |
|
$ |
3,566,394 |
|
|
$ |
4,147 |
|
|
|
0.12 |
% |
Savings deposits |
|
|
1,087,642 |
|
|
|
29,575 |
|
|
|
2.72 |
|
|
|
1,147,673 |
|
|
|
6,402 |
|
|
|
0.56 |
|
|
|
1,019,042 |
|
|
|
542 |
|
|
|
0.05 |
|
Time deposits |
|
|
797,179 |
|
|
|
23,196 |
|
|
|
2.91 |
|
|
|
672,179 |
|
|
|
4,318 |
|
|
|
0.64 |
|
|
|
654,801 |
|
|
|
3,543 |
|
|
|
0.54 |
|
Short-term borrowings |
|
|
6,432 |
|
|
|
312 |
|
|
|
4.84 |
|
|
|
4,333 |
|
|
|
60 |
|
|
|
1.39 |
|
|
|
2,608 |
|
|
|
2 |
|
|
|
0.08 |
|
Subordinated debt |
|
|
86,070 |
|
|
|
4,122 |
|
|
|
4.79 |
|
|
|
86,013 |
|
|
|
4,122 |
|
|
|
4.79 |
|
|
|
56,793 |
|
|
|
3,130 |
|
|
|
5.51 |
|
Total interest-bearing liabilities |
|
|
6,338,324 |
|
|
|
199,480 |
|
|
|
3.15 |
|
|
|
6,000,296 |
|
|
|
46,147 |
|
|
|
0.77 |
|
|
|
5,299,638 |
|
|
|
11,364 |
|
|
|
0.21 |
|
Interest-free funds: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||
Noninterest-bearing deposits |
|
|
4,343,646 |
|
|
|
|
|
|
|
|
|
5,097,813 |
|
|
|
|
|
|
|
|
|
4,437,352 |
|
|
|
|
|
|
|
||||||
Interest payable and other liabilities |
|
|
108,438 |
|
|
|
|
|
|
|
|
|
102,691 |
|
|
|
|
|
|
|
|
|
52,069 |
|
|
|
|
|
|
|
||||||
Stockholders’ equity |
|
|
1,337,340 |
|
|
|
|
|
|
|
|
|
1,198,754 |
|
|
|
|
|
|
|
|
|
1,126,272 |
|
|
|
|
|
|
|
||||||
Total interest free funds |
|
|
5,789,424 |
|
|
|
|
|
|
|
|
|
6,399,258 |
|
|
|
|
|
|
|
|
|
5,615,693 |
|
|
|
|
|
|
|
||||||
Total liabilities and stockholders’ equity |
|
$ |
12,127,748 |
|
|
|
|
|
|
|
|
$ |
12,399,554 |
|
|
|
|
|
|
|
|
$ |
10,915,331 |
|
|
|
|
|
|
|
||||||
Net interest income |
|
|
|
|
$ |
424,886 |
|
|