Item 1A. Risk Factors.

There are risks, many beyond our control, which could cause our results to differ significantly from management’s expectations. Some of these risk factors are described below. Any factor described in this Annual Report on Form 10-K could, by itself or together with one or more other factors, adversely affect our business, results of operations and/or financial condition. Additional risks and uncertainties not currently known to us or that we currently consider to not be material also may materially and adversely affect us. In assessing these risks, you should also refer to other information disclosed in our SEC filings, including the financial statements and notes thereto. The risks discussed below also include forward-looking statements, and actual results may differ substantially from those discussed or implied in these forward-looking statements.

Economic and Geographic-Related Risks

Our business may be adversely affected by economic conditions generally.

Our financial performance generally, and in particular the ability of borrowers to pay interest on and repay principal of outstanding loans and the value of collateral securing those loans, as well as demand for loans and other products and services we offer and whose success we rely on to drive our growth, is highly dependent upon the business environment in the primary markets where we operate and in the U.S. as a whole. Unlike larger banks that are more geographically diversified, we are a regional bank that provides banking and financial services to customers primarily in South Carolina and Georgia. The economic conditions in these local markets may be different from, and in some instances worse than, the economic conditions in the U.S. as a whole. In 2024 and early 2025, continued regional economic uncertainty—exacerbated by persistent inflation, supply chain disruptions, and subdued consumer spending—has further increased the risks in our primary markets.

Some elements of the business environment that affect our financial performance include short-term and long-term interest rates, the prevailing yield curve, inflation and price levels, monetary and trade policy, unemployment and the strength of the domestic economy and the local economy in the markets in which we operate. Unfavorable market conditions can result in a deterioration in the credit quality of our borrowers and the demand for our products and services, an increase in the number of loan delinquencies, defaults and charge-offs, foreclosures, additional provisions for credit losses, adverse asset values of the collateral securing our loans and an overall material adverse effect on the quality of our loan portfolio. The majority of our loan portfolio is secured by real estate. A decline in real estate values can negatively impact our ability to recover our investment should the borrower become delinquent. Loans secured by stock or other collateral may be adversely impacted by a downturn in the economy and other factors that could reduce the recoverability of our investment. Unsecured loans are dependent on the solvency of the borrower, which can deteriorate, leaving us with a risk of loss. Unfavorable or uncertain economic and market conditions can be caused by declines in economic growth, business activity or investor or business confidence, limitations on the availability or increases in the cost of credit and capital, increases in inflation or interest rates, high unemployment, natural disasters, epidemics and pandemics, or a combination of these or other factors.

In addition, there are continuing concerns related to, among other things, the level of U.S. government debt and fiscal actions that may be taken to address that debt, a potential resurgence of economic and political tensions with China, the war in Ukraine, and the Middle East conflict, all of which may have a destabilizing effect on financial markets and economic activity. Economic pressure on consumers and overall economic uncertainty may result in changes in consumer and business spending, borrowing, and saving habits. These economic conditions and/or other negative developments in the domestic or international credit markets or economies may significantly affect the markets in which we do business, the value of our loans and investments, and our ongoing operations, costs, and profitability. These economic conditions and/or other negative developments in the domestic or international credit markets may significantly affect the markets in which we do business, the value of our loans and investments, and our ongoing operations, costs and profitability. Declines in real estate values and sales volumes and high unemployment or underemployment may also result in higher than expected loan delinquencies, increases in our levels of nonperforming and classified assets and a decline in demand for our products and services. Declines in real estate values and sales volumes and high unemployment may also result in higher than expected loan delinquencies, increases in our levels of nonperforming and classified assets and a decline in demand for our products and services. These negative events may cause us to incur losses and may adversely affect our capital, liquidity, and financial condition.

In 2023 and 2024, concerns about the financial condition of certain U.S. banking institutions led to multiple bank failures, including Silicon Valley Bank, Signature Bank, First Republic Bank, and most recently, Republic First Bank in April 2024. The FDIC intervened in each case, transferring assets to acquiring institutions. While our business and depositor profile differ from these banks, financial sector volatility, particularly in times of stress, may impact our stock price and operations. The long-term regulatory and market consequences of these failures remain uncertain but could include increased FDIC assessments and further bank closures. To date, these events have not materially affected our deposit balances.

Credit and Interest Rate Risk

Our decisions regarding credit risk and allowance for credit losses may materially and adversely affect our business.

Making loans and other extensions of credit is an essential element of our business. Although we seek to mitigate risks inherent in lending by adhering to specific underwriting practices, our loans and other extensions of credit may not be repaid. The risk of nonpayment is affected by a number of factors, including:

We attempt to maintain an appropriate allowance for credit losses to provide for potential losses in our loan portfolio. We periodically determine the amount of the allowance based on consideration of several factors, including:

There is no precise method of predicting credit losses; therefore, we face the risk that charge-offs in future periods will exceed our allowance for credit losses and that additional increases in the allowance for credit losses will be required. Additions to the allowance for credit losses would result in a decrease of our net income, and possibly our capital. Additions to the allowance for loan losses would result in a decrease of our net income, and possibly our capital.

Federal and state regulators periodically review our allowance for credit losses and may require us to increase our provision for credit losses or recognize further loan charge-offs, based on judgments different than those of our management. Any increase in the amount of our provision or loans charged-off could have a negative effect on our operating results. Any increase in the amount of our provision or loans charged-off as required by these regulatory agencies could have a negative effect on our operating results.

We may have higher credit losses than we have allowed for in our allowance for credit losses.

Our actual credit losses could exceed our allowance for credit losses. Our average loan size continues to increase and reliance on our historic allowance for credit losses may not be adequate. As of December 31, 2024, approximately 84.8% of our loan portfolio (excluding loans held for sale) is composed of construction (12.5%), commercial mortgage (65.2%) and commercial (7.1%) loans. As of December 31, 2020, approximately 85.6% of our loan portfolio (excluding loans held for sale) is composed of construction (11.3%), commercial mortgage (67.9%) and commercial (excluding PPP) (6.4%) loans. Repayment of such loans is generally considered more subject to market risk than residential mortgage loans. Industry experience shows that a portion of loans will become delinquent, and a portion of loans will require partial or entire charge-off. Regardless of the underwriting criteria utilized, losses may be experienced as a result of various factors beyond our control, including, changes in market conditions affecting the value of loan collateral and problems affecting the credit of our borrowers. Regardless of the underwriting criteria utilized, losses may be experienced as a result of various factors beyond our control, including among other things, changes in market conditions affecting the value of loan collateral and problems affecting the credit of our borrowers. If we suffer credit losses that exceed our allowance for credit losses, our financial condition, liquidity, or results of operations could be materially and adversely affected.

We have a concentration of credit exposure in commercial real estate and challenges faced by the commercial real estate market could adversely affect our business, financial condition, and results of operations.

