Agreement dated June 18, 2020, by and between CommunityBank of Texas, N.A. and the Office of the Comptroller of the Currency

EX-10.1 2 tmb-20200618xex10d1.htm EX-10.1

Exhibit 10.1


CommunityBank of Texas, N.A.

Beaumont, Texas



The Office of the Comptroller of the Currency

CommunityBank of Texas, N.A., Beaumont, Texas (“Bank”) and the Office of the Comptroller of the Currency (“OCC”) wish to assure the safety and soundness of the Bank and its compliance with laws and regulations.

The Comptroller of the Currency (“Comptroller”) has identified deficiencies relating to the Bank’s compliance with Bank Secrecy Act/anti-money laundering (“BSA/AML”) laws and regulations, including a violation of 12 C.F.R. § 21.21(d)(1) (Internal Control Pillar) and other violations;

Therefore, the OCC, through the duly authorized representative of the Comptroller, and the Bank, through its duly elected and acting Board of Directors (“Board”), hereby agree that the Bank shall operate at all times in compliance with the following:



(1)The Bank is an “insured depository institution” as that term is defined in 12 U.S.C. § 1813(c)(2).
(2)The Bank is a national banking association within the meaning of 12 U.S.C. § 1813(q)(1)(A), and is chartered and examined by the OCC. See 12 U.S.C. § 1 et seq.

(3)The OCC is the “appropriate Federal banking agency” as that term is defined in 12 U.S.C. § 1813(q).



(1) Within thirty (30) days of the date of this Agreement, the Board shall appoint a Compliance Committee of at least three (3) members of which a majority shall be directors who are not employees or officers of the Bank or any of its subsidiaries or affiliates. The Board shall submit in writing to the Assistant Deputy Comptroller the names of the members of the Compliance Committee within ten (10) days of their appointment. In the event of a change of the membership, the Board shall submit in writing to the Assistant Deputy Comptroller within ten (10) days the name of any new or resigning committee member. The Compliance Committee shall monitor and oversee the Bank’s compliance with the provisions of this Agreement. The Compliance Committee shall meet at least quarterly and maintain minutes of its meetings.

(2)By July 31, 2020, and thereafter within thirty (30) days after the end of each quarter, the Compliance Committee shall submit to the Board a written progress report setting forth in detail:


a description of the corrective actions needed to achieve compliance with each Article of this Agreement;


the specific corrective actions undertaken to comply with each Article of this Agreement; and


the results and status of the corrective actions.


(3)Upon receiving each written progress report, the Board shall forward a copy of the report, with any additional comments by the Board, to the Assistant Deputy Comptroller within ten (10) days of the first Board meeting following the Board’s receipt of such report.



(1)The Board shall ensure that the Bank has a permanent, qualified, and experienced BSA Officer who shall be vested with sufficient authority, time, and resources to fulfill the duties and responsibilities of the position and ensure compliance with the requirements of the Bank Secrecy Act (31 U.S.C. §§ 5311 et. seq.), the regulations promulgated thereunder at 31 C.F.R. Part 103, 12 C.F.R. Part 21, Subparts B and C, and the rules and regulations of the Office of Foreign Assets Control (“OFAC”) (collectively, the “Bank Secrecy Act” or “BSA”).
(2)Within ninety (90) days of the date of this Agreement, the Board shall ensure that Bank management conducts a formal written assessment of the Bank’s BSA/AML Department’s organizational structure, and the capabilities and qualifications of the Bank’s BSA Officer and BSA Department staff to perform present and anticipated duties, and determine whether changes will be made, including, but not limited to, the need for additions to the current BSA Department staff. This assessment shall include, at a minimum:
(a)The BSA/AML Department organizational structure for independent lines of authority and clearly define the roles and responsibilities of staff and the BSA Officer;
(b)the adequacy of staffing of the BSA/AML compliance function, including,
(i)the level and scope of responsibilities of the BSA Officer;


