Washington, D.C. 20549







For the Fiscal Year Ended December 31, 2018


Commission File Number 0-14384



(Exact name of registrant as specified in its charter)






(State or other jurisdiction of incorporation or organization)


(I.R.S. Employer Identification No.)

101 North Broadway, Oklahoma City, Oklahoma 73102

(Address of principal executive offices) (Zip Code)

Registrant’s telephone number, including area code: (405) 270-1086

Securities registered pursuant to Section 12(b) of the Act:


Title of each class


Name of each exchange on which registered

Common Stock, $1.00 Par Value Per Share


NASDAQ Global Select Market System

Securities registered pursuant to Section 12(g) of the Act: None


Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.    Yes      No  

Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act.    Yes      No  

Indicate by check mark whether the registrant (1) has filed all reports required by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.    Yes      No  

Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T during the preceding 12 months (or for such shorter period that the registrant was required to submit such files).    Yes      No  

Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K is not contained herein, and will not be contained, to the best of registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K.  

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.


Large accelerated filer



Accelerated filer






Non-accelerated filer




Smaller reporting company









Emerging growth company






If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.  

Indicate by check mark whether the registrant is a shell company (as defined by Rule 12b-2 of the Exchange Act).    Yes      No  

The aggregate market value of the Common Stock held by nonaffiliates of the registrant computed using the last sale price on June 30, 2018 was approximately $1,122,037,373.

As of January 31, 2019, there were 32,612,788 shares of Common Stock outstanding.


Portions of the Proxy Statement for the 2019 Annual Meeting of Stockholders of the registrant (the “2019 Proxy Statement”) to be filed pursuant to Regulation 14A are incorporated by reference into Part III of this report.






























Risk Factors







Unresolved Staff Comments














Legal Proceedings







Mine Safety Disclosures













Market for the Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities







Selected Financial Data







Management’s Discussion and Analysis of Financial Condition and Results of Operations







Quantitative and Qualitative Disclosures About Market Risk







Financial Statements and Supplementary Data







Changes in and Disagreements with Accountants on Accounting and Financial Disclosure







Controls and Procedures







Other Information












Directors, Executive Officers and Corporate Governance







Executive Compensation







Security Ownership of Certain Beneficial Owners and Management







Certain Relationships and Related Transactions, and Director Independence







Principal Accountant Fees and Services












Exhibits and Financial Statement Schedules











Item 1. Business.


BancFirst Corporation (the “Company”) is a financial holding company headquartered in Oklahoma City, Oklahoma and registered under the Bank Holding Company Act of 1956, as amended (the “BHC Act”). It conducts virtually all of its operating activities through its wholly-owned subsidiary, BancFirst (the “Bank” or “BancFirst”), a state-chartered bank headquartered in Oklahoma City, Oklahoma. The Company also owns 100% of the common securities of BFC Capital Trust II (a Delaware business trust), 100% of Council Oak Partners LLC, an Oklahoma limited liability company engaging in investing activities, 100% of BancFirst Insurance Services, Inc., an Oklahoma business corporation operating as an independent insurance agency and 100% of BancFirst Risk & Insurance Company, a captive insurance company regulated by the Oklahoma Insurance Department.

The Company was incorporated as United Community Corporation in July 1984 to become a bank holding company. In June 1985, it merged with seven Oklahoma bank holding companies that had operated under common ownership and the Company has conducted business as a bank holding company since that time. Over the next several years, the Company acquired additional banks and bank holding companies, and in November 1988 the Company changed its name to BancFirst Corporation. Effective April 1, 1989, the Company consolidated its 12 subsidiary banks and formed BancFirst. Over the intervening decades, the Company has continued to expand through acquisitions and de-novo branches. The Company currently has 107 banking locations serving 58 communities throughout Oklahoma.

The Company’s strategy focuses on providing a full range of commercial banking services to retail customers and small to medium-sized businesses in both the non-metropolitan trade centers and cities in the metropolitan statistical areas of Oklahoma. The Company operates as a “super community bank”, managing its community banking offices on a decentralized basis, which permits them to be responsive to local customer needs. Underwriting, funding, customer service and pricing decisions are made by presidents in each market within the Company’s strategic parameters. At the same time, the Company generally has a larger lending capacity, broader product line and greater operational scale than its principal competitors in the non-metropolitan market areas (which typically are independently owned community banks). In the metropolitan markets served by the Company, the Company’s strategy is to focus on the needs of local businesses that seek more responsive services than are available at larger institutions.

The Bank maintains a strong community orientation by, among other things, selecting members of the communities in which the Bank’s branches operate to local consulting boards that assist in marketing and providing feedback on the Bank’s products and services to meet customer needs. As a result of the development of broad banking relationships with its customers and community branch network, the Bank’s lending and investing activities are funded almost entirely by core deposits.

The Bank centralizes virtually all of its processing, support and investment functions in order to achieve consistency and operational efficiencies. The Bank maintains centralized control functions such as operations support, bookkeeping, accounting, loan review, compliance and internal auditing to ensure effective risk management. The Bank also provides, on a centralized basis, certain specialized financial services that require unique expertise.

The Bank provides a wide range of retail and commercial banking services, including: commercial, real estate, energy, agricultural and consumer lending; depository and funds transfer services; collections; safe deposit boxes; cash management services; trust services; retail brokerage services; and other services tailored for both individual and corporate customers. Through its Technology and Operations Center, the Bank provides item processing, research and other correspondent banking services to financial institutions and governmental units.

The Bank’s primary lending activity is the financing of business and industry in its market areas. Its commercial loan customers are generally small to medium-sized businesses engaged in light manufacturing, local wholesale and retail trade, commercial and residential real estate development and construction, services, agriculture and the energy industry. Most forms of commercial lending are offered, including commercial mortgages, other forms of asset-based financing and working capital lines of credit. In addition, the Bank offers Small Business Administration (“SBA”) guaranteed loans through BancFirst Commercial Capital, a division established in 1991.

Consumer lending activities of the Bank consist of traditional forms of financing for automobiles, home equity loans and other personal loans. Residential loans consist primarily of home loans in non-metropolitan areas, which are generally shorter in duration than typical mortgages and reprice within five years.

The Bank’s range of deposit services include checking accounts, Negotiable Order of Withdrawal (“NOW”) accounts, savings accounts, money market accounts, sweep accounts, club accounts, individual retirement accounts and certificates of deposit. Overdraft




protection and auto draft services are also offered. Deposits of the Bank are insured by the Deposit Insurance Fund administered by the Federal Deposit Insurance Corporation (“FDIC”).

Trust services offered through the Bank’s Trust and Investment Management Division (the “Trust Division”) consist primarily of investment management and administration of trusts for individuals, corporations and employee benefit plans. In addition, the Trust Division serves as bond trustee and paying agent for various Oklahoma municipalities and governmental entities.

Insurance services offered through BancFirst Insurance Services, Inc. consists of business and personal insurance, employee benefits, surety bonds and claims and risk management.

BancFirst has the following principal subsidiaries: Council Oak Investment Corporation, a small business investment corporation, Council Oak Real Estate, Inc., a real estate investment company, BancFirst Agency, Inc., a credit life insurance agency and BFTower, LLC (which owns a 42.6% ownership interest in SFPC, LLC, a parking garage). All of these companies are Oklahoma corporations.

The Company had approximately 1,906 full-time equivalent employees at December 31, 2018, compared to approximately 1,782 full-time equivalent employees at December 31, 2017. Its principal executive offices are located at 101 North Broadway, Oklahoma City, Oklahoma 73102, telephone number (405) 270-1086.

Market Areas and Competition

The banking environment in Oklahoma is very competitive. The geographic dispersion of the Company’s banking locations presents several different levels and types of competition. In general, however, each location competes with other banking institutions, savings and loan associations, brokerage firms, personal loan finance companies and credit unions within their respective market areas. The communities in which the Bank maintains offices are generally local trade centers throughout Oklahoma. The major areas of competition include interest rates charged on loans, underwriting terms and conditions, interest rates paid on deposits, fees on non-credit services, levels of service charges on deposits, completeness of product lines and quality of service.

Management believes the Company is in an advantageous competitive position operating as a “super community bank.” Under this strategy, the Company provides a broad line of financial products and services for small to medium-sized businesses and consumers through full service community banking offices with decentralized management, while achieving operating efficiency and product scale through product standardization and centralization of processing and other functions. Each full-service banking office has senior management with significant lending experience who exercise substantial autonomy over credit and pricing decisions. This decentralized management approach, coupled with continuity of service by the same staff members, enables the Bank to develop long-term customer relationships, maintain high-quality service and respond quickly to customer needs. The majority of its competitors in the non-metropolitan areas are much smaller, and do not offer the range of products and services nor have the lending capacity of BancFirst. In the metropolitan communities, the Company’s strategy is to be more responsive to, and more focused on, the needs of local businesses that are not served effectively by larger institutions. As reported by the FDIC, the Company’s (including First Bank & Trust and First Bank of Chandler acquired January 11, 2018) market share of deposits within the state of Oklahoma was 7.82% as of June 30, 2018 and 7.69% as of June 30, 2017.

Marketing to existing and potential customers is performed through a variety of media advertising, direct mail and direct personal contacts. The Company monitors the needs of its customer base through its Product Development Group, which develops and enhances products and services in response to such needs. Sales, customer service, compliance and product training are coordinated with incentive programs to sell the Bank’s products and services.

Operating Segments

The Company has four principal business units: metropolitan banks, community banks, other financial services and executive operations and support. For more information on the Company’s Operating Segments, see Note (21), “Segment Information,” to the Company’s Consolidated Financial Statements.

Control of Company

Affiliates of the Company beneficially own approximately 42% of the outstanding shares of the Company’s common stock as of January 31, 2019. Under the Company’s Bylaws, holders of a majority of the outstanding shares of common stock are able to elect all of the directors and approve significant corporate actions, including business combinations. Accordingly, while the Company’s




affiliates do not have legal control, i.e., a majority of the outstanding shares of common stock, they have effective control of the Company.


Supervision and Regulation

Banking is a complex, highly regulated industry. The Company’s growth and earnings performance and those of the Bank can be affected by management decisions and general and local economic conditions and by the statutes administered by, and the regulations and policies of, various governmental regulatory authorities. These authorities include, but are not limited to, the Board of Governors of the Federal Reserve System (the “Federal Reserve Board”), the FDIC and the Oklahoma State Banking Department.

The primary goals of the bank regulatory framework are to maintain a safe and sound banking system and to facilitate the conduct of monetary policy. This regulatory framework is intended primarily for the protection of a financial institution’s depositors, rather than the institution’s stockholders and creditors. The following discussion describes certain of the material elements of the regulatory framework applicable to bank holding companies and financial holding companies and their subsidiaries and provides certain specific information relevant to the Company, which is both a bank holding company and a financial holding company. The descriptions are qualified in their entirety by reference to the specific statutes and regulations discussed. Further, such statutes, regulations and policies are continually under review by Congress and state legislatures, and federal and state regulatory agencies. A change in statutes, regulations or regulatory policies applicable to the Company, including changes in interpretation or implementation thereof, could have a material effect on the Company’s business.

Regulatory Agencies

In the U.S., banking is regulated at both the federal and state level. Since 1863, commercial banks in the United States have been able to choose to organize as national banks with a charter issued by the Office of the Comptroller of the Currency (“OCC”) or as state banks with a charter issued by a state government. The choice of charter determines which agency will supervise the bank: the primary supervisor of nationally chartered banks is the OCC, whereas state-chartered banks are supervised jointly by their state chartering authority and either the FDIC or the Federal Reserve Board, depending upon whether the state-chartered bank is a member of the Federal Reserve System. The Company’s banking subsidiary, BancFirst, is chartered by the State of Oklahoma and at the state level is supervised and regulated by the Oklahoma State Banking Department under the Oklahoma Banking Code. BancFirst has elected not to be a member of the Federal Reserve System and, consequently, is supervised and regulated by the FDIC at the federal level. The Bank’s deposits are insured by the Deposit Insurance Fund (“DIF”) of the FDIC to the extent provided by law.

