2021 ENVIRONMENTAL, SOCIAL AND GOVERNANCE REPORT Enterprise Financial Services Corp Creating Success by Prioritizing Community, Clients and the Environment
A MESSAGE FROM OUR PRESIDENT & CEO As a financial institution dedicated to helping small and midsize businesses thrive, we are aware of the importance of ensuring that our communities — and society as a whole — flourish. We take our role in creating positive contributions to our communities, our environment and society seriously. Since the founding of Enterprise, we have been committed to giving back to our communities. We understand that strengthening our communities and partnering with organizations to support individuals in underserved communities is paramount to our success. We are committed to managing our business and community relationships in ways that positively impact our associates, clients and the places and people around us. One of the strongest societal contributions we can make is to enable economic development in low-income and underserved communities. This Report contains information highlighting some of our initiatives and efforts as well as recognitions of our efforts. For instance, in September 2021, we were selected by the CDFI Fund of the U.S. Department of Treasury to receive a $60 million allocation of New Markets Tax Credits — our fifth allocation — totaling $243 million to date. These tax credits help Enterprise extend our reach and capacity to serve disinvested communities and catalyze economic development. We also know improving the environment is increasingly important to how we, as an organization, contribute to society. We are continuing to advance our understanding of climate change considerations impacting our business and the communities we serve. Our rapid growth over the last five years helped us reach an internal milestone — crossing the 1,000-associate mark. To help us celebrate this moment in our history, we took the opportunity to be intentional toward an environmental cause. We partnered with five organizations — One Tree Planted, Heartland Tree Alliance, Trees Matter, Forest ReLeaf of Missouri and The Nature Conservancy — to plant trees in the regions we serve. In the year since our last ESG report, we’ve continued to make intentional strides in the areas of diversity, equity and inclusion. Our workforce has deepened with diverse associates — 35% of our total associates identify as underrepresented minorities, up from 27% a year ago. Representation of underrepresented minorities on our Board has also increased substantially, from 8% last year to 15% at the end of 2021. Additionally, our Diversity Equity and Inclusion Leadership Council continues its progress in helping maintain and further build an inclusive workplace culture through various initiatives. These accomplishments, along with the completion of two large client integrations related to recent acquisitions, amidst the backdrop of the economic and societal impact of the pandemic, evidence our unwavering commitment to our clients, associates, shareholders and communities. More information about our ESG efforts can be found in the pages ahead. This Report is not comprehensive and will continue to be expanded over time. We are committed to continuous improvement, and we are deeply determined to meet the challenges and opportunities that lie ahead. Jim Lally President & CEO Enterprise Financial Services Corp
TABLE OF CONTENTS Our Guiding Principles 03 I. ESG Governance 04 II. Climate 06 III. Community Involvement 08 IV. Human Capital 12 V. Pandemic Preparedness 18 VI. Additional Important Governance Policies 20 ENTERPRISE FINANCIAL SERVICES CORP 150 N. Meramec Avenue • Clayton, MO 63105 INVESTOR RELATIONS Keene Turner, Executive Vice President & CFO (314) 512-7233 MEDIA Steve Richardson, Senior Vice President, Corporate Communications (314) 995-5695 CONNECT WITH US Facebook Instagram LinkedIn Twitter YouTube
ABOUT THIS REPORT Enterprise Financial Services Corp (“EFSC”) is the holding company for Enterprise Bank & Trust (the “Bank”), a full-service financial institution offering banking and wealth management services to individuals and corporate customers primarily located in Arizona, California, Kansas, Missouri, Nevada and New Mexico. The terms “we,” “us,” “our,” “Enterprise” or the “Company” as used in this Environmental, Social and Governance (“ESG”) Report refer collectively to EFSC, together with its subsidiaries, including the Bank, when or where appropriate. This Report is not comprehensive. It should be read in conjunction with EFSC’s 2021 Annual Report on Form 10-K and, in particular, the “Forward-Looking Statements” and “Risk Factors” sections of the 2021 Annual Report, together with other reports filed by EFSC with the Securities Exchange Commission (“SEC”). Get Our Annual Report
03 OU R GU IDIN G PRIN CIPLES OUR GUIDING PRINCIPLES We take great effort and pride in creating a strong culture. This begins with referring to our “employees” as associates. Additionally, we have a set of Guiding Principles that focus on our culture and decision- making. We work to exemplify these Principles through everyday behaviors, management practices and organizational norms. We utilize a variety of ways to reinforce these principles and to encourage and celebrate associates demonstrating these behaviors, including our Peer-to-Peer Recognition Program. OUR GUIDING PRINCIPLES ARE: ڼ Integrity ڼ Client Success ڼ Accountability ڼ Teamwork ڼ Belonging & Inclusion ڼ Continuous Improvement ڼ Balance ڼ Corporate Citizenship 2021 Award Highlights We were recognized by a variety of organizations for our commitment to our associates and communities. DOING WELL BY DOING GOOD AWARD This award recognizes financial institutions for their dedication to their communities by demonstrating a unique and meaningful approach in leveraging assets and strategies to serve and positively impact them. BEST BANKS TO WORK FOR 2021 Recognized for the fourth consecutive year, we’re proud to be ranked #44 on American Banker’s Best Banks to Work For 2021 list — moving up a full 29 spots since last year! “3+” CORPORATION We were recognized by 50/50 Women on Boards™ as a “3+” corporation with three or more women on our Board of Directors, an important step to achieving gender- balanced and diverse boards. The Mastercard® circles design is a registered trademark of Mastercard International Incorporated.
04 I. ESG GOVERNANCE Our commitment to sustainability begins with the Board of Directors of Enterprise (the “Board”). As the governing body responsible for our general oversight and strategic direction, the Board establishes parameters to ensure that our interactions with society and the environment are considered in connection with all business activities. The Risk Committee of the Board is composed exclusively of independent directors and is responsible for the governance of our Enterprise Risk Management (“ERM”) framework and ESG policies and initiatives. The Risk Committee advises and informs the Board on ESG matters,1 including sustainable management and oversight of climate-related risks. The Risk Committee also oversees the composition and activities of the Risk Oversight and ESG Management Committees, provides direction and makes ESG-related recommendations to management, and reviews and approves ESG disclosures. The ESG Management Committee is a cross-functional group of management associates which assists in developing, implementing and monitoring our ESG strategy. It is also responsible for implementing ESG initiatives and supporting our ESG strategy, including those related to climate-related risks. The Risk Oversight Committee has overall responsibility for monitoring our ERM framework. The ESG Management Committee Chair is a member of this committee and advises the committee on ESG matters. 1 Environmental, health and safety, corporate social responsibility, sustainability and other public policy issues.