(ii)the knowledge, skills, and capabilities of the BSA Officer to conduct assigned responsibilities and ensure the Bank’s compliance with requirements of the BSA; and
(iii)the number, qualifications, and experience of staff needed to support the BSA Officer and the Bank’s BSA/AML compliance function, and the level and scope of responsibilities of any support staff;
(c)the BSA Officer’s reporting structure, stature, authority, time and resources; and
(d)the Bank’s performance evaluation program that addresses periodic performance evaluations of staff involved with BSA/AML compliance.
(3)Within sixty (60) days of the assessment under paragraph (2) of this Article, the Board shall ensure that Bank management implements any changes that are needed in the Bank’s BSA Officer and supporting staff, including their responsibilities, authority, structure, independence, competencies, or capabilities. In particular, the Board shall ensure that Bank management provides the BSA Officer and supporting staff with sufficient training, authority, resources, and skill to perform their assigned responsibilities. The Board shall further ensure that Bank management has the necessary knowledge to effectively oversee the Bank’s compliance with BSA and that management information systems are effective.
(4)The Board shall ensure that Bank management periodically (no less than annually) reviews the adequacy of the Bank’s BSA Officer and supporting staff and shall document its determination(s) in writing. The periodic reviews shall consider the factors described in paragraph (2) of this Article.


(5)The Board shall ensure that Bank management holds the BSA Officer and supporting staff accountable for effectively implementing Bank policies and procedures and fulfilling BSA/AML obligations.



(1)Within one-hundred and twenty (120) days of the date of this Agreement, the Board shall ensure the Bank develops, implements, and thereafter adheres to a written program of policies and procedures to provide for compliance with the BSA and the appropriate identification and monitoring of transactions that pose greater than normal risk for compliance with the BSA. This program shall include the following:
(a)procedures for periodically updating the Bank’s BSA risk assessment to cover risks associated with current, or subsequently proposed Bank products, services, transaction types, customers, entities, and geographies served, and including the dollar volume associated with Bank products, services, customers and transactions;
(b)procedures to perform mapping of the BSA/AML monitoring systems to ensure all accounts and transactions are captured for suspicious activity monitoring;
(c)procedures to ensure the usage of appropriate thresholds in the Bank’s automated monitoring systems to filter accounts and customers for further monitoring, review, and analysis including:
(i)an analysis of the filtering thresholds established by the Bank;

(ii)periodic testing and monitoring of thresholds for their appropriateness to the Bank’s customer base, products, services, and geographic areas;
(iii)a requirement that any changes to thresholds are approved by the appropriate Bank committee and periodically reported to the Board, or a designated committee thereof;
(iv)a requirement that documentation of any changes to the filtering thresholds is maintained and available to auditors and OCC examiners;
(d)procedures for periodic (no less than annually) independent validation of the models and filtering thresholds used for the BSA monitoring systems by conducting above and below the line testing and documenting results in order to ensure that all accounts and transactions are captured, and the systems are adequate to detect potentially suspicious activity;
(e)well-defined policies and procedures for investigating and responding to transactions that have been identified as posing greater than normal risk for compliance with the BSA, including timely, well-documented disposition of alerts generated by the automated monitoring systems;
(f)adequate controls and procedures to ensure the adequate and timely filing of currency transaction reports (“CTRs”) and suspicious activity reports (“SARs”); and
(g)procedures for performing Customer Due Diligence (“CDD”) as detailed in Article V of this Agreement.




(1)Within ninety (90) days of the date of this Agreement, the Board shall ensure the Bank develops appropriate policies and procedures for performing customer due diligence/enhanced due diligence (“CDD/EDD”) and customer risk identification processes. CDD/EDD and customer risk identification processes shall provide for the capture and assessment of sufficient CDD information on all customers to understand the nature and purpose of the customer in order to generate a customer risk profile. The Bank should identify those customers that pose greater than normal risk for compliance with the BSA, including, but not limited to, money service businesses, payment processors, or cash-intensive businesses. At a minimum, these policies and procedures must provide for:
(a)the collection of additional information for high-risk customers and/or products and services, including, but not limited to, expected activity prior to onboarding such high-risk customers. Refer to the Suspicious Activity Reporting section of OCC Bulletin 2014-60, “Revised FFIEC BSA/AML Examination Manual” (“FFIEC BSA/AML Examination Manual”), for guidance;
(b)conducting ongoing monitoring for customer information to reflect changes in the customer’s behavior, activity profile, derogatory