As of December 31, 2024, we had approximately $921.0 million in loans outstanding to borrowers whereby the collateral securing the loan was commercial real estate, representing approximately 75.5% of our total loans outstanding as of that date. Approximately $283.7 million, or 23.2% of our total loans, and 30.8% of our commercial real estate loans are secured by owner-occupied properties. Commercial real estate loans are generally viewed as having more risk of default than residential real estate loans. They are also typically larger than residential real estate loans and consumer loans and depend on cash flows from the owner’s business or the property to service the debt. Cash flows may be affected significantly by general economic conditions, and a downturn in the local economy or in occupancy rates in the local economy where the property is located could increase the likelihood of default. Because our loan portfolio contains a number of commercial real estate loans with relatively large balances, the deterioration of one or a few of these loans could cause a significant increase in our level of non-performing loans. An increase in non-performing loans could result in a loss of earnings from these loans, an increase in the related provision for credit losses and an increase in charge-offs, all of which could have a material adverse effect on our financial condition and results of operations. An increase in non-performing loans could result in a loss of earnings from these loans, an increase in the related provision for loan losses and an increase in charge-offs, all of which could have a material adverse effect on our financial condition and results of operations.

Our commercial real estate loans have grown 3.5%, or $31.2 million, since December 31, 2023. The banking regulators give commercial real estate lending greater scrutiny, and they may require banks with higher levels of commercial real estate loans to implement more stringent underwriting, internal controls, risk management policies and portfolio stress testing, as well as possibly higher levels of allowances for credit losses and capital levels as a result of commercial real estate lending growth and exposures. We have expertise and a long history in originating and managing commercial real estate loans. We have a strong credit underwriting process, which includes management and board oversight. We perform rigorous monitoring, stress testing, and reporting of these portfolios at the management and board levels, and we continue to monitor the level of the concentration in commercial real estate loans within the Bank’s loan portfolio monthly.

Imposition of limits by the bank regulators on commercial and multi-family real estate lending activities could curtail our growth and adversely affect our earnings.

The 2006 “Concentrations in Commercial Real Estate Lending, Sound Risk Management Practices” (the “CRE Guidance”) provides that a bank’s commercial real estate lending exposure could receive increased supervisory scrutiny where (i) total non-owner-occupied commercial real estate loans, including loans secured by apartment buildings, investor commercial real estate, and construction and land loans, represent 300% or more of an institution’s total risk-based capital, and the outstanding balance of the commercial real estate loan portfolio has increased by 50% or more during the preceding 36 months, or (ii) construction and land development loans exceed 100% of total risk-based capital. Our total non-owner-occupied commercial real estate loans represented 305% of the Bank’s total risk-based capital at December 31, 2024, and our construction and land development loans represented 82% of the Bank’s total risk-based capital at December 31, 2024. Furthermore, our three-year growth in non-owner occupied commercial real estate loans was 46% from December 31, 2021 to December 31, 2024. We have expertise and a long history in originating and managing commercial real estate loans. We have a strong credit underwriting process, which includes management and board oversight. We perform rigorous monitoring, stress testing, and reporting of these portfolios at the management and board levels, and we continue to monitor the level of the concentration in commercial real estate loans within our loan portfolio monthly.

In December 2015, the regulatory agencies released a statement on prudent risk management for commercial real estate lending that indicated, among other things, the intent to continue “to pay special attention” to commercial real estate lending activities and concentrations going forward. More recently, in 2024, the FDIC and the Federal Reserve reaffirmed their commitment to stringent oversight of CRE exposures in response to evolving market conditions. In early 2025, preliminary guidance from regulators suggested that any further acceleration in CRE loan growth or deterioration in loan performance could prompt the imposition of additional limits or remedial actions, which, if implemented, could curtail our growth and adversely affect our earnings.

Repayment of our commercial business loans is often dependent on the cash flows of the borrower, which may be unpredictable, and the collateral securing these loans may fluctuate in value.

At December 31, 2024, commercial business loans comprised 7.1% of our total loan portfolio. Our commercial business loans are originated primarily based on the identified cash flow and general liquidity of the borrower and secondarily on the underlying collateral provided by the borrower and/or repayment capacity of any guarantor. The borrower’s cash flow may be unpredictable, and collateral securing these loans may fluctuate in value. Although commercial business loans are often collateralized by equipment, inventory, accounts receivable, or other business assets, the liquidation of collateral in the event of default is often an insufficient source of repayment because accounts receivable may be uncollectible and inventories may be obsolete or of limited use. In addition, business assets may depreciate over time, be difficult to appraise, and fluctuate in value based on the success of the business. In addition, business assets may depreciate over time, may be difficult to appraise, and may fluctuate in value based on the success of the business. Accordingly, the repayment of commercial business loans depends primarily on the cash flow and credit worthiness of the borrower and secondarily on the underlying collateral value provided by the borrower and liquidity of the guarantor. If these borrowers do not have sufficient cash flows or resources to pay these loans as they come due or the value of the underlying collateral is insufficient to fully secure these loans, we may suffer losses on these loans that exceed our allowance for credit losses.

Our focus on lending to small to mid-sized community-based businesses may increase our credit risk.

Most of our commercial business and commercial real estate loans are made to small business or middle market customers. These businesses generally have fewer financial resources in terms of capital or borrowing capacity than larger entities and have a heightened vulnerability to economic conditions. If general economic conditions in the markets in which we operate negatively impact this important customer sector, our results of operations and financial condition and the value of our common stock may be adversely affected. Moreover, a portion of these loans have been made by us in recent years and the borrowers may not have experienced a complete business or economic cycle. Furthermore, the deterioration of our borrowers’ businesses may hinder their ability to repay their loans with us, which could have a material adverse effect on our financial condition and results of operations.

Our underwriting decisions may materially and adversely affect our business.

While we generally underwrite the loans in our portfolio in accordance with our own internal underwriting guidelines and regulatory supervisory guidelines, in certain circumstances we have made loans which exceed either our internal underwriting guidelines, supervisory guidelines, or both. As of December 31, 2024, approximately $16.6 million of our loans, or 9.3% of the Bank’s regulatory capital (Tier 1 Capital plus allowance for credit losses), had loan-to-value ratios that exceeded regulatory supervisory guidelines, of which three loans totaling approximately $606 thousand had loan-to-value ratios of 100% or more. As of December 31, 2020, approximately $36.6 million of our loans, or 28.6% of the Bank’s regulatory capital, had loan-to-value ratios that exceeded regulatory supervisory guidelines, of which only one loan totaling approximately $210 thousand had loan-to-value ratios of 100% or more. In addition, supervisory limits on commercial loan-to-value exceptions are set at 30% of the Bank’s tier 1 capital plus allowance for credit losses. In addition, supervisory limits on commercial loan-to-value exceptions are set at 30% of the Bank’s capital. At December 31, 2024, $5.5 million of our commercial loans, or 3.1% of the Bank’s regulatory capital, exceeded the supervisory loan-to-value ratio. The number of loans in our portfolio with loan-to-value ratios in excess of supervisory guidelines, our internal guidelines, or both could increase the risk of delinquencies and defaults in our portfolio, which could have a material adverse effect on our financial condition and results of operations. The number of loans in our portfolio with loan-to-value ratios in excess of supervisory guidelines, our internal guidelines, or both could increase the risk of delinquencies and defaults in our portfolio.