As a financial holding company and a bank holding company, the Company is subject to comprehensive regulation by the Federal Reserve Board under the BHC Act, as amended by the Gramm-Leach-Bliley Act of 1999 (the “GLB Act”), the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act”), and other legislation, as well as other federal and state laws governing the banking business. The BHC Act provides generally for regulation of financial holding companies and bank holding companies such as the Company by the Federal Reserve Board, and for functional regulation of banking activities by bank regulators, securities activities by securities regulators, and insurance activities by insurance regulators. Additionally, the Company is under the jurisdiction of the Securities and Exchange Commission (“SEC”) and is subject to the periodic reporting, information, proxy solicitation, insider trading, corporate governance and other restrictions and requirements of the SEC under the Securities Exchange Act of 1934, as amended (the “Exchange Act”). The Company’s common stock is listed on the NASDAQ Global Select Market System under the trading symbol “BANF,” and is subject to the listing and marketplace rules of the NASDAQ Stock Market, Inc. (the “NASDAQ”).

The Federal Reserve Board supervises non-banking activities conducted by companies directly and indirectly owned by the Company. In addition, the Company’s non-banking subsidiaries are subject to various other laws, regulations, supervision and examination by other regulatory agencies, all of which directly or indirectly affect the operations and management of the Company and its ability to make distributions to stockholders.

Bank Holding Company and Financial Holding Company Activities

The BHC Act generally limits the activities in which the Company and its non-banking subsidiaries may engage, to managing or controlling banks and to a range of activities that are considered to be closely related to banking. The list of activities permitted by the Federal Reserve Board includes, among other things: lending; operating a savings institution, mortgage company, finance company, credit card company or factoring company; performing certain data processing operations; providing certain investment and financial advice; underwriting and acting as an insurance agent for certain types of credit-related insurance; leasing property on a full-payout, non-operating basis; selling money orders; real estate and personal property appraising; providing tax planning and preparation




services; and, subject to certain limitations, providing securities brokerage services for customers. These activities may also be affected by other federal legislation.

Bank holding companies that have elected to be treated as financial holding companies, such as the Company, may engage in a broader range of activities considered "financial in nature."

“Financial in nature” activities include securities underwriting, dealing and market making, sponsoring mutual funds and investment companies, insurance underwriting and agency, merchant banking and other activities that the Federal Reserve Board, in consultation with the Secretary of the U.S. Treasury, determines from time to time to be financial in nature or incidental to such financial activity or is complementary to a financial activity and does not pose a safety and soundness risk.

To maintain financial holding company status, a financial holding company and all of its depository institution subsidiaries must be “well capitalized” and “well managed.” A depository institution subsidiary is considered “well capitalized” if it satisfies the requirements for this status discussed in the section captioned “Capital Requirements,” included elsewhere in this item. A depository institution subsidiary is considered “well managed” if it received a composite rating and management rating of at least “satisfactory” in its most recent examination. A financial holding company’s status will also depend upon it maintaining its status as “well capitalized” and “well managed” under applicable Federal Reserve Board regulations. If a financial holding company ceases to meet these capital and management requirements, the Federal Reserve Board’s regulations provide that the financial holding company must enter into an agreement with the Federal Reserve Board to comply with all applicable capital and management requirements. Until the financial holding company returns to compliance, the Federal Reserve Board may impose limitations or conditions on the conduct of its activities, and the company may not commence any of the broader financial activities permissible for financial holding companies or acquire a company engaged in such financial activities without prior approval of the Federal Reserve Board. If the company does not return to compliance within 180 days, the Federal Reserve Board may require divestiture of the holding company’s depository institutions. Bank holding companies and banks must also be both well capitalized and well managed in order to acquire banks located outside their home state.

In order for a financial holding company to commence any new activity permitted by the BHC Act or to acquire a company engaged in any new activity permitted by the BHC Act, each insured depository institution subsidiary of the financial holding company must have received a rating of at least “satisfactory” in its most recent examination under the Community Reinvestment Act. See the section captioned “Community Reinvestment Act” included elsewhere in this item.

The Federal Reserve Board has the power to order any bank holding company or its subsidiaries to terminate any activity or to terminate its ownership or control of any subsidiary when the Federal Reserve Board has reasonable grounds to believe that continuation of such activity or such ownership or control constitutes a serious risk to the financial soundness, safety or stability of any bank subsidiary of the bank holding company.

Federal and state laws impose notice and approval requirements for mergers and acquisitions of other depository institutions or bank holding companies. The BHC Act requires the prior approval of the Federal Reserve Board for the direct or indirect acquisition by a bank holding company of more than 5% of the voting shares or substantially all of the assets of a commercial bank or its parent holding company (including a financial holding company). Additionally, under the Bank Merger Act, the prior approval of the Federal Reserve Board or other appropriate bank regulatory authority is required for a bank to merge with another bank, purchase the assets or assume the deposits of another bank. In determining whether to approve a proposed bank acquisition or merger, bank regulatory authorities will consider, among other factors, the competitive effect and public benefits of the transactions, the capital position of the combined organization, the risks to the stability of the U.S. banking or financial system, the applicant’s performance record under the Community Reinvestment Act (see the section captioned “Community Reinvestment Act” included elsewhere in this item) and its compliance with fair housing and other consumer protection laws and the effectiveness of the subject organizations in combating money laundering activities.

Dividend Restrictions

The principal source of the Company’s liquidity is dividends from the Bank. Various federal and state statutory provisions and regulations limit the amount of dividends the Company’s subsidiary bank and certain other subsidiaries may pay without regulatory approval. The payment of dividends by its subsidiary bank may also be affected by other regulatory requirements and policies, such as the maintenance of adequate capital. If, in the opinion of the applicable regulatory authority, a bank under its jurisdiction is engaged in, or is about to engage in, an unsafe or unsound practice (which, depending on the financial condition of the bank, could include the payment of dividends), such authority may require, after notice and hearing, that such bank cease and desist from such practice. The appropriate federal regulatory authorities have stated that paying dividends that deplete a bank’s capital base to an inadequate level would be an unsafe and unsound banking practice and that banking organizations should generally pay dividends only out of current operating earnings. In addition, in the current financial and economic environment, the Federal Reserve Board has indicated that bank




holding companies should carefully review their dividend policy and has discouraged payment ratios that are at maximum allowable levels unless both asset quality and capital are very strong.

Under the Dodd-Frank Act, institutions with average total consolidated assets greater than $10 billion are required to conduct an annual company-run stress test of capital, consolidated earnings and losses under one base and at least two stress scenarios provided by the federal bank regulators.  The company-run stress tests are conducted using data as of December 31 of the preceding calendar year and scenarios released by the agencies.  Capital ratios reflected in the stress test calculations are an important factor considered by the Federal Reserve Board in evaluating whether proposed payments of dividends or stock repurchases may be an unsafe or unsound practice. The rules apply to institutions with average total consolidated assets greater than $10 billion and, accordingly, do not currently apply to the Company, which had total consolidated assets at December 31, 2018 of approximately $7.6 billion. However, while the Federal Reserve Board has stated that smaller banking organizations such as the Company are not required or expected to conduct the types of stress-testing specifically mandated by the rules, they continue to emphasize that all banking institutions, regardless of size, should have the capacity to analyze the potential impact of adverse outcomes on their financial condition.

Transactions with Affiliates

The Company and the Bank are deemed affiliates of each other within the meaning of the Federal Reserve Act, and covered transactions between affiliates are subject to certain restrictions, including compliance with Sections 23A and 23B of the Federal Reserve Act and their implementing regulations. These regulations limit the types and amounts of covered transactions engaged in by a financial institution and its affiliates, and generally require those transactions to be on an arm’s-length basis. “Covered transactions” are defined by statute to include a loan or extension of credit, as well as a purchase of securities issued by an affiliate, a purchase of assets (unless otherwise exempted by the Federal Reserve Board) from the affiliate, certain derivative transactions that create a credit exposure to an affiliate, the acceptance of securities issued by the affiliate as collateral for a loan and the issuance of a guarantee, acceptance or letter of credit on behalf of an affiliate. In general, these regulations require that any such transaction by a financial institution with an affiliate must be secured by designated amounts of specified collateral and must be limited to certain thresholds on an individual and aggregate basis.

Federal law also limits a bank’s authority to extend credit to its directors, executive officers and 10% stockholders, as well as to entities controlled by such persons. Among other things, extensions of credit to insiders are required to be made on terms that are substantially the same as, and follow credit underwriting procedures that are not less stringent than, those prevailing for comparable transactions with unaffiliated persons. In addition, the terms of such extensions of credit may not involve more than the normal risk of non-repayment or present other unfavorable features and may not exceed certain limitations on the amount of credit extended to such persons individually and in the aggregate.

Source of Strength

Federal Reserve Board policy requires bank holding companies to act as a source of financial and managerial strength to their subsidiary banks and, under appropriate circumstances, to commit resources to support each such subsidiary bank. This support may be required at times when the bank holding company may not have the resources to provide the support. If a bank holding company was unable to pay mandated assessments in support of its subsidiary bank, the FDIC could order the sale of the bank holding company’s stock in the subsidiary bank to cover the deficiency.

Capital loans by a bank holding company to its subsidiary bank are subordinate in right of payment to deposits and certain other indebtedness of the subsidiary bank. In addition, in the event of a bank holding company’s bankruptcy, any commitment by the bank holding company to a federal bank regulatory agency to maintain the capital of its subsidiary bank will be assumed by the bankruptcy trustee and entitled to priority of payment.

Capital Requirements

The Company and the Bank are each required to comply with applicable capital adequacy standards established by the Federal Reserve Board and the FDIC. The current risk-based capital standards applicable to the Company and the Bank are based on the December 2010 final capital framework for strengthening international capital standards, known as Basel III, of the Basel Committee on Banking Supervision (the “Basel Committee”). The Basel Committee is a committee of central banks and bank supervisors/regulators from the major industrialized countries that develops broad policy guidelines for use by each country’s supervisors in determining the supervisory policies they apply.  The requirements are intended to ensure that banking organizations have adequate capital given the risk levels of assets and off-balance sheet financial instruments. Prior to January 1, 2015, the risk-based capital standards applicable to the Company and the Bank were based on the 1988 Capital Accord, known as Basel I, of the Basel Committee.  In July 2013, the federal bank regulators approved final rules (the “Basel III Capital Rules”) implementing the




Basel III framework as well as certain provisions of the Dodd-Frank Act. The Basel III Capital Rules substantially revised the risk-based capital requirements applicable to bank holding companies and their depositary institution subsidiaries, including the Company and the Bank, as compared to the general risk-based capital rules under Basel I.  The Basel III Capital Rules became effective for the Company and the Bank on January 1, 2015 (subject to a phase-in period for certain provisions).  

As an additional means to identify problems in the financial management of depository institutions, the Federal Deposit Insurance Act (the “FDI Act”) requires federal bank regulatory agencies to establish certain non-capital safety and soundness standards for institutions for which they are the primary federal regulator. The standards relate generally to operations and management, asset quality, interest rate exposure and executive compensation. The agencies are authorized to take action against institutions that fail to meet such standards.


Basel III Capital Rules Effective January 1, 2015.  


The Basel III Capital Rules, among other things, (i) introduce a new capital measure called “Common Equity Tier 1” (“CET1”), (ii) specify that Tier 1 capital consists of CET1 and “Additional Tier 1 capital” instruments meeting specified requirements, (iii) define CET1 narrowly by requiring that most deductions/adjustments to regulatory capital measures be made to CETI and not to the other components of capital, and (iv) expand the scope of the deductions/adjustments to capital as compared to previous regulations.