I. ESG GOVERN AN CE 05 ERM FRAMEWORK EFSC Board of Directors Risk Committee Risk Oversight Committee ESG Management Committee To ensure a systematic and firm-wide approach to ESG matters, we have integrated the identification, measurement, monitoring and controlling of ESG issues into our existing ERM framework. Specifically, in 2021, the ESG Management Committee identified several risks specifically related to ESG matters. These risks were added to our risk inventory and integrated into our ERM framework. To ensure all associates understand ESG and the related concepts, all associates were required to participate in ESG training in 2021. As our ESG protocol continues to mature, we will continue to incorporate it into our ERM framework. We also have policies and operational procedures designed to promote our sustainability efforts and increase the effectiveness of our risk governance framework. The most significant of these policies are described in more detail in Section VI — Additional Important Governance Policies on page 20. Required ESG training for all associates in 2021
06 II. CLIMATE We understand climate change may present certain risks to our business. With the oversight of our Board and the Risk Committee, we are formulating processes for identifying, measuring and modeling the impact of climate-related risks and their potential significance to our ongoing business operations and long-term value. As we continue to work to understand the risks and expand on and enhance our climate response, we may include specific climate change considerations into our risk management protocol, strategic planning, organizational goals and operational procedures. To better understand our environmental impact and help us identify climate-related business risks and potential opportunities, we have begun to identify the sources of, and measure, the direct and indirect greenhouse gas emissions related to our operations. While we have not experienced material losses from climate change, we are aware of the potential impact to us and our clients and are planning risk mitigation strategies, where appropriate. For instance, the risk to our physical infrastructure from extreme weather conditions is mitigated by our business continuity planning and appropriate insurance coverage. The risk to collateral in our loan portfolios from extreme weather conditions is mitigated by compliance with flood and mortgage hazard insurance coverage, as well as other insurance coverage as applicable.
07 II. CLIM ATEA. CREDIT MANAGEMENT In 2021, we also began working on a framework focused on our credit approach to ESG. In connection with our lending activities, this framework will help us better understand industries that may be more substantially impacted by climate change. As part of our framework, we are working to identify industries and sectors with exposure to climate-related transition and physical risks. Within each sector portfolio, subsectors and specific clients will be impacted differently. For instance, within the Utilities sector, companies that have or are investing in power generation from solar, wind, hydro, nuclear and other low-carbon fuels may benefit from the transition to a low-carbon economy. Within Manufacturing, companies focused on electric vehicle production may similarly benefit. Further, within real estate, coastal areas will likely be negatively impacted while other areas may be positively impacted. For further details on our credit exposure by industry, refer to Loans by Type on page 40 of our 2021 Annual Report on Form 10-K. For a full discussion of risks to our business, see “Risk Factors” in our Annual Report on Form 10-K, including climate-related risk on pages 25–26. B. RECYCLING Our recycling program includes paper, cardboard, aluminum cans and plastic bottles. Recycling stations are provided in our branch locations and operations center, where local haulers support this program. When possible, we strive to reuse electronic equipment. When reuse or resale is not feasible, we recycle using regulated and certified hardware recycling vendors. By using certified vendors, we ensure that our electronic waste is properly managed and that valuable raw materials are recovered and reused. C. GOVERNANCE, METRICS & TARGETS The Risk Committee continues to assess ways to identify and manage the risks posed by climate change to our business. As part of our ESG structure, the ESG Management Committee is responsible for developing, recommending and implementing our climate-related strategy and apprising the Risk Committee of the information necessary to make informed decisions regarding our climate change response. The ESG Management Committee is also tasked with the responsibility of formulating appropriate metrics and targets by which the Risk Committee can evaluate the level of achievement of our climate change- related goals as they continue to evolve. See ESG Governance on page 04 for more information on the oversight structure.
08 III. COMMUNITY INVOLVEMENT We are committed to managing our business and community relationships in ways that positively impact our associates, clients and the diverse communities where we live and work. We have a long-standing history of supporting our communities. Our Community Impact Report provides information and stories about our various community engagement initiatives, including affordable housing, volunteerism, philanthropy, diversity and inclusion, and education. A few examples of our endeavors are described within this section. Get Our Community Impact Report
09 III. COM M U N ITY IN VOLVEM EN T A. COMMUNITY DEVELOPMENT LOANS We actively seek out opportunities to make a real impact in our communities. In 2021, we invested over $1.6 billion in programs designed to promote small business and community development. This includes supporting affordable housing and charitable donations. Our community impact plans come from a collaborative process that includes the participation and consensus of community members with civic and nonprofit stakeholders. We feel that this is the most effective way to deliver what each community needs. A.1 COMMUNITY REINVESTMENT ACT We are subject to the Community Reinvestment Act (“CRA”). The most recent CRA examination was conducted by the FDIC in 2020. The Bank received an overall “Outstanding” rating for this exam. The examination did not identify any evidence of discriminatory or other illegal credit practices for the Bank as a whole. 2021 Highlights $691.1 million in community development loans $961.9 million in CRA small business loans in low- and moderate- income census tracts OVER $850,000 in CRA-qualifying donations and sponsorships A.2 NEW MARKETS TAX CREDIT ALLOCATION In 2021, we were selected by the Community Development Financial Institutions Fund (“CDFI Fund”) of the U.S. Department of Treasury to receive a $60 million allocation of New Markets Tax Credits (“NMTC”) — our fifth allocation totaling $243 million to date. These tax credits help us to fund and subsidize important projects across underserved communities that would otherwise not qualify because of traditional regulatory or credit constraints. Specifically, our allocation goals are to: ڼ Create Jobs — We select businesses across key sectors that are essential contributors to local economies (job producers). We prioritize growth- oriented businesses with the vision and drive to offer quality employment opportunities, such as those in the manufacturing sector. ڼ Provide Access to Community Services — We also invest in essential community service facilities in underserved communities. We prioritize community service facility projects such as behavioral health, early childhood education and job training, and select strategic partners who provide community development support. SINCE OUR FIRST AWARD IN 2010, ENTERPRISE HAS DEPLOYED $183 MILLION OF NMTC ALLOCATIONS INTO 48 PROJECTS SUPPORTING 9,434 JOBS AND BRINGING ESSENTIAL COMMUNITY SERVICES TO MORE THAN 72,000 INDIVIDUALS IN LOW-INCOME COMMUNITIES, ALL WITHIN 14 MONTHS OF RECEIVING EACH AWARD. IN CONJUNCTION WITH THE NMTC- SUBSIDIZED CAPITAL, WE ALSO HELPED BORROWERS SECURE AN ADDITIONAL $345 MILLION TO MEET THE TOTAL COSTS FOR PROJECTS TO HELP STIMULATE LOCAL ECONOMIES THROUGH A DECADE OF ECONOMIC CHANGE. Get Our FDIC CRA Public Evaluation
10 III. COM M U N ITY IN VOLVEM EN T Associates receive up to eight hours of paid time off to volunteer at the 501(c)(3) organization or school of their choice. In addition, many of our associates serve on nonprofit boards and executive committees. Their leadership at these organizations allows them to leverage their skills and gain new ones, and helps to strengthen the organization. In addition to serving at nonprofits, associates also participate in annual holiday drives to gather items such as gifts, food and other items for local nonprofits. In 2021, we donated over $1.9 million to 450 organizations throughout our communities, including $53,000 of associate matches. Enterprise associates spent over 7,600 hours volunteering for the community. B. PHILANTHROPY From smaller nonprofits that help the local community to national organizations like the United Way, the American Heart Association and Ronald McDonald House Charities®, our engagement with our communities goes far beyond banking. Our Company’s charitable giving is guided by principles of diversity, transformation, measurable impact and sustainability and is focused on the following areas of giving: ڼ Human Services — providing food, health/wellness and other products or services contributing to an improved quality of life, particularly for individuals in low- and moderate-income communities; ڼ Education and Job Training — providing financial education, job training and other career development programs; ڼ Community and Economic Development — providing services related to access to affordable housing, homeownership and credit counseling, and the creation/growth of small businesses and jobs; and ڼ Community Arts — offering cultural enrichment and artistic education. Enterprise also supports the charitable giving of our associates by matching associate contributions to eligible 501(c)(3) organizations. All current full-time or part-time associates of the Company are eligible to participate. We also actively encourage all associates to volunteer time to support and serve the communities in which they live and work.