We depend on the accuracy and completeness of information about clients and counterparties and our financial condition could be adversely affected if we rely on misleading information.

In deciding whether to extend credit or to enter into other transactions with clients and counterparties, we may rely on information furnished to us by or on behalf of clients and counterparties, including financial statements and other financial information, which we do not independently verify. We also may rely on representations of clients and counterparties as to the accuracy and completeness of that information and, with respect to financial statements, on reports of independent auditors. For example, in deciding whether to extend credit to clients, we may assume that a customer’s audited financial statements conform with GAAP and present fairly, in all material respects, the financial condition, results of operations and cash flows of the customer. Our financial condition and results of operations could be negatively impacted to the extent we rely on financial statements that do not comply with GAAP or are materially misleading.

If we fail to effectively manage credit risk and interest rate risk, our business and financial condition will suffer.

We must effectively manage credit risk. There are risks inherent in making any loan, including risks with respect to (i) the period of time over which the loan may be repaid, (ii) proper loan underwriting and guidelines, (iii) changes in economic and industry conditions, (iv) the credit risks of individual borrowers, and (v) risks resulting from uncertainties as to the future value of collateral. There are risks inherent in making any loan, including risks with respect to the period of time over which the loan may be repaid, risks relating to proper loan underwriting and guidelines, risks resulting from changes in economic and industry conditions, risks inherent in dealing with individual borrowers and risks resulting from uncertainties as to the future value of collateral. There is no assurance that our credit risk monitoring and loan approval procedures are or will be adequate or will reduce the inherent risks associated with lending. Our credit administration personnel, policies and procedures may not adequately adapt to changes in economic or any other conditions affecting customers and the quality of our loan portfolio. Any failure to manage such credit risks may materially adversely affect our business and our consolidated results of operations and financial condition.

Changes in prevailing interest rates may reduce our profitability.

Our results of operations depend in large part upon the level of our net interest income, which is the difference between interest income from interest-earning assets, such as loans and investment securities, which include mortgage-backed securities, and interest expense on interest-bearing liabilities, such as deposits and borrowings. Depending on the terms and maturities of our assets and liabilities, we believe a significant change in interest rates could potentially have a material adverse effect on our profitability. Many factors cause changes in interest rates, including governmental monetary policies and domestic and international economic and political conditions. While we intend to manage the effects of changes in interest rates by adjusting the terms, maturities, and pricing of our assets and liabilities, our efforts may not be effective, and our financial condition and results of operations could suffer.

Capital and Liquidity Risks

Changes in the financial markets could impair the value of our investment portfolio.

Our investment securities portfolio is a significant component of our total earning assets. Total investment securities averaged $491.0 million in 2024, as compared to $541.1 million in 2023. This represents 27.5% and 33.2% of the average earning assets for the years ended December 31, 2024 and 2023, respectively. Total investment securities averaged $300.9 million in 2020, as compared to $257.6 million in 2019. This represents 25.1% and 25.3% of the average earning assets for the years ended December 31, 2020 and 2019, respectively. At December 31, 2024, the portfolio was 26.6% of earning assets compared to 29.6% of earning assets at December 31, 2023. Turmoil in the financial markets could impair the market value of our investment portfolio, which could adversely affect our net income and possibly our capital.

On June 1, 2022, we reclassified $224.5 million in investments to held-to-maturity (HTM) from available-for-sale (AFS). These securities were transferred at fair value at the time of the transfer, which became the new cost basis for the securities held to maturity. The pretax unrealized net holding loss on the available for sale securities on the date of transfer totaled approximately $16.7 million and continued to be reported as a component of accumulated other comprehensive loss. This net unrealized loss is being amortized to interest income over the remaining life of the securities as a yield adjustment. There were no gains or losses recognized as a result of this transfer. The remaining pretax unrealized net holding loss on these investments was $12.3 million ($9.7 million net of tax) and $14.0 million ($11.1 million net of tax) at December 31, 2024 and 2023, respectively.

During the three months ended September 2023, we sold $39.9 million of book value U.S. Treasuries in our available-for-sale investment securities portfolio. While this sale created a one-time pre-tax loss of $1.2 million, it provided additional liquidity which was used to pay down borrowings and fund loan growth. The weighted average book yield of the securities sold was 1.75% and the projected earn back period was 1.6 years. Such measures transitioned the balance sheet to be more efficient, improved net interest margin, and positioned us for higher earnings in the future.

Our HTM investments totaled $209.4 million and represented approximately 42.6% of our total investments at December 31, 2024. Our AFS investments totaled $279.6 million, or approximately 56.9% of our total investments at December 31, 2024. Investments at cost totaled $2.7 million, or approximately 0.5% of our total investments at December 31, 2024. The effective duration on our total investment securities portfolio was 3.5 at December 31, 2024.

Securities which have unrealized losses were not considered to be credit loss impaired at December 31, 2024 or at December 31, 2023 and we believe it is more likely than not we will be able to hold these until they mature or recover our current book value. We currently maintain adequate liquidity which supports our ability to hold these investments until they mature, or until there is a market price recovery. We currently maintain substantial liquidity which supports our ability to hold these investments until they mature, or until there is a market price recovery. However, if we were to cease to have the ability and intent to hold these investments until maturity or the market prices do not recover, and we were to sell these securities at a loss, it could adversely affect our net income and our capital.

The Bank is subject to strict capital requirements, which could be amended to be more stringent, in the future.

The Bank is subject to regulatory requirements specifying minimum amounts and types of capital that we must maintain and an additional capital conservation buffer. From time to time, the regulators change these regulatory capital adequacy guidelines. If we fail to meet these capital guidelines and other regulatory requirements, we or our subsidiaries may be restricted in the types of activities we may conduct and we may be prohibited from taking certain capital actions, such as paying dividends, repurchasing or redeeming capital securities, and paying certain bonuses. In particular, the capital requirements applicable under Basel III require the Bank to satisfy additional, more stringent, capital adequacy standards than it had in the past. In particular, the capital requirements applicable to the Bank under the Basel III rules became fully phased-in on January 1, 2019. The Bank is now required to satisfy additional, more stringent, capital adequacy standards than it had in the past. Failure to meet minimum capital requirements could result in certain mandatory and possible additional discretionary actions by regulators that, if undertaken, could have an adverse material effect on our financial condition and results of operations. In addition, these requirements could have a negative impact on our ability to lend, grow deposit balances, make acquisitions, make capital distributions in the form of dividends or share repurchases, or pay certain bonuses needed to attract and retain key personnel. Higher capital levels could also lower our return on equity.