Under the Basel III Capital Rules, the initial minimum capital ratios are as follows:

• 4.5% CET1 to risk-weighted assets.

• 6.0% Tier 1 capital to risk-weighted assets.

• 8.0% Total capital to risk-weighted assets.

• 4.0% Tier 1 capital to average quarterly assets (known as the “leverage ratio”).

The Basel III Capital Rules also require a “capital conservation buffer”, composed entirely of CET1, on top of these minimum risk-weighted asset ratios. The implementation of the capital conservation buffer began on January 1, 2016 at the 0.625% level and increased by 0.625% on each subsequent January 1, until it reached 2.5% on January 1, 2019. The Basel III Capital Rules also provide for a “countercyclical capital buffer” that is only applicable to certain covered institutions and does not have any current applicability to the Company or the Bank. The capital conservation buffer is designed to absorb losses during periods of economic stress and effectively increases the minimum required risk-weighted capital ratios. Banking institutions with a ratio of CET1 to risk-weighted assets below the effective minimum (4.5% plus the capital conservation buffer and, if applicable, the countercyclical capital buffer) will face constraints on dividends, equity repurchases and compensation based on the amount of the shortfall.

The enactment of the Basel III Capital Rules has increased the Company’s required capital levels and those of the Bank from levels previously required.  Management believes that as of December 31, 2018, the Company and the Bank would have met all capital adequacy requirements under the Basel III Capital Rules on a fully phased-in basis as if such requirements had been in effect at such date.

As of January 1, 2019, the Basel III Capital Rules requires the Company and the Bank to maintain an additional capital conservation buffer of 2.5% of CET1, effectively resulting in minimum ratios of (i) CET1 to risk-weighted assets of at least 7%, (ii) Tier 1 capital to risk-weighted assets of at least 8.5%, (iii) a minimum ratio of total capital to risk-weighted assets of at least 10.5%; and (iv) a minimum leverage ratio of 4%.  As of December 31, 2018, the Company had a CET1 ratio of 14.87%, a Tier 1 ratio of 15.35%, a total capital ratio of 16.29% and a leverage ratio of 11.09%. As of December 31, 2018, the Bank had a CET1 ratio of 12.78%, a Tier 1 ratio of 13.15%, a total capital ratio of 14.09% and a leverage ratio of 9.49%.

Liquidity Coverage Ratio


The liquidity framework under the Basel III Capital Rules (the "Basel III liquidity framework") applies a balance sheet perspective to establish quantitative standards designed to ensure that a banking organization is appropriately positioned to satisfy its short- and long-term funding needs. One test to address short-term liquidity risk is referred to as the liquidity coverage ratio ("LCR"), designed to calculate the ratio of a banking entities' ratio of high-quality liquid assets to its total net cashflows over a 30-day time horizon. The other test, referred to as the net stable funding ratio ("NSFR"), is designed to promote more medium- and long-term asset funding by




incenting banking entities to increase their holdings of U.S. Treasury securities and other sovereign debt, as well as increase the use of long-term debt as a funding source. The Basel III liquidity framework was implemented as a minimum standard on January 1, 2015, with a phase-in period ending January 1, 2019.

In September 2014, the federal bank regulators approved final rules implementing the LCR for advanced approaches banking organizations (i.e., banking organizations with $250 billion or more in total consolidated assets or $10 billion or more in total on-balance sheet foreign exposure) and a modified version of the LCR for bank holding companies with at least $50 billion in total consolidated assets that are not advanced approach banking organizations, neither of which would apply to the Company or the Bank. In the second quarter of 2016, the federal banking regulators issued a proposed rule that would implement the NSFR for certain U.S. banking organizations to ensure they have access to stable funding over a one-year time horizon. The proposed rule would not apply to U.S. banking organizations with less than $50 billion in total consolidated assets such as the Company and the Bank.  

Following the enactment of the Economic Growth, Regulatory Relief and Consumer Protection Act of 2018 ("EGRRCPA"), the Federal Reserve Board stated in July 2018 that it would no longer require bank holding companies with less than $100 billion in total consolidated assets to comply with the modified version of the LCR. In addition, in October 2018, the federal bank regulators proposed to revise their liquidity requirements so that banking organizations that are not global systemically important banks and have less than $250 billion in total consolidated assets and less than $75 billion in each of off-balance-sheet exposure, nonbank assets, cross-jurisdictional activity and short-term wholesale funding would not be subject to any LCR or NSFR requirements.

Prompt Corrective Action

The FDI Act requires federal bank regulatory agencies to take “prompt corrective action” with respect to FDIC-insured depository institutions that do not meet minimum capital requirements. A depository institution’s treatment for purposes of the prompt corrective action provisions will depend upon how its capital levels compare to various capital measures and certain other factors, as established by regulation.

Under this system, the federal banking regulators have established five capital categories: well capitalized, adequately capitalized, undercapitalized, significantly undercapitalized and critically undercapitalized, in which all depository institutions are placed. The federal banking regulators have specified by regulation the relevant capital levels for each of the categories. Under certain circumstances, a well-capitalized, adequately capitalized or undercapitalized institution may be treated as if the institution were in the next lower capital category. Federal banking regulators are required to take various mandatory supervisory actions and are authorized to take other discretionary actions with respect to institutions in the three undercapitalized categories. The severity of the action depends upon the capital category in which the institution is placed. A depository institution that is undercapitalized is required to submit a capital restoration plan. Failure to meet capital guidelines could subject a bank to a variety of enforcement remedies by federal bank regulatory agencies, including termination of deposit insurance by the FDIC, restrictions on certain business activities and appointment of the FDIC as conservator or receiver. Generally, subject to a narrow exception, the banking regulator must appoint a receiver or conservator for an institution that is critically undercapitalized.

A bank will be (i) “well capitalized” if the institution has a total risk-based capital ratio of 10.0% or greater, a CET1 capital ratio of 6.5% or greater, a Tier 1 risk-based capital ratio of 8.0% or greater, and a leverage ratio of 5.0% or greater, and is not subject to any order or written directive by any such regulatory authority to meet and maintain a specific capital level for any capital measure; (ii) “adequately capitalized” if the institution has a total risk-based capital ratio of 8.0% or greater, a CET1 capital ratio of 4.5% or greater, a Tier 1 risk-based capital ratio of 6.0% or greater, and a leverage ratio of 4.0% or greater and is not “well capitalized”; (iii) “undercapitalized” if the institution has a total risk-based capital ratio that is less than 8.0%, a CET1 capital ratio less than 4.5%, a Tier 1 risk-based capital ratio of less than 6.0% or a leverage ratio of less than 4.0%; (iv) “significantly undercapitalized” if the institution has a total risk-based capital ratio of less than 6.0%, a CET1 capital ratio less than 3.0%, a Tier 1 risk-based capital ratio of less than 4.0% or a leverage ratio of less than 3.0%; and (v) “critically undercapitalized” if the institution’s tangible equity is equal to or less than 2.0% of average quarterly tangible assets. An institution may be downgraded to, or deemed to be in, a capital category that is lower than indicated by its capital ratios if it is determined to be in an unsafe or unsound condition or if it receives an unsatisfactory examination rating with respect to certain matters. A bank’s capital category is determined solely for applying prompt corrective action regulations, and the capital category may not constitute an accurate representation of the bank’s overall financial condition or prospects for other purposes.

The FDI Act generally prohibits a depository institution from making any capital distributions (including payment of a dividend) or paying any management fee to its parent holding company if the depository institution would thereafter be “undercapitalized.” “Undercapitalized” institutions are subject to growth limitations and are required to submit a capital restoration plan. The agencies may not accept such a plan without determining, among other things, that the plan is based on realistic assumptions and is likely to succeed in restoring the depository institution’s capital. In addition, for a capital restoration plan to be acceptable, the




depository institution’s parent holding company must guarantee that the institution will comply with such capital restoration plan. The bank holding company must also provide appropriate assurances of performance. The aggregate liability of the parent holding company is limited to the lesser of (i) an amount equal to 5.0% of the depository institution’s total assets at the time it became undercapitalized and (ii) the amount which is necessary (or would have been necessary) to bring the institution into compliance with all capital standards applicable with respect to such institution as of the time it fails to comply with the plan. If a depository institution fails to submit an acceptable plan, it is treated as if it is “significantly undercapitalized.”

“Significantly undercapitalized” depository institutions may be subject to a number of requirements and restrictions, including orders to sell sufficient voting stock to become “adequately capitalized,” requirements to reduce total assets, and cessation of receipt of deposits from correspondent banks. “Critically undercapitalized” institutions are subject to the appointment of a receiver or conservator.

The appropriate federal banking agency may, under certain circumstances, reclassify a well-capitalized insured depository institution as adequately capitalized. The FDIA provides that an institution may be reclassified if the appropriate federal banking agency determines (after notice and opportunity for hearing) that the institution is in an unsafe or unsound condition or deems the institution to be engaging in an unsafe or unsound practice. The appropriate agency is also permitted to require an adequately capitalized or undercapitalized institution to comply with the supervisory provisions as if the institution were in the next lower category (but not treat a significantly undercapitalized institution as critically undercapitalized) based on supervisory information other than the capital levels of the institution.

The Company believes that, as of December 31, 2018, the Bank was “well capitalized” based on the aforementioned ratios.

Deposit Insurance Assessments

The deposits of the Bank are insured by the FDIC in the standard insurance amount of $250,000 per depositor for each account ownership category. This insurance is funded through assessments on the Bank and other insured depository institutions. The FDIC’s risk-based assessment system requires members to pay varying assessment rates depending upon the level of the institution’s capital and the degree of supervisory concern over the institution.

The FDIC insures the deposits of federally insured banks up to prescribed statutory limits for each depositor, currently $250,000 per depositor for each account ownership category. This insurance is funded through assessments on all insured depository institutions that are paid into the Deposit Insurance Fund (“DIF”). The amount of FDIC assessments paid by each insured depository institution is based on its relative risk of default as measured by regulatory capital ratios and other supervisory factors. The FDIC’s deposit insurance premium assessment is based on an institution’s average consolidated total assets minus average tangible equity. The Bank is generally unable to control the amount of premiums that it is required to pay for FDIC insurance. At least semi-annually, the FDIC will update its loss and income projections for the DIF and, if needed, will increase or decrease assessment rates, following notice-and-comment rulemaking, if required. If there are additional bank or financial institution failures or if the FDIC otherwise determines to increase assessment rates, the Bank may be required to pay higher FDIC insurance premiums. Any future increases in FDIC insurance premiums may have a material and adverse effect on the Bank’s, and hence the Company’s, earnings.

The Company’s FDIC insurance expense totaled $2.4 million, $2.3 million and $2.9 million in 2018, 2017 and 2016, respectively. FDIC insurance expense includes deposit insurance assessments as well as Financing Corporation (“FICO”) assessments. All FDIC-insured depository institutions must pay an annual FICO assessment to provide funds for the payment of interest on bonds issued by FICO during the 1980s to resolve the thrift bailout. FDIC-insured depository institutions paid an average FICO assessment of 39 cents for each $100 of assessable deposits in 2018.

As insurer, the FDIC is authorized to conduct examinations of and to require reporting by DIF-insured institutions. It also may prohibit any DIF-insured institution from engaging in any activity the FDIC determines by regulation or order to pose a serious threat to the DIF. The FDIC also has the authority to take enforcement actions against insured institutions.




Insurance of deposits may be terminated by the FDIC upon a finding that the institution has engaged or is engaging in unsafe and unsound practices, is in an unsafe or unsound condition to continue operations or has violated any applicable law, regulation, rule, order or condition imposed by the FDIC or written agreement entered into with the FDIC. The Company does not know of any practice, condition or violation that might lead to termination of deposit insurance for its banking subsidiary.