information, or other factors that impact the BSA/AML risk score for the customer;
(c)collecting additional information on high-risk customers when additional information is not present in the customers’ files;
(d)a methodology for identifying additional information requirements when sufficient information is not present in customer files to enable the Bank to understand the nature and purpose of the customer relationship;
(e)a risk rating methodology to differentiate between lower- and higher-risk customers based on sufficient BSA/AML risk factors, including the type and volume of transaction activity, geographies involved, and suspicious activity monitoring alert and filing history, among others;
(f)processes for conducting and documenting EDD on high-risk accounts, including ongoing monitoring expectations. The EDD standards must provide Bank management with a sufficient understanding of anticipated high-risk customer transactions;
(g)periodic review of customer activities by type and volume. The purpose of these reviews is to determine if the customer's activity is reasonable, CDD information is current and complete, and the customer risk rating is accurate. Quality assurance processes must evaluate the accuracy and comprehensiveness of review documentation. Standards and processes shall be established for elevating reviews for additional management consideration regarding increased monitoring, additional due diligence or account closure;

(h) periodic reports on all high-risk customers that include:
(i)an assessment of the customer’s operations, BSA/AML risks, and BSA/AML controls;
(ii)critical analysis of all information in the file, including the identification of significant disparities, investigation and documentation of high-risk indicators or potentially suspicious activity, and well-supported conclusions;
(iii)a comparison of expected, historical, and current activity;
(iv)documentation to support management’s analysis of why the flow of funds is consistent with the expected activity for the customer and the accounts are being used as intended; and
(v)supporting documentation used in the analysis, including any specific transaction reviewed or investigated.
(i)specification of the EDD information that Bank staff must obtain for high-risk accounts, which among other information shall include:
(i)narrative description of the business operations of complex customer relationships, such as those with multiple business activities including obtaining and analyzing financial information to understand the source of funds and reasonableness of account activity;
(ii)analysis of and conclusions on different types of customer account activity, such as cash transactions and wire activity, in addition to aggregate account activity; and


(iii)criterion which prompts site visits and financial statements reviews, along with expectations of the scope, frequency, and documentation of said visits and financial statement reviews.
(2)The BSA Officer or his/her designee shall review account documentation for all high-risk customers and the related accounts of those customers at the Bank to determine whether the account activity is consistent with the customer’s business and the stated purpose of the account. The frequency of the review shall be determined by individual customer risk determinations but shall occur at a minimum on an annual basis. The reviews shall include the requirements detailed in paragraph (1)(h) of this Article.



(1)Within ninety (90) days of the date of this Agreement, the Board shall develop, implement, and thereafter ensure adherence to appropriate policies and procedures for ensuring that the Bank adequately addresses its model risk management for any automated suspicious activity monitoring system and provide for timely and appropriate review and disposition of suspicious activity alerts, and the timely filing of Suspicious Activity Reports pursuant to 12 C.F.R. § 21.11. Refer to OCC Bulletin 2011-12, “Sound Practices for Model Risk Management” (April 4, 2011), for guidance. The Board, or Board designated committee, shall approve these policies.
(2)Within ninety (90) days of the date of this Agreement, the Board shall provide an evaluation of the Bank's suspicious activity identification processes to determine the effectiveness and sufficiency of coverage provided. The evaluation must include an assessment of the capabilities of any surveillance and transaction monitoring systems used; the scope of


coverage provided by the systems; the management of those systems; and applicable model risk management requirements. The evaluation shall include, but not be limited to, an assessment of the functionality of all automated transaction monitoring systems used to determine if the systems are sufficiently robust to provide for the timely identification of potentially suspicious activity. A comprehensive listing of weaknesses or deficiencies in the systems and the risks presented by these deficiencies must be highlighted for Bank management consideration.
(3)As new surveillance and transaction monitoring systems are implemented, the Board shall require that the Bank ensure the following:
(a)the integrity of the data input into the suspicious activity monitoring system, including documentation of the methodology used, the input sources tested, and other information as necessary;
(b)the system has been sufficiently tailored to the Bank's risk profile and operations;
(c)the system functionality is being appropriately utilized to address risk or an explanation for not using functionality is documented in the Bank's policies and procedures;
(d)the business logic units, parameters, rules or other factors selected for the automated monitoring system are appropriate and effective in identifying customer activity that is unreasonable or abnormal given the nature of the customer's occupation or business and expected activity. In addition, there shall be:
(i)sufficient management information and metrics to manage and adjust the system, as necessary including identification of