Risks Related to Our Industry

Inflationary pressures and rising prices may affect our results of operations and financial condition.

In 2021 through 2022, inflation rose to levels not seen for over 40 years, reaching 7.0% and 6.5%, respectively. The annual inflation rate decreased to 3.4% in 2023 and to 2.9% in 2024; however, during the latter part of 2024 and into early 2025, the annual inflation rate averaged approximately 4.2%, although some moderation has been observed in early 2025. Nonetheless, persistently higher input costs, wage pressures, and ongoing supply chain disruptions may challenge our customers’ ability to service their debt, thereby potentially increasing our credit risk. Inflation could lead to increased costs to our customers, making it more difficult for them to repay their loans or other obligations increasing our credit risk. Sustained higher interest rates by the Federal Reserve may be needed to tame persistent inflationary price pressures, which could push down asset prices and weaken economic activity. A deterioration in economic conditions in the United States and our markets could result in an increase in loan delinquencies and non-performing assets, decreases in loan collateral values and a decrease in demand for our products and services, all of which, in turn, would adversely affect our business, financial condition and results of operations.

The Federal Reserve has implemented significant economic strategies that have affected interest rates, inflation, asset values, and the shape of the yield curve.

In recent years, the Federal Reserve has maintained a relatively tight monetary policy to address persistent inflationary pressures, resulting in elevated short-term interest rates. In mid-2024, as inflation began to moderate, the Federal Reserve signaled a gradual recalibration of its policy stance, though it remains cautious amid ongoing economic uncertainty.

Effects on the yield curve often are most pronounced at the short end of the curve, which is of particular importance to us and other banks. Among other things, easing strategies are intended to lower interest rates, expand the money supply, and stimulate economic activity, while tightening strategies are intended to increase interest rates, discourage borrowing, tighten the money supply, and restrain economic activity. Recent periods have demonstrated that when short-term rates rise more rapidly than long-term rates, the yield curve can invert—an occurrence that, while relatively uncommon, may signal potential economic slowdowns or increased recessionary risks.

It is unclear how long it will take for long-term rates to catch up. Many external factors may interfere with the effects of these plans or cause them to be changed, sometimes quickly. Such factors include significant economic trends or events as well as significant international monetary policies and events. Elevated interest rates, combined with an inverted or flattening yield curve, can increase borrowing costs, depress asset values, and reduce loan demand—factors that may adversely affect our operating results and financial condition. Moreover, unexpected shifts in domestic or international economic policies, or abrupt changes in market conditions, could lead to rapid alterations in the yield curve and further impact the broader financial system. Moreover, bankruptcy law provides that claims based on any such commitment will be entitled to a priority of payment over the claims of the holding company’s general unsecured creditors, including the holders of its note obligations.

Adverse developments affecting the financial services industry, such as the 2023 and 2024 bank failures or concerns involving liquidity, may have a material adverse effect on our operations.

The high-profile bank failures in 2023 and 2024 involving Silicon Valley Bank, Signature Bank, First Republic Bank, and Republic First Bank caused general uncertainty and concern regarding the liquidity adequacy of the banking sector. Although we were not directly affected by these bank failures, the resulting speed and ease in which news, including social media commentary, led depositors to withdraw or attempt to withdraw their funds from these and other financial institutions, which then caused the stock prices of many financial institutions to become volatile. In 2024 and into 2025, continued concerns regarding the stability of certain regional banks and potential liquidity risks have further contributed to market volatility and investor caution. Additional bank failures could have an adverse effect on our financial condition and results of operations, either directly or through an adverse impact on certain of our customers. Our credit administration personnel, policies and procedures may not adequately adapt to changes in economic or any other conditions affecting customers and the quality of our loan portfolio. Further, with the risk of any additional bank failures, we may face the potential for reputational risk, deposit outflows, increased costs and competition for liquidity, and increased credit risk which, individually or in the aggregate, could have a material adverse effect on our business, financial condition and results of operations.

Higher FDIC deposit insurance premiums and assessments could adversely affect our financial condition.

Our deposits are insured up to applicable limits by the Deposit Insurance Fund of the FDIC and are subject to deposit insurance assessments to maintain deposit insurance. As an FDIC-insured institution, we are required to pay quarterly deposit insurance premium assessments to the FDIC. Although we cannot predict what the insurance assessment rates will be in the future, either deterioration in our risk-based capital ratios or adjustments to the base assessment rates could have a material adverse impact on our business, financial condition, results of operations, and cash flows.

We could experience a loss due to competition with other financial institutions or nonbank companies.

We face substantial competition in all areas of our operations from a variety of different competitors, both within and beyond our principal markets, many of which are larger and may have more financial resources. Such competitors primarily include national, regional, community, and internet banks within the various markets in which we operate. We also face competition from many other types of financial institutions, including, without limitation, savings and loans, credit unions, finance companies, brokerage firms, insurance companies, and other financial intermediaries. The financial services industry could become even more competitive as a result of legislative and regulatory changes and continued consolidation. In addition, as customer preferences and expectations continue to evolve, technology has lowered barriers to entry and made it possible for banks to offer products and services in more areas in which they do not have a physical location and for nonbanks, such as FinTech companies, to offer products and services traditionally provided by banks, such as automatic transfer and automatic payment systems. Banks, securities firms, and insurance companies can merge under the umbrella of a financial holding company, which can offer virtually any type of financial service, including banking, securities underwriting, insurance (both agency and underwriting), and merchant banking. Many of our competitors have fewer regulatory constraints and may have lower cost structures. Additionally, due to their size, many competitors may be able to achieve economies of scale and, as a result, may offer a broader range of products and services as well as better pricing for those products and services than we can.

Our ability to compete successfully depends on a number of factors, including, among other things:

Failure to perform in any of these areas could significantly weaken our competitive position, which could adversely affect our growth and profitability, which, in turn, could have a material adverse effect on our business, financial condition and results of operations.

We may be adversely affected by the soundness of other financial institutions.

Financial services institutions are interrelated as a result of trading, clearing, counterparty, or other relationships. We have exposure to many different industries and counterparties, and routinely execute transactions with counterparties in the financial services industry, including commercial banks, brokers and dealers, investment banks, and other institutional clients. Many of these transactions expose us to credit risk in the event of a default by a counterparty or client. In addition, our credit risk may be exacerbated when the collateral held by the bank cannot be realized upon or is liquidated at prices not sufficient to recover the full amount of the credit or derivative exposure due to the bank. Any such losses could have a material adverse effect on our financial condition and results of operations.