C. FINANCIAL INCLUSION & CAPACITY BUILDING We know the importance of investing in the communities which provide us with the clients and associates who are the foundation of our success. Accordingly, we have developed several programs and products to support low-income and unbanked or underbanked clients in our local communities,2 including: ڼ Community Connection Advisory Board — This committee of independent community leaders helps guide our CRA Program and philanthropic initiatives. ڼ Opportunity Checking — This checking option is a transitional account to help individuals rebuild their credit. ڼ Welcome Home Down Payment Assistance — These grant programs are designed to improve homeownership opportunities in majority- minority neighborhoods. ڼ Non-Resident Lending Program — This program provides residential mortgages and other consumer loan products to non-U.S. residents or temporary residents who meet certain eligibility requirements. ڼ Bilingual Branch and Support Staff — We have bilingual retail staff and client service personnel to help serve our diverse clients. ڼ Financial Education/ Outreach — Our financial education resources include educational videos and other training available on our website through our partnership with EVERFI, an education technology company that provides learners of all ages education for the real world through innovative and scalable digital learning. We also have dedicated community development officers who offer one-on- one and small group financial education on various topics, such as budgeting, improving credit scores and becoming a home buyer. IN 2003, WE LAUNCHED , WHICH HAS PROVIDED TRAINING COURSES ON A VARIETY OF BUSINESS TOPICS — HELPING MORE THAN 31,000 COURSE ATTENDEES IMPROVE THEIR PERFORMANCE AND DELIVER GREATER VALUE TO THEIR ORGANIZATIONS. WE ALSO OFFER A COLLEGE EDITION AND ON- DEMAND OPTIONS. ENTERPRISE UNIVERSITY HAS BECOME AN INTEGRAL PART OF OUR COMMUNITIES AND IS OFFERED TO CLIENTS AND NONCLIENTS AT NO COST. 2 Some financial inclusion programs are region-specific based, in part, on community needs. III. COM M U N ITY IN VOLVEM EN T 11 ENTERPRISE UNIVERSITY
12 IV. HUMAN CAPITAL Several of our Guiding Principles focus on our associates and the communities in which they work and live. We focus on creating an open, diverse and transparent culture that celebrates teamwork and recognizes associates at all levels. We expect and encourage participation and collaboration, and understand that we need each other to be successful. We value accountability because it is essential to our success, and we accept our responsibility to hold ourselves and others accountable for meeting shareholder commitments and achieving exceptional standards of performance. We also believe in supporting our associates to achieve a work-life balance.
13 IV. H U M AN CAPITAL QUARTERLY TOWN HALL MEETINGS KEEP ASSOCIATES INFORMED. FEEL GOOD FRIDAY VIDEOS FROM OUR CEO RECOGNIZE THE GOOD DEEDS AND ACHIEVEMENTS OF OUR ASSOCIATES AND HELP BUILD CULTURE, CONNECTION AND PURPOSE. A. ATTRACTING AND RETAINING TALENT Our goal is to offer careers to our associates, not just jobs. At December 31, 2021, we employed 1,032 regular full-time and 43 part-time associates. We also employ a small number of seasonal/ temporary associates and occasionally hire independent contractors for specific projects that require a highly specialized skill set or to provide additional resources during peak times, as needed. Our performance measures and compensation determinations are designed to ensure the proper balance of risk and reward. Performance evaluations facilitate our ongoing assessment of associates’ skills and improvements as needed. We use annual talent reviews to identify high-performing associates and future potential leaders, provide insight into critical development needs and retention risks, and identify business-critical talent needs, including anticipated workforce planning challenges. Additionally, we have established succession plans to ensure continuation of critical roles and operations. We are committed to offering a competitive total compensation package. We regularly compare compensation and benefits with peer companies and market data, making adjustments to compensation as needed to ensure we stay competitive. In 2021, we raised our internal minimum wage to $16 per hour to maintain a competitive total rewards package that attracts and retains top talent. This decision was made after extensive research, including reviewing the current market landscape both inside and outside of banking and financial services, and with feedback from leadership. # OF ASSOCIATES3 At December 31, 2021 95% Regular full-time 4% Regular part-time 1% Seasonal/Temporary 3 Associates Employment Status Classifications • Regular Full-Time Associates — Associates who work at least a 32- hour workweek for an indefinite period of time. All regular full-time associates are eligible for all employment benefits generally provided by Enterprise to our associates in general. • Regular Part-Time Associates — Associates working less than a 32-hour workweek for an indefinite period of time. Depending on the average hours worked per week, regular part-time associates may be eligible for limited employment benefits as specified in the terms of the particular employment benefit plan or policy. • Seasonal/Temporary Associates — An associate who is hired as an interim replacement, to temporarily supplement the workforce or to assist on the completion of a specific project. Employment assignments in this category are of a limited duration. This definition excludes individuals supplied under contract by an outside agency.