employees responsible for completing SARs, suspect information, the date the suspicious activity was detected, alert date, alert determination, investigation received date, time from alert to investigation, the filing deadline, the actual date of filing, and the date the SAR was reported to Bank management and/or governance committees;
(ii)sufficient management information and metrics to manage and adjust the system and surveillance processes, and statistically valid processes to validate and optimize monitoring system settings and thresholds, and to measure the effectiveness of the automated system and individual scenarios, where appropriate;
(e)independent validation of alert triggers, parameters, and other settings. Refer to OCC Bulletin 2011-12, "Supervisory Guidance on Model Risk Management" for guidance;
(i)data inputs from all products, services, and transactions;
(ii)evaluating the criteria for identifying potential suspicious activity in all of these areas to ensure it is effective, appropriate, and comprehensive in the characteristics used;
(iii)evaluating the appropriateness of thresholds in criteria used to identify potential suspicious activity by conducting above-the-line and below-the-line testing and documentation;
(iv)testing that potentially suspicious activity that meets the criteria for identifying potential suspicious activity correctly generates alerts

as intended;
(v)documentation of filtering criteria and thresholds and the appropriateness of these criteria and thresholds; and
(vi)ensuring that all relevant BSA/AML staff is aware of the criteria included in the suspicious activity monitoring system’s rules.
(4)At a minimum, the Bank’s implementation of the alert investigation processes shall ensure the following:
(a)use of an alert scoring methodology to prioritize workflows and facilitate management of the system;
(b)the adequacy of qualified staffing to investigate and clear alerts;
(c)the accurate and complete information available to analysts working transaction monitoring alerts and conducting investigations;
(d)the standards for disposition of different types of alerts are reasonable, communicated in writing to relevant staff, and are adhered to by the alert investigators;
(e)adequate documentation is maintained to support the disposition of alerts including the evaluation of source and use of funds and identification of red flags and inconsistencies in activity;
(f)methods to obtain additional information to investigate potentially suspicious activity including, if applicable, information from multiple lines of business a customer transacts with;
(g)disposition of each alert within a reasonable time period after the generation of the alert and the filing of SARs and follow-up SARs

within timeframes specified in applicable rules and regulations;
(h)process to track requests for information including tracking the original submission and response, and documenting inadequate and untimely responses;
(i)standards that ensure accounts with high volumes of alerts are identified, elevated and properly categorized as high risk, and subject to EDD and monitoring;
(j)policies and procedures to outline which customer accounts are exempt from the alert investigation processes, with a documented rationale for the exemption;
(k)effective and sustainable quality control processes designed to ensure the surveillance and transaction monitoring system, alert management processes, and SAR decisioning and filing are working effectively and according to internal standards, and include all lines of business;
(l)any backlogs in the suspicious activity monitoring and reporting processes are promptly reported to Bank management, in writing, for resolution; and
(m)the effectiveness of training for staff involved in the investigation and clearing alerts, filing of SARs, quality control and assurance processes, and management of the automated suspicious activity monitoring system.




(1)Within sixty (60) days of the date of this Agreement, the Board shall ensure the Bank adopts, implements, and thereafter adheres to an independent BSA/AML audit program that includes the minimum requirements for adequate independent testing. Refer to the FFIEC BSA/AML Examination Manual for guidance. The independent BSA/AML audit program shall:
(a)test the adequacy of internal controls and determine compliance with the BSA and its implementing regulations;
(b)connect the audit risk assessment to audit work performed;
(c)provide adequate coverage of all relevant areas of the Bank;
(d)detect irregularities in the Bank’s operations;
(e)clearly communicate the audit scope and controls to be tested;
(f)perform sufficient transaction testing in areas of higher-risk or concern;
(g)evaluate the Bank's adherence to established policies, procedures and risk tolerance;
(h)validate the Bank’s automated system filters and thresholds for appropriateness and accuracy;
(i)perform an appropriate level of transaction testing to support audit findings and conclusions. Transaction testing methodology must be documented in work papers by including the identification of control population, sample size, sampling methodology, how the control will be tested, and what constitutes a successful test; and
(j)clearly identify audit findings, risk rating findings, identify the root cause of findings and require prompt substantive Bank management response