Safety and Soundness Standards

The FDI Act requires the federal bank regulatory agencies to prescribe standards, by regulations or guidelines, relating to internal controls, information systems and internal audit systems, loan documentation, credit underwriting, interest rate risk exposure, asset growth, asset quality, earnings, stock valuation and compensation, fees and benefits and such other operational and managerial standards as the agencies deem appropriate. In general, the guidelines require, among other things, appropriate systems and practices to identify and manage the risk and exposures specified in the guidelines. The guidelines prohibit excessive compensation as an unsafe and unsound practice and describe compensation as excessive when the amounts paid are unreasonable or disproportionate to the services performed by an executive officer, employee, director or principal stockholder. In addition, the agencies adopted regulations that authorize, but do not require, an agency to order an institution that has been given notice by an agency that it is not satisfying any of such safety and soundness standards to submit a compliance plan. If, after being so notified, an institution fails to submit an acceptable compliance plan or fails in any material respect to implement an acceptable compliance plan, the agency must issue an order directing action to correct the deficiency and may issue an order directing other actions of the types to which an undercapitalized institution is subject under the “prompt corrective action” provisions of the FDI Act. See “--Prompt Corrective Action” above. If an institution fails to comply with such an order, the agency may seek to enforce such order in judicial proceedings and to impose civil money penalties.

Federal Banking Agency Compensation Guidelines

The Federal Reserve Board reviews, as part of its regular, risk-focused examination process, the incentive compensation arrangements of banking organizations, such as the Company, that are not “large, complex banking organizations.” These reviews are tailored to each organization based on the scope and complexity of the organization’s activities and the prevalence of incentive compensation arrangements. The findings of this supervisory initiative will be included in reports of examination. Deficiencies will be incorporated into the organization’s supervisory ratings, which can affect the organization’s ability to make acquisitions and take other actions. Enforcement actions may be taken against a banking organization if its incentive compensation arrangements, or related risk-management control or governance processes, pose a risk to the organization’s safety and soundness and the organization is not taking prompt and effective measures to correct the deficiencies.

In June 2010, the Federal Reserve Board, OCC and FDIC issued a comprehensive final guidance on incentive compensation policies intended to ensure that the incentive compensation policies of banking organizations do not undermine the safety and soundness of such organizations by encouraging excessive risk-taking. The guidance, which covers all employees that have the ability to materially affect the risk profile of an organization, either individually or as part of a group, is based upon the key principles that a banking organization’s incentive compensation arrangements should (i) provide incentives that do not encourage risk-taking beyond the organization’s ability to effectively identify and manage risks, (ii) be compatible with effective internal controls and risk-management and (iii) be supported by strong corporate governance, including active and effective oversight by the organization’s board of directors.

During the second quarter of 2016, the U.S. financial regulators, including the Federal Reserve Board and the SEC, proposed revised rules on incentive-based payment arrangements at specified regulated entities having at least $1 billion in total assets (which would include the Company and the Bank). The proposed revised rules would establish general qualitative requirements applicable to all covered entities, which would include (i) prohibiting incentive arrangements that encourage inappropriate risks by providing excessive compensation; (ii) prohibiting incentive arrangements that encourage inappropriate risks that could lead to a material financial loss; (iii) establishing requirements for performance measures to appropriately balance risk and reward; (iv) requiring board of director oversight of incentive arrangements; and (v) mandating appropriate record-keeping. Under the proposed rule, larger financial institutions with total consolidated assets of at least $50 billion would be subject to additional requirements applicable to such institutions’ “senior executive officers” and “significant risk-takers.” These additional requirements would not be applicable to the Company or the Bank.

The scope, content and application of the U.S. banking regulators' policies on incentive compensation continue to evolve. It cannot be determined at this time whether compliance with such policies will adversely affect the ability of the Company and the Bank to hire, retain and motivate key employees.





In March 2015, federal regulators issued two related statements regarding cybersecurity. One statement indicates that financial institutions should design multiple layers of security controls to establish lines of defense and to ensure that their risk management processes also address the risk posed by compromised customer credentials, including security measures, to reliably authenticate customers accessing internet-based services of the financial institution. The other statement indicates that a financial institution’s management is expected to maintain sufficient business continuity planning processes to ensure the rapid recovery, resumption and maintenance of the institution’s operations after a cyber-attack involving destructive malware. A financial institution is also expected to develop appropriate processes to enable recovery of data and business operations and address rebuilding network capabilities and restoring data if the institution or its critical service providers fall victim to this type of cyber-attack. Failure to observe the regulatory guidance could subject the Company and the Bank to various regulatory sanctions, including financial penalties.

In the ordinary course of business, the Bank relies on electronic communications and information systems to conduct its operations and to store sensitive data. It employs an in-depth, layered, defensive approach that leverages people, processes and technology to manage and maintain cybersecurity controls. The Bank employs a variety of preventative and detective tools to monitor, block, and provide alerts regarding suspicious activity, as well as to report on any suspected advanced persistent threats. Notwithstanding the strength of our defensive measures, the threat from cyber attacks is severe, attacks are sophisticated and increasing in volume, and attackers respond rapidly to changes in defensive measures. While to date, the Bank has not detected a significant compromise, significant data loss or any material financial losses related to cybersecurity attacks, the Bank’s systems and those of its customers and third-party service providers are under constant threat and it is possible that the Bank could experience a significant event in the future. Risks and exposures related to cybersecurity attacks are expected to remain high for the foreseeable future due to the rapidly evolving nature and sophistication of these threats, as well as due to the expanding use of Internet banking, mobile banking and other technology-based products and services by the Bank and its customers.   See Item 1A. Risk Factors for a further discussion of risks related to cybersecurity.

Fiscal and Monetary Policies

The Company’s business and earnings are affected significantly by the fiscal and monetary policies of the federal government and its agencies. The Company is particularly affected by the policies of the Federal Reserve Board, which regulates the supply of money and credit in the United States. Among the instruments of monetary policy available to the Federal Reserve Board are (a) conducting open market operations in United States government securities, (b) changing the discount rates of borrowings of depository institutions, (c) imposing or changing reserve requirements against depository institutions’ deposits and (d) imposing or changing reserve requirements against certain borrowings by banks and their affiliates. These methods are used in varying degrees and combinations to directly affect the availability of bank loans and deposits, as well as the interest rates charged on loans and paid on deposits. The policies of the Federal Reserve Board may have a material effect on the Company’s business, results of operations and financial condition.

Privacy Provisions of the GLB Act

Federal banking regulators, as required under the GLB Act, have adopted rules limiting the ability of banks and other financial institutions to disclose nonpublic information about consumers to nonaffiliated third parties. The rules require disclosure of privacy policies to consumers and, in some circumstances, allow consumers to prevent disclosure of certain personal information to nonaffiliated third parties. The privacy provisions of the GLB Act affect how consumer information is transmitted through diversified financial services companies and conveyed to outside vendors.

Anti-Money Laundering and the Patriot Act

The USA Patriot Act of 2001 (the “Patriot Act”) is intended to strengthen the ability of U.S. law enforcement agencies and intelligence communities to work together to combat terrorism on a variety of fronts. The Patriot Act substantially broadened the scope of the U.S. anti-money laundering laws and regulations by imposing significant new compliance and due diligence obligations, creating new crimes and penalties and expanding the extra-territorial jurisdiction of the United States. The U.S. Treasury Department has issued a number of implementing regulations, which apply various requirements of the Patriot Act to financial institutions such as the Bank. Those regulations impose obligations on financial institutions to maintain appropriate policies, procedures and controls to detect, prevent and report money laundering and terrorist financing, and have significant implications for depository institutions, brokers, dealers and other businesses involved in the transfer of money. The Patriot Act also requires federal bank regulators to evaluate the effectiveness of an applicant in combating money laundering in determining whether to approve a proposed bank acquisition. Failure of a financial institution to maintain and implement adequate programs to combat money laundering and terrorist financing, or to comply with all of the relevant laws or regulations, could have serious legal and reputational consequences for the institution, including causing applicable bank regulatory authorities not to approve merger or acquisition transactions when regulatory




approval is required or to prohibit such transactions even if approval is not required. Regulatory authorities have imposed cease and desist orders and civil money penalties against institutions found to be violating these obligations.

Office of Foreign Assets Control Regulation

The U.S. Treasury Department’s Office of Foreign Assets Control, or OFAC, administers and enforces economic and trade sanctions against targeted foreign countries and regimes, under authority of various laws, including designated foreign countries, nationals and others. OFAC publishes lists of specially designated targets and countries.

Banking regulators examine banks for compliance with the economic sanctions regulations administered by OFAC. Financial institutions are responsible for, among other things, blocking accounts of, and transactions with, such targets and countries, prohibiting unlicensed trade and financial transactions with them and reporting blocked transactions after their occurrence. Failure to comply with these sanctions could have serious financial, legal and reputational consequences, including causing applicable bank regulatory authorities not to approve merger or acquisition transactions when regulatory approval is required or to prohibit such transactions even if approval is not required. Regulatory authorities have imposed cease and desist orders and civil money penalties against institutions found to be violating these obligations.

Community Reinvestment Act

The Community Reinvestment Act of 1977 (the “CRA”), requires depository institutions to assist in meeting the credit needs of their market areas consistent with safe and sound banking practices. Under the CRA, each depository institution is required to help meet the credit needs of its market areas by, among other things, providing credit to low- and moderate-income individuals and communities. Depository institutions are periodically examined for compliance with the CRA and are assigned ratings. In order for a financial holding company to commence any new activity permitted by the BHC Act, or to acquire any company engaged in any new activity permitted by the BHC Act, each insured depository institution subsidiary of the financial holding company must have received a rating of at least “satisfactory” in its most recent examination under the CRA. Furthermore, banking regulations take into account CRA rating when considering approval of a proposed transaction. During its last examination in 2018, a rating of “satisfactory” was received by the Bank. In April 2018, the U.S. Department of Treasury issued a memorandum to the federal banking regulators with recommended changes to the CRA’s implementing regulations to reduce their complexity and associated burden on banks. The Company will continue to evaluate the impact of any changes to the regulations implementing the CRA.

Consumer Laws and Regulations

Banks and other financial institutions are subject to numerous laws and regulations intended to protect consumers in their transactions with banks. These laws include the Equal Credit Opportunity Act, the Fair Credit Reporting Act, the Truth in Lending Act, the Truth in Savings Act, the Electronic Fund Transfer Act, the Expedited Funds Availability Act, the Home Mortgage Disclosure Act, the Fair Housing Act, the Real Estate Settlement Procedures Act, the Fair Debt Collection Practices Act, the Service Members Civil Relief Act and these laws’ respective state-law counterparts, as well as state usury laws and laws regarding unfair and deceptive acts and practices. These and other federal laws, among other things, require disclosures of the cost of credit and terms of deposit accounts, provide substantive consumer rights, prohibit discrimination in credit transactions, regulate the use of credit report information, provide financial privacy protections, prohibit unfair, deceptive and abusive practices, restrict the Company’s ability to raise interest rates and subject the Company to substantial regulatory oversight. Violations of applicable consumer protection laws can result in significant potential liability from litigation brought by customers, including actual damages, restitution and attorneys’ fees. Federal bank regulators, state attorneys general and state and local consumer protection agencies may also seek to enforce consumer protection requirements and obtain these and other remedies, including regulatory sanctions, customer rescission rights, action by the state and local attorneys general in each jurisdiction in which we operate and civil money penalties. Failure to comply with consumer protection requirements may also result in the Company’s failure to obtain any required bank regulatory approval for merger or acquisition transactions the Company may wish to pursue or its prohibition from engaging in such transactions even if approval is not required.

The Consumer Financial Protection Bureau (“CFPB”) is a federal agency responsible for implementing, examining and enforcing compliance with federal consumer protection laws. The CFPB focuses on:


Risks to consumers and compliance with the federal consumer financial laws, when it evaluates the policies and practices of a financial institution.