IV. H U M AN CAPITAL 14 ATTRACTING AND RETAINING TALENT, Continued We also offer a wide array of benefits for our associates and their families, including: ڼ Health Benefits — We offer comprehensive medical, dental and vision benefits, as well as life insurance and short-term disability insurance for all full-time associates. ڼ Wellness Program — Our wellness program offers financial rewards to associates who adopt healthy habits and participate in wellness education and health screenings. Annual health screenings are provided to all associates at no charge. As part of our wellness package, all associates are entitled to free mental health support. ڼ Parental Leave — We offer paid leave for both primary and secondary caregivers. ڼ 401(k) Plan — Our 401(k) plan includes a competitive Company match. ڼ Employee Stock Purchase Plan — Our plan enables eligible associates to accumulate up to $25,000 of Company stock per year at a 15% discount to the market price. ڼ Volunteer Time Off — Associates receive up to eight hours of paid time off to volunteer at the 501(c)(3) organization or school of their choice. ڼ Corporate Charitable-Matching Opportunities — The Company supports associate charitable giving by matching associate contributions to eligible 501(c)(3) organizations. All current full-time or part-time associates of the Company are eligible to participate. ڼ Time Off — Associates receive paid time off, holidays and bank holidays. ڼ Training & Development — Internal training and online development courses covering a wide variety of topics are offered to all associates. ڼ Tuition Assistance — Eligible associates may receive reimbursement to pursue additional formal education to enhance knowledge and skills, thus improving potential for future opportunities. Quarterly Awards ASSOCIATES CAN NOMINATE THEIR FELLOW ASSOCIATES WHO DEMONSTRATE ANY OF OUR CORE PRINCIPLES IN DELIVERING A REMARKABLE EXPERIENCE TO AN EXTERNAL OR INTERNAL CLIENT. WINNERS ARE RECOGNIZED AT THE QUARTERLY TOWN HALLS.
IV. H U M AN CAPITAL 15 B. DIVERSITY, EQUITY & INCLUSION We believe that diversity of thought and experience results in better outcomes and empowers our associates to make more meaningful contributions within our Company and communities. We continue to learn and grow, and our current initiatives reflect our ongoing efforts around a more diverse, inclusive and equitable workplace. We believe that diversity helps us build better teams and improve our client experience, leading to greater success for Enterprise and our shareholders. Our diversity data is monitored by the Compensation Committee and is also shared with the Board. We have made progress in this area, but continue to strive to further diversify our workforce and strengthen our culture of inclusion. The following is based on associate and director self-identification. Female Underrepresented Minorities At December 31, 2021 2020 2021 2020 EFSC Board of Directors 23% 23% 15% 8% Total Associates 66% 67% 35% 27% Executive Leadership* 14% 14% 14% 14% Leadership† 47% 49% 21% 21% * Executive Leadership represents associates who are SEC Section 16 filers. † Leadership is comprised of associates (excluding Executive Leadership) who serve on key strategic and/or operational management committees which are responsible for providing directional leadership in achieving the Company’s vision, mission and financial goals, fostering an equitable and inclusive culture for all associates and clients, oversight of new or enhanced products, systems and projects, and monitoring and mitigating current and anticipated risk issues facing the organization.
16 IV. H U M AN CAPITAL DIVERSITY, EQUITY & INCLUSION, Continued Our Diversity, Equity & Inclusion Leadership Council and our Black Heritage Connections Group are tasked with making recommendations on specific steps we can take to ensure we are driving positive change in our communities. In addition, we have several associate development programs that help to create a more inclusive environment by giving associates and other individuals of all backgrounds additional opportunities to succeed and contribute. These programs include: ڼ Career Acceleration Program — This trainee program allows participants to experience a wide range of assignments by rotating through the various product partners and operational areas of the Company. Upon successful completion of the program, the associate is placed in a role that aligns with their strengths and talents and helps meet the needs of our organization. ڼ Gateway to a Banking Career — This program provides training for jobs as tellers and customer service representatives, job interview practice and job placement assistance. It is a joint effort with two other St. Louis-based financial institutions. Upon successful completion of the program, participants receive a small stipend and are guaranteed an interview with one of the program sponsors. ڼ Empower & Enlighten — This program pairs our senior leaders with midlevel female and underrepresented minority associates in order to foster an environment of mutual understanding, to remove generational boundaries and implicit biases, and to build the bridges that connect people to opportunity. ڼ Business Resource Groups — These groups bring together associates with a shared identity, interest or goal to create community and opportunities for improvement and engagement. C. SOLICITING FEEDBACK For more than 20 years, we have conducted annual associate surveys to ensure that we understand what is important to our associates. They are asked to share their opinions on a variety of topics. Many changes have been made as a result of the survey results, including the adoption of a volunteer time off policy and improvements to internal communication processes. Our mission of guiding people to a lifetime of financial success starts and is sustained with engaged associates who take pride in working for us. In late 2021, we conducted a survey specifically directed at gaining a better understanding of our culture and our associates’ experiences. We believe this is especially important to understand as we have grown into new markets and welcomed new associates. The survey was designed to give management insight into our culture’s strengths and opportunities. Additionally, we utilize small group setting programs, where management regularly meets with associates across the organization for informal discussion and open forum on topics that are top of mind for the attendees. Through our continued use of surveys and other forms of collecting associate feedback, we can continue to understand, grow and enhance our culture to facilitate a “best place to work” environment. 82% OF ASSOCIATES responded to the culture survey FOR THE PAST FOUR YEARS, WE HAVE BEEN INCLUDED IN THE Best Banks to Work For LIST BY AMERICAN BANKER MAGAZINE FOR OUR DEDICATION TO ASSOCIATE SATISFACTION.