that addresses the identified root cause and follow-up to audit exceptions or findings.
(2)Within sixty (60) days of the date of this Agreement, the Board shall ensure that the Bank's audit function is adequately staffed with respect to experience level, specialty expertise regarding BSA/AML, and number of individuals employed if the Bank’s internal audit performs the Bank’s independent BSA/AML audit. If the BSA audit function is outsourced, the Board shall ensure that Bank management conduct and document appropriate due diligence to ensure the audit vendor has the expertise, experience, and staffing to review the Bank's BSA/AML compliance function.
(3)The Board shall ensure that the audit program is independent. The Bank’s internal audit or the third party responsible for implementing the BSA audit program described in paragraph (1) of this Article shall report directly to the Board, or a designated committee of the Board, which shall have the sole power to direct the audit activities. All reports prepared by the audit staff shall be filed directly with the Board, or a designated committee thereof, and not through any intervening party.
(4)All audit reports shall be in writing and supported by adequate work papers, which must be provided to the Bank. The Bank must document its quality control review of audit work papers and maintain a record of its review, including a clear statement on the adequacy of the audit work performed. The audit work papers must include a planning document that clearly communicates the audit scope. The audit conclusions must be clearly documented, supported by sufficient narrative analysis that explains the rationale for such conclusions, and must include supporting audit procedures.
(5)The Board shall ensure that immediate actions are undertaken to remedy


deficiencies cited in audit reports. The Board shall maintain a written record of its response to audit findings. This record shall include a detailed narrative of steps the Board has taken to remedy deficiencies and Bank staff responsible for remedying deficiencies.
(6)The Board, or a designated committee of the Board, shall evaluate the audit reports of any party providing services to the Bank and shall assess the impact on the Bank of any audit deficiencies cited in such reports.



(1)Within ninety (90) days of the date of this Agreement, the Board shall ensure the Bank develops, implements, and thereafter adheres to a comprehensive training program for all appropriate Bank employees, including members of the Board and management, to ensure their awareness of their responsibility for compliance with the requirements of the BSA; of the Bank’s relevant policies, procedures, and processes; and of relevant examples of red flags for money laundering, terrorist financing, and suspicious activity. At a minimum, this comprehensive training program shall:
(a)provide for more extensive BSA training for all Board members and operational and supervisory personnel assigned to the Bank’s BSA compliance function. Training shall specifically address higher risk customers, any new expanded products, services, or customers;
(b)provide for targeted training for other personnel focusing on the individual’s specific duties and responsibilities; and
(c)include strategies for mandatory attendance, the frequency of training, procedures and timing for updating the training program and materials,

and the method for delivering training and procedures to ensure employee training completion is tracked and documented.



(1)Within thirty (30) days of the date of this Agreement, the Bank shall provide to the Assistant Deputy Comptroller for no supervisory objection an action plan (“Action Plan”) to conduct a review of account and transaction activity (“Lookback”). The scope of the Lookback shall include a review of all worklist items generated by transaction activity during the period of October 1, 2019 through March 31, 2020. The scope of the Lookback shall also include customer accounts that were exempted from meeting standard worklist thresholds from January 1, 2015 through December 31, 2018 which shall encompass an analysis of all account activity six months prior to the exemption. Upon receipt of no supervisory objection to the Action Plan, the Bank shall implement the Action Plan.
(2)The purpose of the Lookback is to determine whether additional SARs should be filed for any previously unreported suspicious activity, including cases in which the BSA Officer or BSA staff identified suspicious activity but failed to support a decision not to file a SAR, to review the quality and accuracy of previous SAR filings to determine whether corrections or amendments are necessary to ensure that the suspicious activity identified was accurately reported in accordance with 12 C.F.R. § 21.11 and to identify any accounts that represent excessive BSA/AML risk.
(3)Within thirty (30) days of completion of the Lookback, the Board shall ensure Bank management provides the Board a written report that contains a list of any SARs that the Bank should file or existing SARs that the Bank should modify to comply with 12 C.F.R. § 21.11, a list of accounts that represents excessive risk for BSA/AML compliance, and a