Failure to keep pace with technological change could adversely affect our business.

The financial services industry is continually undergoing rapid technological change with frequent introductions of new technology-driven products and services. The effective use of technology increases efficiency and enables financial institutions to better serve customers and to reduce costs. Our future success depends, in part, upon our ability to address the needs of our customers by using technology to provide products and services that will satisfy customer demands, as well as to create additional efficiencies in our operations. Many of our competitors have substantially greater resources to invest in technological improvements. We may not be able to effectively implement new technology-driven products and services or be successful in marketing these products and services to our customers. In addition, we depend on internal and outsourced technology to support all aspects of our business operations. Failure to successfully keep pace with technological changes could have a material adverse impact on our business, financial condition, and results of operations. Failure to successfully keep pace with technological change affecting the financial services industry could have a material adverse impact on our business, financial condition and results of operations. In 2024 and early 2025, the pace of technological change has accelerated, and the rapid evolution of cybersecurity threats, as well as the need to integrate new digital platforms, has increased the risks associated with failure to adapt.

The development and use of AI presents risks and challenges that may adversely impact our business.

The development and use of AI by us or our third-party vendors poses significant risks. The evolving legal and regulatory landscape—covering intellectual property, privacy, consumer protection, employment, and more—could force costly changes and heighten non-compliance risks. AI models, especially generative ones, might produce biased, inaccurate, or harmful outputs, disclose confidential information, or infringe on intellectual property rights. Moreover, their inherent complexity limits transparency, complicating oversight and error reduction. Reliance on third-party models further exposes us to risks associated with unauthorized training data and their risk management practices. Any of these issues could lead to legal liabilities, reputational harm, and adverse impacts on our business.

New lines of business or new products and services may subject us to additional risk.

From time to time, we may implement new lines of business or offer new products and services within existing lines of business. There are substantial risks and uncertainties associated with these efforts, particularly in instances where the markets are not fully developed. In developing and marketing new lines of business and/or new products and services, we may invest significant time and resources. Initial timetables for the introduction and development of new lines of business and/or new products or services may not be achieved, and price and profitability targets may not prove feasible. External factors, such as compliance with regulations, competitive alternatives, and shifting market preferences, may also impact the successful implementation of a new line of business and/or a new product or service. Furthermore, any new line of business and/or new product or service could have a significant impact on the effectiveness of our system of internal controls. Failure to successfully manage these risks in the development and implementation of new lines of business and/or new products or services could have a material adverse effect on our business, financial condition, and results of operations.

Consumers may decide not to use banks to complete their financial transactions.

Technology and other changes are allowing parties to complete financial transactions through alternative methods that historically have involved banks. For example, consumers can now maintain funds that would have historically been held as bank deposits in brokerage accounts, mutual funds or general-purpose reloadable prepaid cards. Consumers can also complete transactions such as paying bills and/or transferring funds directly without the assistance of banks. The process of eliminating banks as intermediaries, known as “disintermediation,” could result in the loss of fee income, as well as the loss of customer deposits and the related income generated from those deposits. The loss of these revenue streams and the lower cost of deposits as a source of funds could have a material adverse effect on our financial condition and results of operations.

We use brokered deposits which may be an unstable and/or expensive deposit source to fund earning asset growth.

We use brokered deposits as a source of funding to support our asset growth, to augment deposits generated from our branch network and to assist in the management of our interest rate risk. We have established policies and procedures with respect to the use of brokered deposits, which require, among other things, that (i) we limit the amount of brokered deposits as a percentage of total deposits, and (ii) our Asset/Liability Committee of the board of directors and our board of directors monitor our use of brokered deposits on a regular basis, including interest rates and the total volume of such deposits in relation to our total deposits. In the event that our funding strategies call for the use of additional brokered deposits, there can be no assurance that such sources will be available, or will remain available, or that the cost of such funding sources will be reasonable. Additionally, if the Bank is no longer considered well capitalized, our ability to access new brokered deposits or retain existing brokered deposits could be affected by market conditions, regulatory requirements or a combination thereof, which could result in most, if not all, brokered deposit sources being unavailable. The inability to utilize brokered deposits as a source of funding could have an adverse effect on our financial position, results of operations and liquidity.

Further, if, as a result of competitive pressures, market interest rates, alternative investment opportunities that present more attractive returns to customers, general economic conditions or other events, the balance of our deposits decreases relative to our overall banking operations, we may need to rely more heavily on wholesale or other sources of external funding, or may have to increase deposit rates to maintain deposit levels in the future. Any such increased reliance on wholesale funding, or increases in funding rates in general, could have a negative impact on our net interest income and, consequently, on our results of operations and financial condition.

Our ability to obtain brokered deposits as an additional funding source could be limited.

As of December 31, 2024, brokered deposits comprised $10.4 million (0.6%) of our total deposits, down from $48.1 million (3.2%) at year-end 2023. We use brokered certificates of deposit to extend deposit maturities and manage interest rate risk. Unlike non-brokered CDs, these deposits cannot be withdrawn early except in limited circumstances, improving our maturity management. FDIC regulations restrict brokered deposits based on capital levels. While we currently qualify as “well capitalized” and face no such limits, a decline in our capital ratios could restrict our ability to replace maturing brokered deposits. Any future regulatory changes or capital constraints could increase our funding costs and impact liquidity.

Risks Related to Our Strategy

We may be adversely affected by risks associated with future mergers and acquisitions, including execution risk, which could disrupt our business and dilute shareholder value.

From time to time, we may seek to acquire other financial institutions or parts of those institutions. We may also expand into new markets, like we did in York County, South Carolina, which we refer to as the Piedmont Region, in 2022, or lines of business or offer new products or services. These activities would involve a number of risks, including:

If we do not successfully manage these risks, our merger and acquisition activities could have a material adverse effect on our business, financial condition, and results of operations, including short-term and long-term liquidity, and our ability to successfully implement our strategic plan.

We may be exposed to difficulties in combining the operations of acquired businesses into our own operations, which may prevent us from achieving the expected benefits from our acquisition activities.

We may not be able to fully achieve the strategic objectives and operating efficiencies that we anticipate in our acquisition activities. Inherent uncertainties exist in integrating the operations of an acquired business. In addition, the markets and industries in which we and our potential acquisition targets operate are highly competitive. We may lose customers or the customers of acquired entities as a result of an acquisition. We also may lose key personnel from the acquired entity as a result of an acquisition. We may not discover all known and unknown factors when examining a company for acquisition during the due diligence period. These factors could produce unintended and unexpected consequences. Undiscovered factors as a result of acquisitions, pursued by non-related third party entities, could bring civil, criminal, and financial liabilities against us, our management, and the management of those entities acquired. These factors could contribute to us not achieving the expected benefits from acquisitions within desired time frames.

New or acquired banking office facilities and other facilities may not be profitable.