The markets in which firms operate and risks to consumers posed by activities in those markets.


Depository institutions that offer a wide variety of consumer financial products and services.





Depository institutions with a more specialized focus.


Non-depository companies that offer one or more consumer financial products or services.

The CFPB has broad rulemaking authority for a wide range of consumer financial laws that apply to all banks, including, among other things, the authority to prohibit “unfair, deceptive or abusive” acts and practices. Abusive acts or practices are defined as those that materially interfere with a consumer’s ability to understand a term or condition of a consumer financial product or service or take unreasonable advantage of a consumer’s (i) lack of financial savvy, (ii) inability to protect himself in the selection or use of consumer financial products or services, or (iii) reasonable reliance on a covered entity to act in the consumer’s interests. The CFPB can issue cease-and-desist orders against banks and other entities that violate consumer financial laws. The CFPB may also institute a civil action against an entity in violation of federal consumer financial law in order to impose a civil penalty or injunction. The CFPB has examination and enforcement authority over all banks with more than $10 billion in assets, as well as their affiliates. Banking regulators take into account compliance with consumer protection laws when considering approval of a proposed transaction.

Interstate Banking and Branching

Under the Riegle-Neal Interstate Banking and Branching Efficiency Act, as amended by the Dodd-Frank Act (the “Riegle-Neal Act”), a bank holding company may acquire banks in states other than its home state, subject to any state requirement that the bank has been organized and operating for a minimum period of time, not to exceed five years, and the requirement that the bank holding company, prior to or following the proposed acquisition, control no more than 10% of the total amount of deposits of insured depository institutions nationwide and no more than 30% of such deposits in that state (or such amount as set by the state if such amount is lower than 30%).

The Riegle-Neal Act also authorizes banks to merge across state lines, thereby creating interstate branches. Banks are also permitted to either acquire existing banks or to establish new branches in other states where authorized under the laws of those states. Effective July 21, 2011, the Dodd-Frank Act also required that a bank holding company or bank be well-capitalized and well-managed (rather than simply adequately capitalized and adequately managed) in order to take advantage of these interstate banking and branching provisions.

Depositor Preference

The FDI Act provides that, in the event of the “liquidation or other resolution” of an insured depository institution, the claims of depositors of the institution (including the claims of the FDIC as subrogee of insured depositors) and certain claims for administrative expenses of the FDIC as a receiver, will have priority over other general unsecured claims against the institution. If an insured depository institution fails, insured and uninsured depositors, along with the FDIC, will have priority in payment ahead of unsecured, non-deposit creditors with respect to any extensions of credit they have made to such insured depository institution.

Changes in Laws, Regulations or Policies

Banking is a heavily regulated industry.  Additional initiatives may be proposed or introduced before Congress and other government bodies in the future. Such proposals, if enacted, may further alter the structure, regulation and competitive relationship among financial institutions and may subject the Company to increased supervision and disclosure and reporting requirements. In addition, the various bank regulatory agencies often adopt new rules, regulations, and policies to implement and enforce existing legislation. It cannot be predicted whether, or in what form, any such legislation or regulatory changes in policy may be enacted or the extent to which the business of the Company would be affected thereby.

State Regulation

BancFirst is an Oklahoma-chartered state bank. Accordingly, BancFirst’s operations are subject to various requirements and restrictions of Oklahoma state law relating to loans, lending limits, interest rates payable on deposits, investments, mergers and acquisitions, borrowings, dividends, capital adequacy and other matters. However, Oklahoma banking law specifically empowers a state-chartered bank such as BancFirst to exercise the same powers as are conferred upon national banks by the laws of the United States and the regulations and policies of the Office of the Comptroller of the Currency, unless otherwise prohibited or limited by the State Banking Commissioner or the State Banking Board. Accordingly, unless a specific provision of Oklahoma law otherwise provides, a state-chartered bank is empowered to conduct all activities that a national bank may conduct.

National banks are authorized by the GLB Act to engage, through “financial subsidiaries,” in any activity that is permissible for a financial holding company and any activity that the Secretary of the Treasury, in consultation with the Federal Reserve Board, determines is financial in nature or incidental to any such financial activity, except (1) insurance underwriting, (2) real estate




development or real estate investment activities (unless otherwise permitted by law), (3) insurance company portfolio investments and (4) merchant banking. The authority of a national bank to invest in a financial subsidiary is subject to a number of conditions, including, among other things, requirements that the bank must be well managed and well capitalized (after deducting from the bank’s capital outstanding investments in financial subsidiaries). The GLB Act provides that state nonmember banks, such as BancFirst, may invest in financial subsidiaries (assuming they have the requisite investment authority under applicable state law), subject to the same conditions that apply to national bank investments in financial subsidiaries.

As a state nonmember bank, BancFirst is subject to primary supervision, periodic examination and regulation by the State Banking Board and the FDIC, and Oklahoma law provides that BancFirst must maintain reserves against deposits as required by the FDI Act. The Oklahoma State Bank Commissioner is authorized by statute to accept an FDIC examination in lieu of a state examination. In practice, the FDIC and the Oklahoma State Banking Department alternate examinations of BancFirst. If, as a result of an examination of a bank, the Oklahoma Banking Department determines that the financial condition, capital resources, asset quality, earnings prospects, management, liquidity, or other aspects of the bank’s operations are unsatisfactory or that the management of the bank is violating or has violated any law or regulation, various remedies, including the remedy of injunction, are available to the Oklahoma Banking Department. Oklahoma law permits the acquisition of an unlimited number of wholly-owned bank subsidiaries so long as aggregate deposits at the time of acquisition in a multi-bank holding company do not exceed 20% of the total amount of deposits of insured depository institutions located in Oklahoma.

In addition to the provisions of the GLB Act that authorize state nonmember banks to invest in financial subsidiaries (assuming they have the requisite investment authority under applicable state law) on the same conditions that apply to national banks, Federal Deposit Insurance Corporation Improvement Act (“FDICIA”) provides that FDIC-insured state banks such as BancFirst may engage directly or through a subsidiary in certain activities that are not permissible for a national bank, if the activity is authorized by applicable state law, the FDIC determines that the activity does not pose a significant risk to the DIF and the bank is in compliance with its applicable capital standards.

Securities Laws

The Company’s common stock is publicly held and listed on the NASDAQ Global Select Market, and the Company is subject to the periodic reporting, information, proxy solicitation, insider trading, corporate governance and other requirements and restrictions of the Securities Exchange Act of 1934 and the regulations of the SEC promulgated thereunder as well as listing requirements of the NASDAQ. In addition, the Dodd-Frank Act includes provisions that affect corporate governance and executive compensation at most United States publicly traded companies, including the Company.

The Company is also subject to the accounting oversight and corporate governance requirements of the Sarbanes-Oxley Act of 2002, including:


required executive certification of financial presentation;


increased requirements for board audit committees and their members;


enhanced disclosures of controls and procedures and internal control over financial reporting;


enhanced controls over, and reporting of, insider trading and


increased penalties for financial crimes and forfeiture of executive bonuses in certain circumstances.

Available Information

The Company maintains a website at The Company provides copies of the most recently filed 10-K, 10-Q and proxy statements, and amendments to those reports filed or furnished pursuant to Section 13(a) or 15(d) of the Exchange Act as soon as reasonably practicable after the Company electronically files the material with, or furnishes it to, the SEC. The website also provides links to the SEC’s website ( where all of the Company’s filings with the SEC can be obtained immediately upon filing. You may also request a copy of the Company’s filings, at no cost, by writing or telephoning the Company at the following address:

BancFirst Corporation

101 N. Broadway

Oklahoma City, Oklahoma 73102

ATTENTION: Randy Foraker

Executive Vice President

(405) 270-1044




1A. Risk Factors

In the course of conducting our business operations, we are exposed to a variety of risks that are inherent to the financial services industry. The following discusses some of the key inherent risk factors that could affect our business and operations. The risks and uncertainties described below are not the only ones we are facing. Other factors besides those discussed below or elsewhere in this report also could adversely affect our business and operations, and the risk factors discussed below should not be considered a complete list of potential risks that may affect us. Further, to the extent that any of the information contained in this report constitutes forward-looking statements, the risk factors set forth below also are cautionary statements identifying important factors that could cause our actual results to differ materially from those expressed in any forward-looking statements made by or on behalf of us.

Risks Related to Our Business

Changes in economic conditions, especially in the State of Oklahoma, pose significant challenges for us and could adversely affect our financial condition and results of operations.

Our business is affected by conditions outside our control, including the rate of economic growth in general, the level of unemployment, increases in inflation and the level of interest rates. Economic conditions affect the level of demand for and the profitability of our products and services. A slowdown in the general economic activity, particularly in Oklahoma, could negatively impact our business. Our bank subsidiary operates exclusively within the State of Oklahoma and, unlike larger national or superregional banks that serve a broader and more diverse geographic region; our lending is also primarily concentrated in the State of Oklahoma. As a result, our financial condition, results of operations and cash flows are subject to changes in the economic conditions in our state. Our continued success is largely dependent upon the continued growth or stability of the communities we serve. A decline in the economies of these communities could negatively impact our net income and profitability. Additionally, declines in the economies of these communities and of the State of Oklahoma in general could affect our ability to generate new loans or to receive repayments of existing loans, and our ability to attract new deposits, adversely affecting our financial condition.

We may be adversely affected by declining crude oil prices.

Recent years have been marked by significant volatility in market oil prices.  Decreased market oil prices have compressed margins for many U.S. and Oklahoma-based oil producers, particularly those that utilize higher-cost production technologies such as hydraulic fracking and horizontal drilling, as well as oilfield service providers, energy equipment manufacturers and transportation suppliers, among others. As of December 31, 2018, the price per barrel of crude oil was approximately $54 compared to a high of over $100 in 2014 and a low of approximately $30 at the beginning of 2016. If oil prices drop below the marginal cost of production for an extended period, we would expect to experience weaker energy loan demand and increased losses within our energy portfolio. Furthermore, a prolonged period of low oil prices could also have a negative impact on the energy producing economies and, in particular, the economies of states such as Oklahoma, where the energy industry is a significant driver of economic activity. Although as of December 31, 2018, reserve-based and service energy loans comprised less than 4% of our loan portfolio, the impact of lower oil prices could have an indirect impact on our other loan portfolio segments, for example, commercial real estate (“CRE”).  

A substantial portion of our loan portfolio is secured by real estate, in particular commercial real estate. Deterioration in the real estate markets could lead to losses, which could have a material negative effect on our financial condition and results of operations.

Loans secured by real estate constitute a significant portion of our loan portfolio. At December 31, 2018, this percentage was 64.8% compared to 64.4% at December 31, 2017. While our record of asset quality has historically been solid, we cannot guarantee that our record of asset quality will be maintained in future periods. The ability of our borrowers to repay their loans could be adversely impacted by a significant change in market conditions, which not only could result in our experiencing an increase in charge-offs, but also could necessitate increasing our provision for loan losses. In addition, because one to four family residential and commercial real estate loans represent the majority of our real estate loans outstanding, a decline in tenant occupancy due to such factors or for other reasons could adversely impact the ability of our borrowers to repay their loans on a timely basis, which could have a negative impact on our financial condition and results of operations.

If a significant number of customers fail to perform under their loans, our business, profitability and financial condition would be adversely affected.