conclusion about the effectiveness of the Bank’s suspicious activity monitoring. This Lookback report should also, among other things, describe:
(a)a summary of the number and types of customers and accounts reviewed;
(b)the number of customers and accounts requiring additional investigation;
(c)the number of customers that warranted SAR filings or modifications of existing SAR filings; and
(d)the number of customers where the Bank determined not to file a SAR.
(4)Upon receipt of the written report, the Board shall provide a copy of the written report of findings and recommendations from the Lookback to the Assistant Deputy Comptroller. The supporting materials and workpapers associated with the Lookback shall be made available to the OCC upon request.
(5)Based upon the results of the Lookback, the OCC, at its sole discretion, may expand or broaden the scope of the initial Lookback period. If an additional lookback period is deemed appropriate, the additional lookback will be completed in accordance with the requirements of this Article.



(1)The Board shall ensure that the Bank has timely adopted and implemented all corrective actions required by this Agreement, and shall verify that the Bank adheres to the corrective actions and they are effective in addressing the Bank’s deficiencies that resulted in this Agreement.
(2)In each instance in which this Agreement imposes responsibilities upon the Board, it is intended to mean that the Board shall:


(a)authorize, direct, and adopt corrective actions on behalf of the Bank as may be necessary to perform the obligations and undertakings imposed on the Board by this Agreement;
(b)ensure that the Bank has sufficient processes, management, personnel, control systems, and corporate and risk governance to implement and adhere to all provisions of this Agreement;
(c)require that Bank management and personnel have sufficient training and authority to execute their duties and responsibilities pertaining to or resulting from this Agreement;
(d)hold Bank management and personnel accountable for executing their duties and responsibilities pertaining to or resulting from this Agreement;
(e)require appropriate, adequate, and timely reporting to the Board by Bank management of corrective actions directed by the Board to be taken under the terms of this Agreement; and
(f)address any noncompliance with corrective actions in a timely and appropriate manner.



(1)Regarding the effect of this Agreement, and unless the OCC informs the Bank otherwise in writing with respect to any or all of the subparts below:
(a)pursuant to 12 C.F.R. § 5.3(g)(5), the Bank may be treated as an “eligible bank” for the purposes of 12 C.F.R. Part 5, subject to the requirements contained in 12 C.F.R. § 5.3(g)(1)-(4);


(b)pursuant to 12 C.F.R. § 5.51(c)(7)(ii), the Bank is not subject to the restrictions in 12 C.F.R. § 5.51 requiring prior notice to the OCC of changes in directors and senior executive officers or the limitations on golden parachute payments set forth in 12 C.F.R. Part 359, subject to the requirements contained in 12 C.F.R. § 5.51(c)(7)(i), (iii); and
(c)pursuant to 12 C.F.R. § 24.2(e)(4), the Bank may be treated as an “eligible bank” for the purposes of 12 C.F.R. Part 24, subject to the requirements contained in 12 C.F.R. § 24(e)(1)-(3).
(2)This Agreement supersedes all prior OCC communications issued pursuant to 12 C.F.R. §§ 5.3(g)(5), 5.51(c)(7)(ii), and 24.2(e)(4).


(1)This Agreement is intended to be, and shall be construed to be, a “written agreement” within the meaning of 12 U.S.C. § 1818, and expressly does not form, and may not be construed to form, a contract binding on the United States, the OCC, or any officer, employee, or agent of the OCC. Notwithstanding the absence of mutuality of obligation, or of consideration, or of a contract, the OCC may enforce any of the commitments or obligations herein undertaken by the Bank under its supervisory powers, including 12 U.S.C. § 1818(b)(1), and not as a matter of contract law. The Bank expressly acknowledges that neither the Bank nor the OCC has any intention to enter into a contract. The Bank also expressly acknowledges that no officer, employee, or agent of the OCC has statutory or other authority to bind the United States, the U.S. Treasury Department, the OCC, or any other federal bank regulatory agency or