We may not be able to identify profitable locations for new banking offices. The costs to start up new banking offices or to acquire existing branches, and the additional costs to operate these facilities, may increase our non-interest expense and decrease our earnings in the short term.. It may be difficult to adequately and profitably manage our growth through the establishment or purchase of additional banking offices and we can provide no assurance that any such banking offices will successfully attract enough deposits to offset the expenses of their operation. In addition, any new or acquired banking offices will be subject to regulatory approval, and there can be no assurance that we will succeed in securing such approval.

Risks Related to Our Human Capital

We are dependent on key individuals, and the loss of one or more of these key individuals could curtail our growth and adversely affect our prospects.

Michael C. Crapps, our president and chief executive officer, and Mr. Nissen, the Bank’s president and chief executive officer, each have extensive and long-standing ties within our primary market area and substantial experience with our operations, and each has contributed significantly to our business. Crapps, our president and chief executive officer, has extensive and long-standing ties within our primary market area and substantial experience with our operations, and he has contributed significantly to our business. If we lose the services of Mr. Crapps or Mr. Nissen, each would be difficult to replace, and our business and development could be materially and adversely affected. Crapps, he would be difficult to replace and our business and development could be materially and adversely affected. Our success also depends, in part, on our continued ability to attract and retain experienced loan originators, as well as other management personnel. Competition for personnel is intense, and we may not be successful in attracting or retaining qualified personnel. Our failure to compete for these personnel, or the loss of the services of several of such key personnel, could adversely affect our business strategy and materially and adversely affect our business, results of operations, and financial condition.

Operational Risks

A failure in or breach of our operational or security systems or infrastructure, or those of our third party vendors and other service providers or other third parties, including as a result of cyber attacks, could disrupt our businesses, result in the disclosure or misuse of confidential or proprietary information, damage our reputation, increase our costs, and cause losses.

We rely heavily on communications and information systems to conduct our business. Information security risks for financial institutions such as ours have increased in recent years in part because of the proliferation of new technologies, the use of the internet and telecommunications technologies to conduct financial transactions, and the increased sophistication and activities of organized crime, hackers, and terrorists, activists, and other external parties. Information security risks for financial institutions such as ours have generally increased in recent years in part because of the proliferation of new technologies, the use of the internet and telecommunications technologies to conduct financial transactions, and the increased sophistication and activities of organized crime, hackers, and terrorists, activists, and other external parties. As customer, public, and regulatory expectations regarding operational and information security have increased, our operating systems and infrastructure must continue to be safeguarded and monitored for potential failures, disruptions, and breakdowns. Our business, financial, accounting, and data processing systems, or other operating systems and facilities may stop operating properly or become disabled or damaged as a result of a number of factors, including events that are wholly or partially beyond our control. For example, there could be electrical or telecommunication outages, natural disasters such as earthquakes, tornadoes, and hurricanes, disease pandemics, events arising from local or larger scale political or social matters, including terrorist acts, and as described below, cyber attacks. For example, there could be electrical or telecommunication outages; natural disasters such as earthquakes, tornadoes, and hurricanes; disease pandemics; events arising from local or larger scale political or social matters, including terrorist acts; and as described below, cyber attacks.

As noted above, our business relies on our digital technologies, computer and email systems, software, and networks to conduct its operations. Although we have information security procedures and controls in place, our technologies, systems, networks, and our customers’ devices may become the target of cyber attacks or information security breaches that could result in the unauthorized release, gathering, monitoring, misuse, loss, or destruction of our or our customers’ or other third parties’ confidential information. Third parties with whom we do business or that facilitate our business activities, including financial intermediaries, or vendors that provide service or security solutions for our operations, and other unaffiliated third parties, could also be sources of operational and information security risk to us, including from breakdowns or failures of their own systems or capacity constraints. Third parties with whom we do business or that facilitate our business activities, including financial intermediaries, or vendors that provide service or security solutions for our operations, and other unaffiliated third parties, including the South Carolina Department of Revenue, which had customer records exposed in a 2012 cyber attack, could also be sources of operational and information security risk to us, including from breakdowns or failures of their own systems or capacity constraints.

While we have disaster recovery and other policies, plans and procedures designed to prevent or limit the effect of the failure, interruption or security breach of our information systems, there can be no assurance that any such failures, interruptions or security breaches will not occur or, if they do occur, that they will be adequately addressed. Our risk and exposure to these matters remains heightened because of the evolving nature of these threats. As a result, cybersecurity and the continued development and enhancement of our controls, processes, and practices designed to protect our systems, computers, software, data, and networks from attack, damage or unauthorized access remain a focus for us. As a result, cyber security and the continued development and enhancement of our controls, processes, and practices designed to protect our systems, computers, software, data, and networks from attack, damage or unauthorized access remain a focus for us. As threats continue to evolve, we may be required to expend additional resources to continue to modify or enhance our protective measures or to investigate and remediate information security vulnerabilities. Disruptions or failures in the physical infrastructure or operating systems that support our businesses and clients, or cyber attacks or security breaches of the networks, systems or devices that our clients use to access our products and services could result in client attrition, regulatory fines, penalties or intervention, reputation damage, reimbursement or other compensation costs, and/or additional compliance costs, any of which could have a material effect on our results of operations or financial condition.

Our information systems may experience failure, interruption or breach in security.

In the ordinary course of business, we rely on electronic communications and information systems to conduct our operations and to store sensitive data. Any failure, interruption or breach in security of these systems could result in significant disruption to our operations. Information security breaches and cybersecurity-related incidents include, but are not limited to, attempts to access information, including customer and company information, malicious code, computer viruses and denial of service attacks that could result in unauthorized access, theft, misuse, loss, release or destruction of data (including confidential customer information), account takeovers, unavailability of service or other events. Information security risks for financial institutions such as ours have generally increased in recent years in part because of the proliferation of new technologies, the use of the internet and telecommunications technologies to conduct financial transactions, and the increased sophistication and activities of organized crime, hackers, and terrorists, activists, and other external parties. These types of threats may derive from human error, fraud or malice on the part of external or internal parties or may result from accidental technological failure. Our technologies, systems, networks and software have been and continue to be subject to cybersecurity threats and attacks, which range from uncoordinated individual attempts to sophisticated and targeted measures directed at us. Any failures related to upgrades and maintenance of our technology and information systems could further increase our information and system security risk. Our increased use of cloud and other technologies also increases our risk of being subject to a cyber-attack. The risk of a security breach or disruption, particularly through cyber-attack or cyber-intrusion, has increased as the number, intensity and sophistication of attempted attacks and intrusions from around the world have increased. Our customers, employees and third parties that we do business with have been, and will continue to be, targeted by parties using fraudulent emails and other communications in attempts to misappropriate passwords, bank account information or other personal information or to introduce viruses or other malware programs to our information systems, the information systems of our merchants or third-party service providers and/or our customers’ personal devices, which are beyond our security control systems. Though we endeavor to mitigate these threats through product improvements, use of encryption and authentication technology and customer and employee education, such cyber-attacks against us, our merchants, our third-party service providers and our customers remain a serious issue.