There are inherent risks associated with our lending activities. As a lender, we face the risk that a significant number of our borrowers will fail to pay their loans because of other factors, including the impact of changes in interest rates and changes in the economic conditions in the markets where we operate. If borrower defaults cause losses in excess of our allowance for loan losses, it could have an adverse effect on our business, profitability and financial condition. We have established an evaluation process designed




to recognize loan losses as they occur. While this evaluation process uses historical and other objective information, the classification of loans and the estimation of loan losses are dependent to a great extent on our experience and judgment. If charge-offs in future periods exceed the allowance for loan losses, we will need additional provisions to increase the allowance for loan losses. Any increases in the allowance for loan losses will result in a decrease in net income and capital, and may have a material adverse effect on our financial condition and results of operations. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations” located elsewhere in this report for further discussion related to our process for determining the appropriate level of the allowance for loan losses. We cannot assure you that our future loan losses will not have any material adverse effects on our business, profitability or financial condition.

Technological advances in payment processing is expected to negatively impact our interchange revenue.

Interchange fees, or “swipe” fees, are charges that merchants pay to the processors who, in turn, share that revenue with us and other card-issuing banks for processing electronic payment transactions. Rapid, significant technological changes continue to confront the payments industry. Technological advances and the growth of e-commerce have made it possible for non-depository institutions to offer products and services that traditionally were banking products, and for financial institutions and other companies to provide electronic and internet-based financial solutions for processing electronic payment transactions. These include developments in smart cards, e-commerce, mobile and radio frequency and proximity payment devices, such as contactless cards. Ongoing or increased competition in payment processing may restrict our ability to generate interchange revenue in the future. For the year ended December 31, 2018, debit card interchange revenue represented 23.8% of our noninterest income.

New consumer protection laws may reduce our noninterest income.

We are subject to a number of federal and state consumer protection laws that extensively govern our relationship with our customers. The Dodd-Frank Act established the Consumer Financial Protection Bureau ("CFPB") with powers to supervise and enforce consumer protection laws. The CFPB has broad rule-making authority for a wide range of consumer protection laws that apply to all banks and savings institutions, including the authority to prohibit "unfair, deceptive or abusive acts and practices.” The CFPB also has examination and enforcement authority over all banks and savings institutions with more than $10 billion in assets for certain designated consumer laws and regulations. The other federal banking agencies enforce such consumer laws and regulations for banks and savings institutions under $10 billion in assets. These and other federal laws, among other things, require disclosures of the cost of credit and terms of deposit accounts, provide substantive consumer rights, prohibit discrimination in credit transactions, regulate the use of credit report information, provide financial privacy protections, prohibit unfair, deceptive and abusive practices and restrict our ability to raise interest rates and charge NSF fees. A significant portion of our noninterest income is derived from service charge income, including NSF fees, which represented 25.0% of our noninterest income for the year ended December 31, 2018.  Violations of applicable consumer protection laws can also result in significant potential liability from litigation brought by customers, including actual damages, restitution and attorneys’ fees.

Fluctuations in interest rates could reduce our profitability.

We realize income primarily from the difference between interest earned on loans and investments and the interest paid on deposits and borrowings. We expect that we will periodically experience “gaps” in the interest rate sensitivities of our assets and liabilities, meaning that either our interest-earning assets will be more sensitive to changes in market interest rates than our interest-bearing liabilities, or vice versa. Changes in market interest rates either could positively or negatively affect our net interest income and our profitability, depending on the magnitude, direction and duration of the change. If interest rates decline, our net interest margin could experience compression.

We are unable to predict fluctuations of market interest rates, which are affected by, among other factors, changes in inflation rates, economic growth, money supply, government debt, domestic and foreign financial markets and political developments, including terrorist acts and acts of war. Our asset-liability management strategy, which is designed to mitigate our risk from changes in market interest rates, may not be able to mitigate changes in interest rates from having a material adverse effect on our results of operations and financial condition.

Changes in monetary policies may have an adverse effect on our business.

Our results of operations are affected by credit policies of monetary authorities, particularly the Federal Reserve Board. Actions by monetary and fiscal authorities, including the Federal Reserve Board, could have an adverse effect on our deposit levels, loan demand or business earnings. See “Item 1 - Business-Supervision and Regulation.” Our profitability is greatly dependent upon our earning a positive interest spread between our loan and securities portfolio, and our funding deposits and borrowings. Changes in the




level of interest rates, a prolonged unfavorable interest rate environment or a decrease in our level of deposits that increases our cost of funds could negatively affect our profitability and financial condition.

The repeal of federal prohibitions on payment of interest on business checking accounts could increase our interest expense.

All federal prohibitions on the ability of financial institutions to pay interest on business checking accounts were repealed as part of the Dodd-Frank Act beginning on July 21, 2011. Our interest expense will increase and our net interest margin will decrease if we begin offering interest on business checking accounts to attract additional customers or maintain current customers, which could have a material adverse effect on our business, financial condition and results of operations.

Our information systems may experience an interruption or breach in security.

We rely heavily on communications and information systems to conduct our business. Any failure, interruption or breach in security of these systems could result in failures or disruptions in our customer relationship management, general ledger, deposit, loan and other systems. Information security breaches and cybersecurity-related incidents may include, but are not limited to, attempts to access information, including customer and company information, malicious code, computer viruses and denial of service attacks that could result in unauthorized access, misuse, loss or destruction of data (including confidential customer information), account takeovers, unavailability of service or other events. These types of threats may derive from human error, fraud or malice on the part of external or internal parties, or may result from accidental technological failure. Further, to access our products and services our customers may use computers and mobile devices that are beyond our security control systems. Our technologies, systems, networks and software and those of other financial institutions have been, and are likely to continue to be, the target of cybersecurity threats and attacks, which may range from uncoordinated individual attempts to sophisticated and targeted measures directed at us. The risk of a security breach or disruption, particularly through cyber-attack or cyber intrusion, has increased as the number, intensity and sophistication of attempted attacks and intrusions from around the world have increased.

Our business requires the collection and retention of large volumes of customer data, including personally identifiable information in various information systems that we maintain and in those maintained by third parties with whom we contract to provide data services. We also maintain important internal company data such as personally identifiable information about our employees and information relating to our operations. The integrity and protection of that customer and company data is important to us. Our collection of such customer and company data is subject to extensive regulation and oversight. Our customers and employees have been, and will continue to be, targeted by parties using fraudulent e-mails and other communications in attempts to misappropriate passwords, bank account information or other personal information or to introduce viruses or other malware through “Trojan horse” programs to our information systems and/or our customers' computers. Though we endeavor to mitigate these threats through product improvements, use of encryption and authentication technology and customer and employee education, such cyber attacks against us or our merchants and our third party service providers remain a serious issue. The pervasiveness of cybersecurity incidents in general and the risks of cyber crime are complex and continue to evolve. More generally, publicized information concerning security and cyber-related problems could inhibit the use or growth of electronic or web-based applications or solutions as a means of conducting commercial transactions.

Although we make significant efforts to maintain the security and integrity of our information systems and have implemented various measures to manage the risk of a security breach or disruption, there can be no assurance that our security efforts and measures will be effective or that attempted security breaches or disruptions would not be successful or damaging. Even the most well protected information, networks, systems and facilities remain potentially vulnerable because attempted security breaches, particularly cyber-attacks and intrusions, or disruptions will occur in the future, and because the techniques used in such attempts are constantly evolving and generally are not recognized until launched against a target, and in some cases are designed not to be detected and, in fact, may not be detected. Accordingly, we may be unable to anticipate these techniques or to implement adequate security barriers or other preventative measures, and thus it is virtually impossible for us to entirely mitigate this risk. While we maintain specific “cyber” insurance coverage, which would apply in the event of various breach scenarios, the amount of coverage may not be adequate in any particular case. Furthermore, because cyber threat scenarios are inherently difficult to predict and can take many forms, some breaches may not be covered under our cyber insurance coverage. A security breach or other significant disruption of our information systems or those related to our customers, merchants and our third party vendors, including as a result of cyber-attacks, could (i) disrupt the proper functioning of our networks and systems and therefore our operations and/or those of certain of our customers; (ii) result in the unauthorized access to, and destruction, loss, theft, misappropriation or release of confidential, sensitive or otherwise valuable information of ours or our customers; (iii) result in a violation of applicable privacy, data breach and other laws, subjecting us to additional regulatory scrutiny and expose us to civil litigation, governmental fines and possible financial liability; (iv) require significant management attention and resources to remedy the damages that result; or (v) harm our reputation or cause a decrease in the number of customers that choose to do business with us. The occurrence of any of the foregoing could have a material adverse effect on our business, financial condition and results of operations.




We rely on certain external vendors.

We are reliant upon certain external vendors to provide products and services necessary to maintain our day-to-day operations. These third party vendors are sources of operational and informational security risk to us, including risks associated with operational errors, information system interruptions or breaches and unauthorized disclosures of sensitive or confidential client or customer information. If these vendors encounter any of these issues, or if we have difficulty communicating with them, we could be exposed to disruption of operations, loss of service or connectivity to customers, reputational damage and litigation risk that could have a material adverse effect on our business and, in turn, our financial condition and results of operations.

Failure to keep pace with technological change could adversely affect our results of operations and financial condition.

The financial services industry is undergoing rapid technological changes with frequent introductions of new technology-driven products and services. In addition to better serving our customers, the effective use of technology increases our efficiency and enables us to reduce costs. Our future success will depend in part upon our ability to address the needs of our customers by using technology to provide products and services that will satisfy customer demands for convenience as well as to create additional efficiencies in our operations as we continue to grow and expand our market area. Many of our larger competitors have substantially greater resources to invest in technological improvements. As a result, they may be able to offer additional or superior products to those that we will be able to offer, which would put us at a competitive disadvantage. Accordingly, we cannot assure you that we will be able to effectively implement new technology-driven products and services or be successful in marketing such products and services to our customers.

Maintaining or increasing our market share depends on market acceptance and regulatory approval of new products and services.

Our success depends, in part, upon our ability to adapt our products and services to evolving industry standards and consumer demand. There is increasing pressure on financial services companies to provide products and services at lower prices. In addition, the widespread adoption of new technologies, including Internet-based services, could require us to make substantial expenditures to modify or adapt our existing products or services. A failure to achieve market acceptance of any new products we introduce, or a failure to introduce products that the market may demand, could have an adverse effect on our business, profitability or growth prospects.

Changes in consumer use of banks and changes in consumer spending and savings habits could adversely affect our financial results.

Technology and other changes now allow many customers to complete financial transactions without using banks. For example, consumers can pay bills and transfer funds directly without going through a bank. This process of eliminating banks as intermediaries could result in the loss of fee income, as well as the loss of customer deposits and income generated from those deposits. In addition, changes in consumer spending and savings habits could adversely affect our operations, and we may be unable to timely develop competitive new products and services in response to these changes.

We operate in a highly regulated environment and may be adversely affected by changes in federal and state laws and regulations.

We are subject to extensive regulation, supervision and examination by federal and state banking authorities. Any change in applicable regulations or federal or state legislation could have a substantial impact on us and our results of operations. The Dodd-Frank Act, enacted in July 2010, instituted major changes to the banking and financial institutions regulatory regimes. Other changes to statutes, regulations or regulatory policies or supervisory guidance, including changes in interpretation or implementation of statutes, regulations, policies or supervisory guidance, could affect us in substantial and unpredictable ways. Such changes could subject us to additional costs, limit the types of financial services and products we may offer and/or increase the ability of non-banks to offer competing financial services and products, among other things. Failure to comply with laws, regulations, policies or supervisory guidance could result in enforcement and other legal actions by federal or state authorities, including criminal and civil penalties, the loss of FDIC insurance, the revocation of a banking charter, other sanctions by regulatory agencies, civil money penalties and/or reputational damage. In this regard, government authorities, including the bank regulatory agencies, are pursuing aggressive enforcement actions with respect to compliance and other legal matters involving financial activities, which heightens the risks associated with actual and perceived compliance failures. Any of the foregoing could have a material adverse effect on our business, financial condition and results of operations.

See the section captioned “Supervision and Regulation” included in Item 1. Business, located elsewhere in this report.