17 IV. H U M AN CAPITAL D. ASSOCIATE TRAINING We encourage and support the growth and development of our associates and seek to fill positions by promotion and transfer from within the Company. Ongoing learning and career development is advanced through annual performance reviews and development conversations between associates and their managers. Additionally, we provide internally developed training programs, customized corporate training engagements and educational reimbursement programs to further develop associates’ skills. We have a designated training department and maintain extensive training programs ranging from entry to manager level. In addition to job-specific training, we require that all associates complete mandatory annual courses. We update training as needed to respond to regulatory changes, industry events and evolving risks. Completion of mandatory training is a condition of continued employment at Enterprise; new hires must complete training within 30 calendar days from their start date, and then again annually along with all other associates. The mandatory annual associate training courses are listed below. Additional business unit-specific training is required for certain functions and roles within our Company. Associate Mandatory Training: ڼ Bank Security and Money Laundering ڼ Business Continuity Planning ڼ Enterprise Risk Management ڼ Environmental, Social and Governance ڼ Fair Lending ڼ Handling Complaints ڼ Identity Theft ڼ Data Security and Privacy ڼ OFAC Compliance ڼ Preventing Sexual Harassment ڼ Protecting Seniors from Financial Abuse ڼ Understanding Unfair, Deceptive or Abusive Acts or Practices (UDAAP) 12,000 mandatory and 4,400 job-specific online training sessions completed by associates in 2021 E. HEALTH & SAFETY Our formal Health and Safety (“HS”) Policy mandates all tasks be conducted in a safe and efficient manner and comply with all local, state and federal safety and health regulations, and special safety concerns. Our HS Policy encompasses all facilities and operations and addresses on-site emergencies, injuries and illnesses, evacuation procedures, cellphone usage and general safety rules. Additionally, our Business Continuity Planning (“BCP”) policy and related plans are an important component in helping to maintain the health and safety of our associates and clients. Our plans provide detailed responses to enable continued operation as well as to help safeguard associates and clients in a variety of situations, including emergencies and weather-related events. The plans are site specific to account for varied situations that each location may experience and the difference in each facility layout. They are reviewed and updated at least annually, and periodic drills are conducted on the plans. As part of our BCP program, we provide a variety of safety training to associates, including CPR and weather-related training for fires, tornadoes, earthquakes and other natural events. Our BCP program also focuses on communication as a critical tool in our efforts to maintain a safe work environment. As part of our BCP program, we use an interactive communication tool that allows for bi-directional messaging with all associates in the event of emergencies and other time-sensitive events. The system, which can be accessed through associates’ mobile devices, is used to provide emergency notifications and allows management to monitor associates’ safety through their responses. In 2021, Enterprise had no injuries or occupational diseases and no work-related fatalities.
18 V. PANDEMIC PREPAREDNESS Our priority throughout the COVID-19 pandemic is to protect the health and safety of associates and clients while remaining operational. We are abiding by federal, state and local governmental guidelines as we balance public health concerns with the needs of our business. We continue to follow our Business Continuity Plan and Pandemic Plan and have been able to successfully navigate the pandemic with no significant interruptions. Beginning in March 2020, the rollout of these plans resulted in adjustments to our branch operations, including, but not limited to, lobby and drive-thru hours as well as physical access and having associates work remotely whenever possible. The plans require daily oversight and regular monitoring of each of our geographic markets in order to properly navigate this complex and ever-changing environment. As of the date of this Report, the majority of our associates continue to work remotely. Throughout 2021, associates unable to work remotely due to essential job functions requiring on-site attendance (“on-site essential”) and other associates with the occasional need to be present in one of our facilities were required to complete a Daily Health Questionnaire prior to arrival at their work location, and managers of those associates were responsible for reviewing the completed questionnaires on a daily basis to ensure associates were not reporting to work with COVID-19 symptoms. We continue to adapt our pandemic procedures as federal, state and local guidelines and requirements evolve.
19 V. PAN DEM IC PREPAREDN ESS As of the date of this Report, our pandemic procedures also include the following: ڼ On-Site Precautions — For the health and well-being of coworkers and clients, anyone with suspected exposure is not permitted to enter any of our facilities, and associates who meet certain criteria are required to self-quarantine for a time period consistent with applicable health guidance. ڼ Exposure Reporting — Associates are required to report any confirmed, potential or suspected exposure to COVID-19 to their manager and complete a COVID-19 Associate Questionnaire immediately upon knowledge of such exposure. ڼ Business Travel — Nonessential business travel is generally prohibited, and essential business travel must be approved in advance by a member of senior management. The Company expects all associates to use good judgment, follow CDC and local guidance and to refrain from travel and behaviors that will put other associates at risk. It is recommended that individuals that are not vaccinated and/or not up-to-date with COVID-19 vaccines obtain a COVID test 3-5 days after any type of travel and self-quarantine for a full 5 days after travel. Associates are required to attest to the pandemic procedures on a monthly basis. Paycheck Protection Program (PPP) loans IN 2020 AND 2021, WE ORIGINATED APPROXIMATELY 9,300 PPP LOANS TOTALING OVER $1.8 BILLION.4 73% OF THE PPP LOANS WERE FOR $150,000 OR LESS. FOR MORE INFORMATION ABOUT OUR PPP EFFORTS, SEE OUR ANNUAL REPORT ON FORM 10-K. A. LONG-TERM IMPLICATIONS The primary risks associated with a long- term pandemic center around the economic consequences to our clients, our physical infrastructure and the health and safety of our associates. These risks are mitigated by our decision to maintain a broad client base across many different industry sectors and markets and our ability to remain productive in a remote working environment. We have learned that many job functions are ideal for remote work and can be effectively accomplished remotely. As a result, we have begun developing and implementing policies and procedures for a variety of working arrangements such as on-site, hybrid (associates on-site a portion of the workweek) and remote. The policies and procedures will cover a wide variety of areas including recruiting, compensation, culture and associate experiences, as well as training and development, including management effectiveness. The benefits of these new working arrangements include decreases in infrastructure costs, access to a wider pool of talent and more flexibility for associates. These changes may also result in increases in costs related to technology and equipment necessary to support the working arrangements. Refer to Risks Related to the Pandemic on pages 12–13 of our 2021 Annual Report on Form 10-K for more information on the impact of the pandemic to our business. Pages 34–36, 41–42, 44–46, 49, 84, 88 and 100 of our 2021 Annual Report on Form 10-K provide information on the impact of the pandemic to our financial results. 4 Includes PPP loans originated by Seacoast Commerce Banc Holdings and its wholly owned subsidiary, Seacoast Commerce Bank, which was acquired by Enterprise on November 12, 2020, and First Choice Bancorp and its wholly owned subsidiary, First Choice Bank, which was acquired by Enterprise on July 21, 2021.
20 VI. ADDITIONAL IMPORTANT GOVERNANCE POLICIES We have a robust set of governance policies to guide the operation of our business in a socially responsible way. We not only operate in a highly regulated environment and seek to comply with the laws and regulations applicable to our businesses, but we also strive to operate with integrity and accountability consistent with our Guiding Principles.