Although we make significant efforts to maintain the security and integrity of our information systems and have implemented various measures to manage the risks of a security breach or disruption, there can be no assurance that our security efforts and measures will be effective or that attempted security breaches or disruptions would not be successful or damaging. Even well protected information, networks, systems and facilities remain potentially vulnerable to attempted security breaches or disruptions because the techniques used in such attempts are constantly evolving and generally are not recognized until launched against a target, and in some cases are designed not to be detected and, in fact, may not be detected. Accordingly, we may be unable to anticipate these techniques or to implement zero risk security barriers or other preventative measures, and thus it is virtually impossible for us to entirely mitigate this risk. Furthermore, in the event of a cyber-attack, we may be delayed in identifying or responding to the attack, which could increase the negative impact of the cyber-attack on our business, financial condition and results of operations. While we maintain specific “cyber” insurance coverage, which would apply in the event of various breach scenarios, the amount of coverage may not be adequate in any particular case. Furthermore, because cyber threat scenarios are inherently difficult to predict and can take many forms, some breaches may not be covered under our cyber insurance coverage. A security breach or other significant disruption of our information systems or those related to our customers, merchants or our third-party vendors, including as a result of cyber-attacks, could (i) disrupt the proper functioning of our networks and systems and therefore our operations and/or those of our customers; (ii) result in the unauthorized access to, and destruction, loss, theft, misappropriation or release of confidential, sensitive or otherwise valuable information of ours or our customers; (iii) result in a violation of applicable privacy, data breach and other laws, subjecting us to additional regulatory scrutiny and exposing us to civil litigation, enforcement actions, governmental fines and possible financial liability; (iv) require significant management attention and resources to remedy the damages that result; or (v) harm our reputation or cause a decrease in the number of customers that choose to do business with us. The occurrence of any of the foregoing could have a material adverse effect on our business, financial condition and results of operations.

Increased fraud risk could adversely impact our business

Fraud schemes are becoming more sophisticated, often involving criminal networks and techniques such as check fraud, ATM skimming, phishing, and identity theft. Fraudsters may also exploit online banking to establish accounts for fraudulent activities. While technologies like chip cards help mitigate some risks, criminals continue to target other sources of personal data.

We have increased investments in fraud prevention, but losses may still occur, potentially harming our customers, reputation, and financial condition. Fraud-related costs—including regulatory scrutiny, legal liability, and business disruption—could materially impact our operations.

Our use of third party vendors and our other ongoing third party business relationships are subject to increasing regulatory requirements and attention.

We regularly use third party vendors as part of our business and have substantial ongoing business relationships with other third parties. These types of third party relationships are subject to increasingly demanding regulatory requirements and attention by our bank regulators. Recent regulation requires us to enhance our due diligence, ongoing monitoring and control over our third party vendors and other ongoing third party business relationships. We expect that our regulators will hold us responsible for deficiencies in our oversight and control of our third party relationships and in the performance of the parties with which we have these relationships. As a result, if our regulators conclude that we have not exercised adequate oversight and control over our third party vendors or other ongoing third party business relationships or that such third parties have not performed appropriately, we could be subject to enforcement actions, including civil money penalties or other administrative or judicial penalties or fines as well as requirements for customer remediation, any of which could have a material adverse effect on our business, financial condition or results of operations.

Negative public opinion surrounding the Bank and the financial institutions industry generally could damage our reputation and adversely impact our earnings.

Reputation risk, or the risk to our business, earnings and capital from negative public opinion surrounding the Bank and the financial institutions industry generally, is inherent in our business. Negative public opinion can result from our actual or alleged conduct in any number of activities, including lending practices, corporate governance, mergers and acquisitions, and from actions taken by government regulators and community organizations in response to those activities. Negative public opinion can adversely affect our ability to keep and attract clients and employees, could impair the confidence of our investors, counterparties and business partners and can affect our ability to effect transactions and can expose us to litigation and regulatory action. Although we take steps to minimize reputation risk, this risk will always be present given the nature of our business. Although we take steps to minimize reputation risk in dealing with our clients and communities, this risk will always be present given the nature of our business.

Legal, Accounting, Regulatory and Compliance Risks

We are subject to extensive regulation that could restrict our activities, have an adverse impact on our operations, and impose financial requirements or limitations on the conduct of our business.

We operate in a highly regulated industry and are subject to examination, supervision, and comprehensive regulation by various regulatory agencies. We are subject to Federal Reserve regulation. The Bank is subject to extensive regulation, supervision, and examination by our primary federal regulator, the FDIC, the regulating authority that insures customer deposits; and by our state regulator, the S. Our Bank is subject to extensive regulation, supervision, and examination by our primary federal regulator, the FDIC, the regulating authority that insures customer deposits; and by our state regulator, the S. C. Board. Also, as a member of the Federal Home Loan Bank (the “FHLB”), the Bank must comply with applicable regulations of the Federal Housing Finance Board and the FHLB. Regulation by these agencies is intended primarily for the protection of our depositors and the deposit insurance fund and not for the benefit of our shareholders. The Bank’s activities are also regulated under consumer protection laws applicable to our lending, deposit, and other activities. Our Bank’s activities are also regulated under consumer protection laws applicable to our lending, deposit, and other activities. A sufficient claim against us under these laws could have a material adverse effect on our results of operations. Regulatory developments in 2023 and early 2024 have led to enhanced expectations in areas such as cybersecurity, data privacy, digital asset management, and anti-money laundering. These evolving requirements are increasing our compliance costs and the complexity of our regulatory obligations.

Failure to comply with laws, regulations or policies could also result in heightened regulatory scrutiny and in sanctions by regulatory agencies (such as a memorandum of understanding, a written supervisory agreement or a cease and desist order), civil money penalties and/or reputation damage. Any of these consequences could restrict our ability to expand our business or could require us to raise additional capital or sell assets on terms that are not advantageous to us or our shareholders and could have a material adverse effect on our business, financial condition, and results of operations. While we have policies and procedures designed to prevent any such violations, such violations may occur despite our best efforts.

Federal, state, and local consumer lending laws may restrict our ability to originate certain mortgage loans or increase our risk of liability with respect to such loans and could increase our cost of doing business.