entity, or any officer, employee, or agent of any of those entities to a contract affecting the OCC’s exercise of its supervisory responsibilities.
(2)This Agreement is effective upon its issuance by the OCC, through the Comptroller’s duly authorized representative. Except as otherwise expressly provided herein, all references to “days” in this Agreement shall mean calendar days and the computation of any period of time imposed by this Agreement shall not include the date of the act or event that commences the period of time. The provisions of this Agreement shall remain effective and enforceable except to the extent that, and until such time as, such provisions are amended, suspended, waived, or terminated in writing by the OCC, through the Comptroller’s duly authorized representative. If the Bank seeks an extension, amendment, suspension, waiver, or termination of any provision of this Agreement, or within any plan or program submitted pursuant to this Agreement, the Board or a Board-designee shall submit a written request to the Assistant Deputy Comptroller asking for relief. Any request submitted pursuant to this paragraph shall include a statement setting forth in detail the special circumstances that prevent the Bank from complying with the relevant provision(s) of the Agreement or plan or program submitted pursuant to this Agreement, and shall be accompanied by relevant supporting documentation. The OCC’s decision concerning a request submitted pursuant to this paragraph, which will be communicated to the Board in writing, is final and not subject to further review.
(3)The Bank will not be deemed to be in compliance with this Agreement until it has adopted, implemented, and adhered to all of the corrective actions set forth in each Article of this Agreement; the corrective actions are effective in addressing the Bank’s deficiencies; and the OCC has verified and validated the corrective actions. An assessment of the effectiveness of

the corrective actions requires sufficient passage of time to demonstrate the sustained effectiveness of the corrective actions.
(4)Each citation, guidance, or issuance referenced in this Agreement includes any subsequent citation, guidance, or issuance that replaces, supersedes, amends, or revises the referenced cited citation, guidance, or issuance.
(5)No separate promise or inducement of any kind has been made by the OCC, or by its officers, employees, or agents, to cause or induce the Bank to enter into this Agreement.
(6)All reports, plans, or programs submitted to the OCC pursuant to this Agreement shall be forwarded, by overnight mail or via email, to the following:

Assistant Deputy Comptroller

Office of the Comptroller of the Currency

Houston Field Office

1301 McKinney Street, Suite 1410

Houston, Texas 77010-3031

(7)The terms of this Agreement, including this paragraph, are not subject to amendment or modification by any extraneous expression, prior agreements, or prior arrangements between the parties, whether oral or written.

IN TESTIMONY WHEREOF, the undersigned, authorized by the Comptroller as his duly authorized representative, has hereunto set his signature on behalf of the Comptroller.

/s/ David Elsenbrock

David Elsenbrock

Assistant Deputy Comptroller

Houston Field Office

IN TESTIMONY WHEREOF, the undersigned, as the duly elected and acting Board of Directors of CommunityBank of Texas, N.A. have hereunto set their signatures on behalf of the Bank.

/s/ Jeff Branick

June 17, 2020

Jeff Branick



/s/ James R. Brooks

June 17, 2020

James R. Brooks


/s/ Mick Dubea

June 17, 2020

Mick Dubea


/s/ Mark Fertitta

June 17, 2020

Mark Fertitta


/s/ Robert R. Franklin, Jr.

June 17, 2020

Robert R. Franklin, Jr.


/s/ Michael Havard

June 17, 2020

Michael Havard


/s/ Timothy Horan, Jr.

June 17, 2020

Timothy Horan, Jr.


/s/ Travis Jaggers

June 17, 2020

Travis Jaggers


/s/ Dennis Malloy

June 17, 2020

Dennis Malloy


/s/ Steve McReynolds

June 17, 2020

Steve McReynolds


/s/ Scott Parker

June 17, 2020

Scott Parker



/s/ J. Pat Parsons

June 17, 2020

J. Pat Parsons


/s/ Joe Penland, Sr.

June 17, 2020

Joe Penland, Sr.


/s/ Doak C. Procter, III

June 17, 2020

Doak C. Procter, III


/s/ Reagan Reaud

June 17, 2020

Reagan Reaud


/s/ Joseph S. Swinbank

June 17, 2020

Joseph S. Swinbank


/s/ Bart Umphrey

June 17, 2020

Bart Umphrey


/s/ Rickey Williams

June 17, 2020

Rickey Williams


/s/ John Eddie Williams

June 17, 2020

John Eddie Williams


/s/ W.E. Bill Wilson, Jr.

June 17, 2020

W.E. Bill Wilson, Jr.


/s/ Glen W. Morgan

June 17, 2020

Glen W. Morgan


/s/ Tommy W. Lott

June 17, 2020

Tommy W. Lott