21 VI. ADDITION AL IM PORTAN T GOVERN AN CE POLICIES A. CODE OF ETHICS The honesty, integrity and sound judgment of our associates and Board are essential to our reputation and success. As a Guiding Principle for our business, integrity of our relationships (including our relationship with our society and our environment) is essential to our continued success as a leading financial services provider. One of our most important tools for maintaining integrity is our Code of Ethics. All associates and directors receive training on our Code of Ethics upon joining the Company. Annually, each associate and director must certify their understanding of, and compliance with, our Code of Ethics. Under our Code of Ethics, all associates and directors are required to report any known or suspected violations or illegal or unethical behavior or activity, including conflicts of interest that involve Enterprise or our associates. Individuals who become aware of any suspicious activity or behavior, including concerns regarding questionable accounting or auditing matters, are required to report these circumstances and any potential violations of laws, rules and regulations of our Code of Ethics to the general counsel or they may file a report using our Ethics and Compliance Hotline. The Code of Ethics is administered and monitored by our General Counsel. The Nominating and Governance Committee of the Board annually reviews the Code of Ethics and recommends any changes to the Board for approval. 100% OF OUR ASSOCIATES certified to our Code of Ethics in 2021 A.1 WHISTLEBLOWER PROTECTIONS We have an Ethics and Compliance Hotline, through a third-party provider, that can be used to report alleged violations of our Code of Ethics or other suspicious activity. Violations can be reported by phone or online 24 hours a day, 7 days a week. Reports to the hotline via phone or the website can be made on an anonymous and confidential basis. All allegations of unlawful or inappropriate behavior are promptly investigated. Our Audit Committee receives regular summaries of all matters submitted to the Ethics and Compliance Hotline. Under the Sarbanes-Oxley Act as well as our Code of Ethics, retribution, in any form, direct or indirect, against anyone who in good faith reports transactions or activities under the Code of Ethics is not tolerated. Management is not aware of any violations of whistleblower regulations in 2021. A.2 HARASSMENT PROHIBITION AND PROHIBITION ON ILLEGAL DISCRIMINATION Enterprise prohibits and does not tolerate any workplace harassment or discrimination based on the factors protected under applicable federal, state or local law. Our policies and procedures confirm this stance and protect associates against any such actions in any forms. The Company prohibits any form of retaliation against any associate for making a good faith complaint about harassment, reporting a possible incident of harassment or for cooperating in the investigation of a complaint. Associates are required to attest and agree to comply with our Harassment Prohibition policy and our Equal Employment Opportunity policy as conditions of employment. Additionally, all associates receive annual harassment prevention training which is designed to engage and educate associates on understanding, identifying and responding to workplace harassment. Get Our Code of Ethics
22 VI. ADDITION AL IM PORTAN T GOVERN AN CE POLICIES CODE OF ETHICS, Continued A.3 ANTI-BRIBERY AND CORRUPTION Our Code of Ethics prohibits associates from engaging in bribery or corruption of any type and expressly prohibits associates from giving gifts to or accepting gifts from government officials. Cash and checks may not be accepted from our clients or suppliers, regardless of the amount. Gifts that may appear to compromise business judgment are also not permitted. In 2021, Enterprise was not subject to any legal or regulatory fines, or settlements associated with violations of bribery, corruption or anti-competitive standards. A.4 GOVERNMENT RELATIONS Our business conduct reflects our policy of non- partisanship. In 2021, we did not support any employee-funded PACs, nor did we contribute any corporate funds to candidates for public office or political parties or use corporate funds to make independent political expenditures. All associates are encouraged to participate in the political process, and we respect the rights of associates to support issues and candidates of their choosing. We did not receive any financial assistance in the form of grants from the U.S. government in 2021. A.5 HUMAN RIGHTS Honoring and affirming protections for human rights is embodied in our Guiding Principles and our mission. We are staunchly opposed to child labor, forced labor and human trafficking of any kind, and are in the process of evaluating and adopting a formal policy that will reflect our commitment to do our part to end these abhorrent practices. We do not knowingly engage with companies or take part in transactions in which a client is involved in the use of child labor, forced labor or human trafficking. Further, as part of our Bank Secrecy Act program (described on page 25), we utilize technologies to aid us in identifying potential human trafficking and elder abuse activities in order to avoid supporting those engaged in these practices.
23 VI. ADDITION AL IM PORTAN T GOVERN AN CE POLICIES B. PERFORMANCE MANAGEMENT & COMPENSATION Our Compensation Committee, consisting exclusively of independent directors, oversees our compensation philosophy, including our centralized performance management and executive compensation programs. Our compensation philosophy is to provide competitive compensation that rewards performance and risk management. We develop and administer compensation programs consistent with the following principles: ڼ Compensation will include a substantial performance-based component that is: ڿ Based on clearly defined goals, ڿ Aligned with measurable business results, appropriate risk management and increase in shareholder value, and ڿ Linked to successful implementation of our business plan. ڼ Compensation is designed to attract, motivate and retain top talent. ڼ Compensation will be fair and market-competitive. As part of their ongoing oversight, our Compensation Committee considers ESG issues in establishing compensation plans. Our compensation philosophy and policies will be described in more detail in our 2022 Proxy Statement. ڼ Incentive Compensation Plans — We utilize incentive plans (“Incentive Compensation Plans”) to reward associate performance commensurate with the financial results and risk appetite of the Bank. Incentives are tied to a balanced mix of relationship deepening, client care, our financial results and operational excellence. ڼ Sales Programs — We develop and utilize sales incentive programs or referral programs (“Sales Programs”) designed to reward individuals who help achieve specific business goals. Under no circumstance will we open an account or provide a service without the consent of the client. Our Sales Program policy contains the procedures, internal controls and day-to-day audit process to be followed to help ensure the sales of all products and services are executed under the direction of the client. These programs are generally subject to caps that limit our exposure, and each of these programs can be canceled by Enterprise at any time. Risk management practices regarding incentive compensation are further addressed by the Compensation Committee through its engagement of outside counsel in conducting an annual risk assessment of all equity plans and Sales Programs. This review is performed to ensure that associates are not being incentivized to take excessive risks. In addition, periodic risk-based audits of certain compensation programs are conducted by our Internal Audit department. ڼ Retail Staff — Associates in branches are primarily paid salary or an hourly wage. In addition, retail sales staff and managers receive a nominal amount per account opened based on the type of account. The average incentive, including both Incentive Compensation Plan and Sales Program payments for associates in primary retail sales roles, is approximately 2% of total remuneration.