Our recent results may not be indicative of future results.

We may not be able to sustain our historical rate of growth or may not be able to grow our business at all. Various factors, such as poor economic conditions, changes in interest rates, regulatory and legislative considerations and competition may also impede or inhibit our ability to expand our market presence. If we experience a significant decrease in our rate of growth, our results of operations and financial condition may be adversely affected due to a high percentage of our operating costs being fixed expenses.

Competition with other financial institutions could adversely affect our profitability.

We face vigorous competition from banks and other financial institutions, including savings and loan associations, savings banks, finance companies and credit unions. A portion of these banks and other financial institutions have substantially greater resources and lending limits, larger branch systems and other banking services that we do not offer. To a limited extent, we also compete with other providers of financial services, such as money market mutual funds, brokerage firms, consumer finance companies and insurance companies. When new competitors seek to enter one of our markets, or when existing market participants seek to increase their market share, they sometimes undercut the pricing and/or credit terms prevalent in that market. This competition may reduce or limit our margins on banking and trust services, reduce our market share and adversely affect our results of operations and financial condition.

There can be no assurance that the integration of our acquisitions will be successful or will not result in unforeseen difficulties that may absorb significant management attention.

Our completed acquisitions, or any future acquisition, may not produce the revenue, cost savings, earnings or synergies that we anticipated. The process of integrating acquired companies into our business may also result in unforeseen difficulties. Unforeseen operating difficulties may absorb significant management attention, which we might otherwise devote to our existing business. Also, the process may require significant financial resources that we might otherwise allocate to other activities, including the ongoing development or expansion of our existing operations. Additionally, we may be exposed to potential asset quality issues or unknown or contingent liabilities of the banks, businesses, assets and liabilities we acquire. If these issues or liabilities exceed our estimates, our results of operations and financial condition may be negatively affected.

If we pursue a future acquisition, our management could spend a significant amount of time and effort identifying and completing the acquisition. If we make a future acquisition, we could issue equity securities, which would dilute current stockholders’ percentage ownership, incur substantial debt, assume contingent liabilities and be required to record an impairment of goodwill or any combination of the foregoing.

Changes in accounting standards could impact our financial statements and reported earnings.

Accounting standard-setting bodies, such as the Financial Accounting Standards Board, periodically change the financial accounting and reporting standards that affect the preparation of the consolidated financial statements. These changes are beyond our control and could have a meaningful impact on our consolidated financial statements.

Our accounting estimates and risk-management processes may not be effective in mitigating risk and loss.

We maintain an enterprise risk-management program that is designed to identify, quantify, monitor, report and control the risks that it faces. These include interest-rate risk, credit risk, liquidity risk, operational risk, reputational risk and compliance and litigation risk. While we assess and improve this program on an ongoing basis, there can be no assurance that its approach and framework for risk-management and related controls will effectively mitigate risk and limit losses in our business. To comply with generally accepted accounting principles, management must sometimes exercise judgment in selecting, determining and applying accounting methods, assumptions and estimates. This can arise, for example, in determining the allowance for loan losses or the fair value of assets or liabilities. The judgments required of management can involve difficult, subjective, or complex matters with a high degree of uncertainty, and several different judgments could be reasonable under the circumstances and yet result in significantly different results being reported. See “Critical Accounting Policies and Estimates” in Part II, Item 7. If management’s judgments later prove to have been inaccurate, we may experience unexpected losses that could be substantial.

Additionally, the processes we use to estimate our probable loan losses and to measure the fair value of financial instruments, as well as the processes used to estimate the effects of changing interest rates and other market measures on our financial condition and results of operations, depends upon the use of analytical and forecasting models. These models reflect assumptions that may not be accurate, particularly in times of market stress or other unforeseen circumstances. Even if these assumptions are adequate, the models may prove to be inadequate or inaccurate because of other flaws in their design or their implementation. If the models we use for interest rate risk and asset-liability management are inadequate, we may incur increased or unexpected losses upon changes in market




interest rates or other market measures. If the models we use for determining our probable loan losses are inadequate, the allowance for loan losses may not be sufficient to support future charge-offs. If the models we use to measure the fair value of financial instruments are inadequate, the fair value of such financial instruments may fluctuate unexpectedly or may not accurately reflect what we could realize upon sale or settlement of such financial instruments. Any such failure in our analytical or forecasting models could have a material adverse effect on our business, financial condition and results of operations.

If we fail to maintain an effective system of internal controls, we may not be able to accurately report our financial results or prevent fraud.

Effective internal controls are necessary for us to provide reliable financial reports and effectively prevent fraud. Any inability to provide reliable financial reports or prevent fraud could harm our business. The Sarbanes-Oxley Act of 2002 requires management and our auditors to evaluate and assess the effectiveness of our internal control over financial reporting. These requirements may be modified, supplemented or amended from time to time. Implementing these changes may take a significant amount of time and may require specific compliance training of our personnel. We have in the past discovered, and may in the future discover, areas of our internal control over financial reporting that need improvement. If our auditors or we discover a material weakness, the disclosure of that fact, even if quickly remedied, could reduce the market’s confidence in our financial statements and have an adverse effect on our stock price. We may not be able to effectively and timely implement necessary control changes and employee training to ensure continued compliance with the Sarbanes-Oxley Act and other regulatory and reporting requirements. Our historic growth and our planned expansion through acquisitions present challenges to maintaining the internal control and disclosure control standards applicable to public companies. If we fail to maintain effective internal controls, we could be subject to regulatory scrutiny and sanctions, our ability to recognize revenue could be impaired and investors could lose confidence in the accuracy and completeness of our financial reports. We cannot assure you that we will continue to fully comply with the requirements of the Sarbanes-Oxley Act or that management or our auditors will conclude that our internal control over financial reporting is effective in future periods.

The soundness of other financial institutions could have a material adverse effect on our business, growth and profitability.

Financial services institutions are interrelated because of trading, clearing, counterparty or other relationships. We have exposure to many different industries and counterparties, and routinely execute transactions with counterparties in the financial services industry, including commercial banks, brokers and dealers, investment banks and other institutional clients. Many of these transactions expose our business to credit risk in the event of a default by a counterparty or client. In addition, our credit risk may be exacerbated when the collateral we hold cannot be realized upon or is liquidated at prices not sufficient to recover the full amount of the credit or derivative exposure due to us. Any such losses could have a material adverse effect on our financial condition and results of operations.

We are subject to liquidity risk.

Liquidity is the ability to fund increases in assets and meet obligations as they come due, all without incurring unacceptable losses. Banks are especially vulnerable to liquidity risk because of their role in the transformation of demand or short-term deposits into longer-term loans or other extensions of credit. We, like other financial-services companies, rely to a significant extent on external sources of funding (such as deposits and borrowings) for the liquidity needed in the conduct of our business. A number of factors beyond our control, however, could have a detrimental impact on the level or cost of that funding and thus on our liquidity. These include market disruptions, changes in our credit ratings or the sentiment of our investors, the loss of substantial deposit relationships and reputational damage. Unexpected declines or limits on the dividends declared and paid by our subsidiaries also could adversely affect our liquidity position. While our policies and controls are designed to ensure that we maintain adequate liquidity to conduct our business in the ordinary course even in a stressed environment, there can be no assurance that our liquidity position will never become compromised. In such an event, we may be required to sell assets at a loss in order to continue our operations. This could damage the performance and value of our business, prompt regulatory intervention and harm our reputation, and if the condition were to persist for any appreciable period of time, our viability as a going concern could be threatened. See “Quantitative and Qualitative Disclosures About Market Risk—Liquidity Risk” in Part II, Item 7A for a discussion of how we monitor and manage liquidity risk.

We have businesses other than banking.

In addition to commercial banking services, we provide life and other insurance products, as well as other business and financial services. We may in the future develop or acquire other non-banking businesses. As a result of other such businesses, our earnings could be subject to risks and uncertainties that are different from those to which our commercial banking services are subject. In developing and marketing new lines of business and/or new products and services, we may invest significant time and resources. Initial timetables for the introduction and development of new lines of business and/or new products or services may not be achieved




and price and profitability targets may not prove feasible. External factors, such as compliance with regulations, competitive alternatives, and shifting market preferences, may also impact the successful implementation of a new line of business or a new product or service. Furthermore, any new line of business and/or new product or service could have a significant impact on the effectiveness of our system of internal controls. Failure to successfully manage these risks in the development and implementation of new lines of business or new products or services could have a material adverse effect on our business, financial condition and results of operations.

We may need to raise additional capital in the future, and such capital may not be available when needed or at all.

We may need to raise additional capital in the future to provide us with sufficient capital resources and liquidity to meet our commitments and business needs, particularly if our asset quality or earnings were to deteriorate significantly. Our ability to raise additional capital, if needed, will depend on, among other things, conditions in the capital markets at that time, which are outside of our control and our financial performance. Economic conditions and the loss of confidence in financial institutions may increase our cost of funding and limit access to certain customary sources of capital, including inter-bank borrowings, repurchase agreements and borrowings from the discount window of the Federal Reserve Board.

We cannot assure that such capital will be available on acceptable terms or at all. Any occurrence that may limit our access to the capital markets, such as a decline in the confidence of debt purchasers, depositors or counterparties participating in the capital markets, or a downgrade of our debt ratings, may adversely affect our capital costs and our ability to raise capital and, in turn, our liquidity. Moreover, if we need to raise capital in the future, we may have to do so when many other financial institutions are also seeking to raise capital, and we would have to compete with those institutions for investors. An inability to raise additional capital on acceptable terms when needed could have a materially adverse effect on our businesses, financial condition and results of operations.

We rely heavily on our management team, and the unexpected loss of key managers may adversely affect our operations.

Our success to-date has been strongly influenced by our ability to attract and to retain senior management experienced in banking and financial services. Our ability to retain executive officers and the current management teams of each of our lines of business will continue to be important to the successful implementation of our strategies. We do not have employment or non-compete agreements with these key employees. The unexpected loss of services of any key management personnel, or the inability to recruit and retain qualified personnel in the future, could have an adverse effect on our business and financial results.

We are subject to environmental liability risk associated with lending activities.

A significant portion of our loan portfolio is secured by real property. During the ordinary course of business, we may foreclose on and take title to properties securing certain loans. In doing so, there is a risk that hazardous or toxic substances could be found on these properties. If hazardous or toxic substances are found, we may be liable for remediation costs, as well as for personal injury and property damage. Environmental laws may require us to incur substantial expenses and may materially reduce the affected property’s value or limit our ability to use or sell the affected property. In addition, future laws or more stringent interpretations or enforcement policies with respect to existing laws may increase our exposure to environmental liability. Although we have policies and procedures to perform an environmental review before initiating any foreclosure action on real property, these reviews may not be sufficient to detect all potential environmental hazards. The remediation costs and any other financial liabilities associated with an environmental hazard could have a material adverse effect on our financial condition and results of operations.

The FASB’s ASU 2016-13 will result in a significant change in how we recognize credit losses and may have a material impact on our financial condition or results of operations.

In June 2016, the Financial Accounting Standards Board, or FASB, issued Accounting Standards Update, or ASU, 2016-13, “Financial Instruments-Credit Losses (Topic 326), Measurement of Credit Losses on Financial Instruments,” which replaces the current “incurred loss” model for recognizing credit losses with an “expected loss” model referred to as the Current Expected Credit Loss model, or CECL. Under the CECL model, we will be required to present certain financial assets carried at amortized cost, such as loans held for investment and held-to-maturity debt securities, at the net amount expected to be collected. The measurement of expected credit losses is to be based on information about past events, including historical experience, current conditions, and reasonable and supportable forecasts that affect the collectability of the reported amount. This measurement will take place at the time the financial asset is first added to the balance sheet and periodically thereafter. This differs significantly from the “incurred loss” model required under current GAAP, which delays recognition until it is probable a loss has been incurred. Accordingly, we expect that the adoption of the CECL model will materially affect how we determine our allowance for loan losses and could require us to materially increase our allowance. Moreover, the CECL model may create more volatility in the level of our allowance for loan losses




as expectations of future events change from time to time. If we are required to materially increase our level of allowance for loan losses for any reason, such increase could adversely affect our results of operations.

The new CECL standard will become effective for us for fiscal years beginning after December 15, 2019 and for interim periods within those fiscal years. We are currently evaluating the impact the CECL model will have on our accounting, but we expect to recognize a one-time cumulative-effect adjustment to our allowance for loan losses as of the beginning of the first reporting period in which the new standard is effective. We cannot yet determine the magnitude of any such one-time cumulative adjustment or of the overall impact of the new standard on our financial condition or results of operations since that determination must be based on expectations that might exist at a future date.

Risks Associated with Our Common Stock

Our stock price can be volatile.

Stock price volatility may make it more difficult for you to resell your common stock when you want and at prices you find attractive. Our stock price can fluctuate significantly in response to a variety of factors including, among other things: actual or anticipated variations in quarterly results of operations; recommendations by securities analysts; operating and stock price performance of other companies that investors deem comparable to us; news reports relating to trends, concerns and other issues in the financial services industry; perceptions in the marketplace regarding us and/or our competitors; new technology used, or services offered by competitors; significant acquisitions or business combinations, strategic partnerships, joint ventures or capital commitments by or involving us or our competitors; failure to integrate acquisitions or realize anticipated benefits from acquisitions; changes in government regulations; and geopolitical conditions such as acts or threats of terrorism or military conflicts.

General market fluctuations, industry factors and general economic and political conditions and events, such as economic slowdowns or recessions, interest rate changes or credit loss trends, could also cause our stock price to decrease regardless of our operating results.

The trading volume in our common stock is less than that of other larger financial services companies.

Although our common stock is listed for trading on the NASDAQ Global Select Market, the trading volume in our common stock is generally less than that of other, larger financial services companies. A public trading market having the desired characteristics of depth, liquidity and orderliness depends on the presence in the marketplace of willing buyers and sellers of our common stock at any given time. This presence depends on the individual decisions of investors and general economic and market conditions over which we have no control. Given the lower trading volume of our common stock, significant sales of our common stock, or the expectation of these sales, could cause our stock price to fall.

We may not continue to pay dividends on our common stock in the future.

We have historically paid a common stock dividend. However, as a bank holding company, our ability to declare and pay dividends is dependent on certain federal regulatory considerations, including the guidelines of the Federal Reserve Board regarding capital adequacy and dividends. Additionally, our ability to declare or pay dividends on our common stock may also be subject to certain restrictions in the event that we elect to defer the payment of interest on our junior subordinated deferrable interest debentures. There can be no certainty that our common dividend will continue to be paid at the current levels. It is possible that our common dividend could be reduced or even cease to be paid. In such case, the trading price of our common stock could decline, and investors may lose all or part of their investment.

Our directors and executive officers own a significant portion of our common stock and can influence stockholder decisions.

Our directors and executive officers, as a group, beneficially owned approximately 38% of our outstanding common stock as of January 31, 2019. As a result of their ownership, the directors and executive officers have the ability for all practical purposes, by voting their shares in concert, to control the outcome of any matter submitted to our stockholders for approval, including the election of directors, which requires only a majority vote. The directors and executive officers may vote to cause us to take actions with which our other stockholders do not agree.

Our amended certificate of incorporation, as well as certain provisions of banking law and Oklahoma corporate law, could make it difficult for a third party to acquire our company.

Oklahoma corporate law and our amended certificate of incorporation contains provisions that could delay, deter or prevent a change in control of our management or us. Together, these provisions may discourage transactions that otherwise could provide for




the payment of a premium over prevailing market prices of our common stock, and also could limit the price that investors are willing to pay in the future for shares of our common stock.  Additionally, provisions of federal banking laws, including regulatory approval requirements, could make it more difficult for a third party to acquire us, even if doing so would be perceived to be beneficial to our shareholders. These provisions effectively inhibit a non-negotiated merger or other business combination, which, in turn, could adversely affect the market price of our common stock.

An investment in our common stock is not an insured deposit.

Our common stock is not a bank deposit and, therefore, is not insured against loss by the FDIC, any other deposit insurance fund or by any other public or private entity. Investment in our common stock inherently involves risk for the reasons described in this “Risk Factors” section and elsewhere in this report and is subject to the same market forces that affect the price of common stock in any company. As a result, if you acquire our common stock, you could lose some or all of your investment.

Item 1B. Unresolved Staff Comments.


Item 2. Properties.

The principal offices of the Company are located at 101 North Broadway, Oklahoma City, Oklahoma 73102.

On August 31, 2018 the Company’s wholly-owned subsidiary, BFTower, LLC, completed the purchase of Cotter Ranch Tower in Oklahoma City. Cotter Ranch Tower was subsequently renamed BancFirst Tower. The Company plans to move its headquarters to this location as soon as renovations are complete.

The Company owns substantially all of the properties and buildings in which its various offices and facilities are located. These properties include the main bank, a technology and operations center and 106 bank branches. BancFirst also owns properties for future expansion. There are no significant encumbrances on any of these properties. (See Note 6 - “Premises and Equipment, Net and Other Assets” to the Consolidated Financial Statements for further information on the Company’s properties).

Item 3. Legal Proceedings.

The Company has been named as a defendant in various legal actions arising from the conduct of its normal business activities. Although the amount of any liability that could arise with respect to these actions cannot be accurately predicted, in the opinion of the Company, any such liability will not have a material adverse effect on the consolidated financial statements of the Company.

Item 4. Mine Safety Disclosures.






Item 5. Market for the Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities.


Common Stock Market Prices and Dividends


The Company’s Common Stock is listed on the NASDAQ Global Select Market System (“NASDAQ/GS”) and is traded under the symbol “BANF”. As of January 31, 2019, there were 270 holders of record of our Common Stock. At that date, there were approximately 7,000 beneficial owners of our Common Stock.


Future dividend payments will be determined by the Company’s Board of Directors in light of the earnings and financial condition of the Company and the Bank, their capital needs, applicable governmental policies and regulations and such other factors as the Board of Directors deems appropriate.

BancFirst Corporation is a legal entity separate and distinct from the Bank, and its ability to pay dividends is substantially dependent upon dividend payments received from the Bank. Various laws, regulations and regulatory policies limit the Bank’s ability to pay dividends to BancFirst Corporation, as well as BancFirst Corporation’s ability to pay dividends to its stockholders. See “Liquidity and Funding” and “Capital Resources” under “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” “Description of Business-Supervision and Regulation” and Note (15) of the Notes to Consolidated Financial Statements for further information regarding limitations on the payment of dividends by BancFirst Corporation and the Bank.

Stock Repurchases

In November 1999, the Company adopted a Stock Repurchase Program (the “SRP”). The SRP may be used as a means to increase earnings per share and return on equity, to purchase treasury stock for the exercise of stock options or for distributions under the Deferred Stock Compensation Plan, to provide liquidity for optionees to dispose of stock from exercises of their stock options and to provide liquidity for stockholders wishing to sell their stock. All shares repurchased under the SRP have been retired and not held as treasury stock. The timing, price and amount of stock repurchases under the SRP may be determined by management and approved by the Company’s Executive Committee. At December 31, 2018, there were 148,736 shares remaining that could be repurchased under the Company’s November 1999 Stock Repurchase Program. The amount approved is subject to amendment. The Stock Repurchase Program will remain in effect until all shares are repurchased.

The following table provides information with respect to purchases made by or on behalf of the Company or any “affiliated purchaser” (as defined in Rule 10b-18(a)(3) under the Securities Exchange Act of 1934), of the Company’s common stock during the three months ended December 31, 2018.




Total Number of Shares Purchased



Average Price Paid Per Share



Total Number of Shares Purchased as Part of Publicly Announced Plan



Maximum Number of Shares That May Yet Be Purchased Under the Plan at the End of the Period



















October 1, 2018 to October 31, 2018














November 1, 2018 to November 30, 2018
















December 1, 2018 to December 31, 2018


















Equity Compensation Plan Information


Information regarding stock-based compensation awards outstanding and available for future grants as of December 31, 2018 is presented in the table below. All of the Company’s stock-based compensation plans have been approved by the Company’s stockholders.  Additional information regarding stock-based compensation plans is presented in Note 13 – Stock-Based Compensation in the notes to consolidated financial statements included in Item 8. Financial Statements and Supplementary Data located elsewhere in this report.















Plan Category


Number of Securities to be Issued Upon Exercise of Outstanding Options, Warrants and Rights



Weighted Average Exercise Price of Outstanding Options, Warrants and Rights



Number of Securities Remaining Available for Future Issuance Under Equity Compensation Plans (Excluding Securities Reflected in Column(a))


Equity compensation plans approved by

   security holders













Performance Graph

The Company’s performance graph is incorporated by reference from “Company Performance” contained on the last page of this 10-K report.







Item 6. Selected Financial Data.

The following table sets forth certain historical consolidated financial data as of and for the five years ended December 31, 2018. The historical consolidated financial data has been derived from our audited consolidated financial statements. The historical consolidated financial data should be read in conjunction with Management’s Discussion and Analysis of Financial Condition and Results of Operations and our audited consolidated financial statements and the related notes included elsewhere in this report.




At and for the Year Ended December 31,




















(Dollars in thousands, except per share data)


Income Statement Data





















Net interest income





















Provision for loan losses





















Noninterest income





















Noninterest expense





















Net income





















Balance Sheet Data





















Total assets





















Debt Securities





















Total loans (net of unearned interest)





















Allowance for loan losses










































Junior subordinated debentures





















Stockholders’ equity





















Per Common Share Data





















Net income – basic





















Net income – diluted
















Cash dividends





















Book value





















Tangible book value (non-GAAP)(1)


















Reconciliation of Tangible Book Value per Common Share (non-GAAP)(2)





















Stockholders’ equity





















Less goodwill





















Less intangible assets, net





















Tangible stockholders' equity (non-GAAP)





















Common shares outstanding





















Tangible book value per share (non-GAAP)





















Selected Financial Ratios





















Performance ratios:





















Return on average assets





















Return on average stockholders’ equity
















Cash dividends payout ratio





















Net interest spread


















Net interest margin

















Efficiency ratio
















Balance Sheet Ratios:





















Average loans to deposits





















Average earning assets to total assets



















Average stockholders’ equity to average assets
















Asset Quality Ratios:





















Nonperforming and restructured loans to total loans





















Nonperforming and restructured assets to total assets
















Allowance for loan losses to total loans






















Allowance for loan losses to nonperforming and restructured loans

















Net charge-offs to average loans








































(1) Refer to the "Reconciliation of Tangible Book Value per Common Share (non-GAAP)" Table


(2) Tangible book value per common share is stockholders' equity less goodwill and intangible assets, net, divided by common shares outstanding.


This amount is a non-GAAP financial measure but has been included as it is considered to be a critical metric with which to analyze and


evaluate the financial condition and capital strength of the Company. This measure should not be considered a substitute for operating results determined in accordance with GAAP.








Taxable Equivalent Basis

(Dollars in thousands)




December 31, 2018



December 31, 2017



December 31, 2016






























































































































Earning assets:





































Loans (1)





































Securities – taxable





































Securities – tax exempt





































Federal funds sold and

   interest-bearing deposits

   with banks





































Total earning assets





































Nonearning assets:





































Cash and due from banks





































Interest receivable and other






































Allowance for loan losses





































Total nonearning assets





































Total assets










































































Interest-bearing liabilities:





































Transaction deposits





































Savings deposits





































Time deposits





































Short-term borrowings





































Junior subordinated debentures





































Total interest-bearing