24 VI. ADDITION AL IM PORTAN T GOVERN AN CE POLICIES PERFORMANCE MANAGEMENT & COMPENSATION, Continued ڼ Mortgage Loan Originators — Mortgage loan originators are paid a mix of salary, bonuses and commissions to align associate and shareholder interests consistent with our business strategy. The payments are based on a combination of loan production, loan quality and compliance. See Discriminatory Lending below for more information on our mortgage lending practices. In 2021, Enterprise had no material losses resulting from legal proceedings associated with selling and servicing of products or legal proceedings associated with communications to customers or remuneration of loan originators. For disclosures of material legal proceedings, refer to “Item 3: Legal Proceedings” on page 27 and Note 14 on page 101 of our 2021 Annual Report on Form 10-K. C. ERM FRAMEWORK — THREE LINES OF DEFENSE Risk management is a key part of our corporate culture. Our ERM framework is designed to help ensure rewards realized are commensurate with risks taken, to safeguard our financial strength in order to satisfy our obligations to clients, to create sustained value for our shareholders and to protect our reputation. Our ERM framework is structured to proactively identify, assess, control, monitor, test and report risks applicable to each business line. The framework uses a “Three Lines of Defense” approach. While each line of defense has specific roles and responsibilities, each also works together as a key element of our overall ERM framework and not as three individual elements. This integrated risk management approach is built on strong relationships and willing partnerships, promoting greater coordination and communication among the three lines and strengthening independent oversight by both Risk Management and Internal Audit. ڼ The “First Line of Defense” includes business line management who own and have primary responsibility for managing their risks. Each business line is accountable for all risks associated with its activities and for current and emerging risk identification, measurement, assessment, control, mitigation, monitoring and reporting. ڼ The “Second Line of Defense” includes independent and risk assurance functions that are integral to our control framework. The functions are responsible for (1) maintaining a Company- wide view of current and emerging risk exposures; (2) developing, reviewing and implementing our risk management framework; (3) reporting on risk appetite and limit breaches; and (4) ensuring coordination and consistency in the application of an effective risk management approach. Summaries of the activities of these functions are provided to the Risk Committee. ڼ The “Third Line of Defense” includes Internal Audit. The Internal Audit department operates in accordance with the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing and our Code of Ethics. As part of their annual audit plan, Internal Audit conducts independent reviews of the first two lines of defense.
25 VI. ADDITION AL IM PORTAN T GOVERN AN CE POLICIES D. BANK REGULATORY COMPLIANCE PROGRAM As a state and federally regulated financial institution, Enterprise is subject to extensive regulatory oversight. Our bank regulatory compliance program is designed to ensure compliance with all applicable banking laws and regulations. Our program includes the use of a risk-based monitoring schedule guided by our annual compliance risk assessment, which incorporates internal and third-party reviews and audits. The program also includes a complaint review and management process, an associate compliance training program and reviews of our products, programs and services. Areas covered by the compliance program include, but are not limited to, Unfair Deceptive Acts or Abusive Practices risk, Home Mortgage Disclosure Act (HMDA) and Community Reinvestment Act data submissions, as well as Fair Lending reviews. See Associate Training on page 17 for a list of mandatory associate training programs including Compliance courses. Annually, a compliance risk assessment is completed pursuant to our ERM framework. The compliance risk assessment evaluates the inherent and residual risks of the laws and regulations with which we are required to comply (i.e., in all jurisdictions where we conduct business), as well as critical organizational policies. See ERM framework on page 05 for more information. D.1 BANK SECRECY & ANTI-MONEY LAUNDERING Under the direction of our Bank Secrecy Act (“BSA”) Officer, all associates receive annual BSA training. The degree of training provided to each associate varies depending on the associate’s position and responsibilities. Training includes money laundering detection procedures and our Know Your Customer procedures. In addition, an overview of BSA requirements is given to all new associates as part of our new-hire training. Our BSA program also leverages technology to aid in the identification of suspicious and/or illegal activities, including, among others, money laundering, human trafficking and elder abuse. Annually, an independent audit of our compliance with the BSA and Anti-Money Laundering program is conducted under the direction of Internal Audit.
VI. ADDITION AL IM PORTAN T GOVERN AN CE POLICIES 26 BANK REGULATORY COMPLIANCE PROGRAM, Continued D.2 FAIR LENDING Our commitment to fair lending is a cornerstone of our culture and is clearly articulated in our Fair Lending Policy. We are committed to fairly and consistently meeting the credit needs of our clients, including fair and nondiscriminatory access to credit products, terms and conditions, and services throughout the entire credit life cycle. Bank directors and all associates involved in retail, business and commercial banking, processing, underwriting, loan origination, servicing and collection activities participate in mandatory Fair Lending training on an annual basis. D.3 SAFEGUARDING AGAINST DISCRIMINATORY LENDING In order to meet the needs of our broad client base, we offer a variety of residential mortgage products, including government loans, in several of our markets. The majority of originated residential mortgages are investment-quality real estate loans which are sold to investors “servicing released” in the secondary market. Whether intended for sale in the secondary market or held in our portfolio, all residential mortgage loans must be evidenced by a sound source of repayment and documented equity in the property being financed. Residential mortgage loans to be sold in the secondary market are underwritten and documented using a base of Freddie Mac, Fannie Mae, FHA, VA or USDA procedures, followed by any specific secondary-market investor requirements. Mortgages that do not meet secondary market criteria or by investment choice may be held in our portfolio. In these situations, Enterprise is considered an “investor,” and the mortgage is underwritten by associates in our consumer channel using our consumer underwriting criteria. We maintain formal Mortgage Banking Guidelines and operate in compliance with all applicable federal, state, and local laws and regulations governing consumer lending and real estate, including the Equal Credit Opportunity Act and the Fair Housing Act. All credit policies related to consumer mortgages are periodically reviewed and modified as necessary to stay abreast of general economic conditions, money market conditions, our financial position, changes in loan demand and changes in the competitive landscape. Routine reviews of mortgage lending are performed to assess compliance with applicable laws and regulations. Our procedures ensure mortgage loan officers, underwriters and management are adequately trained on consumer lending and real estate laws and regulations, and mortgage personnel comply with the Canon of Ethics and Standards of Practices of the Mortgage Bankers Association of America. Periodic risk-based audits of our mortgage operations are conducted by our Internal Audit department or a third-party firm. All denied residential mortgage loan applications are subject to a second-level review. This process assures that all requests for credit are fairly evaluated as outlined in the Equal Credit Opportunity Act, the Fair Housing Act, the Community Reinvestment Act, the Home Mortgage Disclosure Act and internal policies. In addition to the initial underwriting process for the original mortgage application, the second review process
27 VI. ADDITION AL IM PORTAN T GOVERN AN CE POLICIES BANK REGULATORY COMPLIANCE PROGRAM, Continued allows an underwriter the opportunity to determine if the borrower could be approved under an alternative mortgage program offered by us. ڼ For mortgages originated for sale in the secondary market, we add a standard margin to the agency- or investor-based pricing. This standard margin is managed through the use of a pricing engine software program that allows us to aggregate and manage loan pricing. ڼ Pricing for residential mortgages held in our portfolio is risk-based, utilizing a base rate with a standard spread and various pricing adjustments for size of mortgage, term and other factors not otherwise prohibited by applicable law. In 2021, Enterprise had no material losses resulting from legal proceedings associated with discriminatory mortgage lending. For disclosures of material legal proceedings, refer to “Item 3: Legal Proceedings” on page 27 and Note 14 on page 101 of our 2021 Annual Report on Form 10-K. D.4 MARKETING MATERIAL & DISCLOSURES In accordance with our Corporate Marketing Policy, our marketing materials and product disclosures are provided in a clear, conspicuous, legible and reasonably understandable manner. This includes providing accurate descriptions of our products or services and any applicable terms and conditions. Marketing communications sent via email include a clear and conspicuous explanation of how the recipient can opt out of future marketing emails from us. In 2021, Enterprise was not subject to any legal or regulatory fines, settlements, or enforcement actions associated with false, deceptive, or unfair marketing, labeling, and advertising. E. CUSTOMER PRIVACY & DATA SECURITY We are committed to respecting the individual privacy of our clients. While we do share information between our affiliated companies for our everyday business purposes, clients are offered an opportunity to limit other types of affiliate sharing and/or use. Clients can opt out of telemarketing, email and direct mail marketing. Our customer privacy policies and procedures are designed to comply with the consumer privacy protection rules mandated by Section 504 of the Gramm-Leach-Bliley Act (“GLBA”), the Fair Credit Reporting Act (“FCRA”), Regulation P — Privacy of Consumer Financial Information and applicable state privacy laws that impose certain notice requirements and restrictions on our ability to disclose nonpublic personal information about consumers to affiliates and nonaffiliated third parties. Refer to Technology and Cybersecurity Risks on page 23 of our 2021 Annual Report on Form 10-K for more information on our approach to privacy and our approach to data security risks. In 2021, Enterprise had no material losses as a result of legal proceedings associated with incidents relating to customer privacy. For disclosures of material legal proceedings, refer to “Item 3: Legal Proceedings” on page 27 and Note 14 on page 101 of our 2021 Annual Report on Form 10-K. E.1 DATA SECURITY GOVERNANCE Our Information Security (“IS”) Program consists of policies, procedures and guidelines to ensure the security, availability and confidentiality of client information. The IS Program is conducted under the direction of the Chief Information Officer (“CIO”). The Operations Technology Committee of the Bank Board oversees the IS Program and receives quarterly reports from the CIO and Information Security associates. For risk oversight purposes, the quarterly reports are also shared with our Risk Committee, which is composed exclusively of independent directors. At least annually, our Board receives IS reports which summarize new and emerging cybersecurity trends, trends in type, frequency and origination of attacks, and the effectiveness of our IS Program in mitigating cybersecurity threats. Three of the seven members of the Operations Technology Committee have information security experience. Get Our Customer Privacy Policy Get Our Online Privacy Policy
CUSTOMER PRIVACY & DATA SECURITY, Continued We hire IS associates and consultants, as applicable, with the appropriate skills, certifications and knowledge to implement and oversee the procedures and processes of our IS Program and to adequately manage and enforce our IS policies, procedures and guidelines. While all vendors are subject to our Vendor Management due diligence process, those with access to our data and data centers are subject to more rigorous initial and ongoing due diligence. This includes reviews of Service Organization Control 2 (“SOC2”) reports, information security policies, vulnerability and penetration tests, human resource policies such as background checks and training, and business continuity plans. As part of the ongoing maintenance and development of our IS Program, we assess the various risks associated with the unauthorized access or loss of client information and the quality of security controls as prescribed by the Federal Financial Institutions Examinations Council (“FFIEC”) and the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework. Our IS risk assessments are prepared in conjunction with our ERM framework, and the results are used to develop strategies to minimize risk to information assets. Our systems are monitored 24/7 for cybersecurity threats, and we utilize a variety of tools to reduce the risk of data breaches. Significant threats relating to information security are directed to Management for further discussion and determination of next steps. We maintain an Incident Response Plan which outlines the steps to be taken in the event of an information security incident, which could include a potential or actual data breach. The plan identifies a designated team, including associates and third-party experts responsible for the response, and summarizes the steps, including escalation protocol, for determining whether a breach has occurred and the nature and scope of the breach (if applicable). The plan also summarizes protocol for notifying impacted persons, which may include clients, as well as other applicable agencies or persons, including law enforcement and regulatory authorities. E.2 DATA SECURITY AUDITS AND REVIEW At least annually, we conduct a third-party information security penetration audit focusing on internal and external network security protocols, as well as internally managed ad hoc testing as needed. Simulations and tabletop testing of our business continuity and Incident Response Plans are performed on a routine basis in order to test and assist with our associates’ familiarity and preparedness for a security event. The processes and controls related to data security are periodically tested by the IS department and Internal Audit. Audits may also be performed at the request of the CIO, the Director of Internal Audit, Management or our Board. Audit results are presented to the Board, or a committee thereof. E.3 DATA SECURITY EDUCATION At least annually, the IS Program, including its effectiveness, is reviewed by our Boards, or a committee thereof. Annually, all associates participate in training on data privacy provisions and policies, including information security and its importance with respect to client and associate privacy. Enterprise is not aware of any material data breaches of our systems since publication of our 2020 ESG Report. As a result, there have been no material expenses incurred in connection with a data breach. F. PRODUCT LIFE CYCLE GOVERNANCE Throughout the life cycle of any product or service we offer, we have instituted procedures to help ensure its value to the Company and our clients, its quality as well as adherence to laws and regulations. Any new, modified or expanded product, service or third-party strategic relationship solution, as well as any new and/or innovative technology project, is subject to review by internal working groups comprised of cross-functional leaders representing impacted business areas prior to implementation. Once a new, modified or expanded product or service has been implemented, it is subject to a review by the Risk Oversight Committee and audits by Compliance or Internal Audit. VI. ADDITION AL IM PORTAN T GOVERN AN CE POLICIES 28
G. VENDOR MANAGEMENT Third-party vendor relationships are essential to meeting our strategic goals, objectives and business needs. These relationships allow us to gain expertise and benefit from economies of scale, and are essential elements of conducting business. Our Vendor Management policy establishes guidelines to effectively assess, measure, monitor and control the risks associated with vendor relationships consistent with our ERM framework. The majority of our vendors are based in the United States; therefore, they are subject to U.S. Department of Labor mandates and regulations. As a result, we are comfortable that there are effective impediments to their involvement in child labor, forced labor or human trafficking. Nevertheless, in 2021, we adopted a Vendor Code of Conduct which sets forth our expectations for vendors with respect to these issues in addition to other ESG issues. As part of our initial and ongoing vendor due diligence and oversight program, the Vendor Code of Conduct is distributed to all critical vendors whose product or service is essential to the conduct of our daily business operations. Our Risk Committee and ESG Management Committee will continue to evaluate how we can apply resources and leverage in a manner that will enhance our ability to minimize the risk that any of our vendors directly or indirectly are involved in these abhorrent activities. 29 VI. ADDITION AL IM PORTAN T GOVERN AN CE POLICIES Get Our Vendor Code of Conduct
MEMBER FDIC enterprisebank.com