Federal, state, and local laws have been adopted that are intended to eliminate certain lending practices considered “predatory.” These laws prohibit practices such as steering borrowers away from more affordable products, selling unnecessary insurance to borrowers, repeatedly refinancing loans and making loans without a reasonable expectation that the borrowers will be able to repay the loans irrespective of the value of the underlying property. Loans with certain terms and conditions and that otherwise meet the definition of a “qualified mortgage” may be protected from liability to a borrower for failing to make the necessary determinations. In either case, we may find it necessary to tighten our mortgage loan underwriting standards in response to the CFPB rules, which may constrain our ability to make loans consistent with our business strategies. It is our policy not to make predatory loans and to determine borrowers’ ability to repay, but the law and related rules create the potential for increased liability with respect to our lending and loan investment activities. They increase our cost of doing business and, ultimately, may prevent us from making certain loans and cause us to reduce the average percentage rate or the points and fees on loans that we do make.

We are subject to federal and state fair lending laws, and failure to comply with these laws could lead to material penalties.

Federal and state fair lending laws and regulations, such as the Equal Credit Opportunity Act and the Fair Housing Act, impose nondiscriminatory lending requirements on financial institutions. The DOJ, CFPB and other federal and state agencies are responsible for enforcing these laws and regulations. The Department of Justice, CFPB and other federal and state agencies are responsible for enforcing these laws and regulations. Private parties may also have the ability to challenge an institution’s performance under fair lending laws in private class action litigation. A successful challenge to our performance under the fair lending laws and regulations could adversely impact our rating under the CRA and result in a wide variety of sanctions, including the required payment of damages and civil money penalties, injunctive relief, imposition of restrictions on merger and acquisition activity and restrictions on expansion activity, which could negatively impact our reputation, business, financial condition, and results of operations.

Changes in accounting standards could materially affect our financial statements.

Our accounting policies and methods are fundamental to how we record and report our financial condition and results of operations. From time to time, FASB, the SEC and our regulators change the financial accounting and reporting standards, or the interpretation thereof, and guidance that govern the preparation and disclosure of external financial statements. From time to time, FASB, the SEC and our bank regulators change the financial accounting and reporting standards, or the interpretation thereof, and guidance that govern the preparation and disclosure of external financial statements. Such changes are beyond our control, can be hard to predict and could materially impact how we report and disclose our financial condition and results of operations. In some cases, we could be required to apply a new or revised standard retrospectively, or apply an existing standard differently, also retrospectively, which could potentially result in a need to revise or restate prior period financial statements. In some cases, we could be required to apply a new or revised standard retrospectively, or apply an existing standard differently, also retrospectively, which under some circumstances could potentially result in a need to revise or restate prior period financial statements.

The Federal Reserve may require us to commit capital resources to support the Bank.

The Federal Reserve requires a bank holding company to act as a source of financial and managerial strength to a subsidiary bank and to commit resources to support such subsidiary bank. Under the “source of strength” doctrine, the Federal Reserve may require a bank holding company to make capital injections into a troubled subsidiary bank and may charge the bank holding company with engaging in unsafe and unsound practices for failure to commit resources to such a subsidiary bank. In addition, the Dodd-Frank Act directs the federal bank regulators to require that all companies that directly or indirectly control an insured depository institution serve as a source of strength for the institution. Under these requirements, in the future, we could be required to provide financial assistance to our Bank if the Bank experiences financial distress.

A capital injection may be required at times when we do not have the resources to provide it, and therefore we may be required to borrow the funds. In the event of a bank holding company’s bankruptcy, the bankruptcy trustee will assume any commitment by the holding company to a federal bank regulatory agency to maintain the capital of a subsidiary bank. Moreover, bankruptcy law provides that claims based on any such commitment will be entitled to a priority of payment over the claims of the holding company’s general unsecured creditors, including the holders of its note obligations. Thus, any borrowing that must be done by the holding company in order to make the required capital injection becomes more difficult and expensive and will adversely impact the holding company’s cash flows, financial condition, results of operations and prospects.

We face risks related to the adoption of future legislation and potential changes in federal regulatory agency leadership, policies, and priorities.

In 2025, the U.S. political landscape remains uncertain, with the Republicans holding the majority in both the U.S. House of Representatives and the U.S. Senate. A unified Republican Congress has created conditions for potential shifts in policy, though partisan division may still result in challenges to enacting sweeping reforms. Under the Biden Administration, Congressional committees with jurisdiction over the banking sector pursued oversight and legislative initiatives in a variety of areas, including addressing climate-related risks, promoting diversity and equality within the banking industry and addressing other Environmental, Social, and Governance matters, improving competition in the banking sector and enhancing oversight of bank mergers and acquisitions, establishing a regulatory framework for digital assets and markets, and oversight of pandemic responses and economic recovery. The Trump Administration, alongside a unified Republican Congress, may pursue policies or changes that (i) reverse or suspend key actions implemented under the Biden Administration, (ii) promote deregulation by easing regulatory burdens on financial institutions, (iii) adopt a technology-forward approach, and (iv) take a more favorable stance on bank mergers and acquisitions, potentially streamlining the approval process to encourage consolidation within the banking sector. The prospects for the enactment of major banking reform legislation remain unclear at this time. The prospects for the enactment of major banking reform legislation under the new Congress are unclear at this time.

Furthermore, leadership changes within federal banking agencies and financial regulators continue to shape the regulatory environment. Since the change in presidential administration in 2020, key positions across agencies—including the Comptroller of the Currency, CFPB, CFTC, SEC, and the U.S. Treasury—experienced significant turnover. While some leadership positions were filled, others remained vacant, leading to ongoing shifts in regulatory priorities and enforcement approaches. In early 2025, additional turnover and policy realignments within these agencies have further contributed to regulatory uncertainty in the financial services sector. The unified Republican government could further alter the composition of these agencies, introducing new leadership and new policies and rules that could significantly impact the banking sector. The potential impact of the unified Republican government on additional changes in agency structure, personnel, policies and priorities on the financial services sector, including the Company and the Bank, cannot be fully predicted at this time. Regulations and laws may be modified at any time, and new legislation may be enacted that will affect us. Any future changes in federal and state laws and regulations, as well as the interpretation and implementation of such laws and regulations, could affect us in substantial and unpredictable ways, including those listed above or other ways that could have a material adverse effect on our business, financial condition or results of operations.

We are party to various claims and lawsuits incidental to our business. Litigation is subject to many uncertainties such that the expenses and ultimate exposure with respect to many of these matters cannot be ascertained.

From time to time, we, our directors, and our management are or may be the subject of various claims and legal actions by customers, employees, shareholders and others. Whether such claims and legal actions are legitimate or unfounded, if such claims and legal actions are not resolved in our favor, they may result in significant financial liability and/or adversely affect the market perception of us and our products and services as well as impact customer demand for those products and services. In light of the potential cost, reputational damage and uncertainty involved in litigation, we have in the past and may in the future settle matters even when we believe we have a meritorious defense. Certain claims may seek injunctive relief, which could disrupt the ordinary conduct of our business and operations or increase our cost of doing business. Our insurance or indemnities may not cover all claims that may be asserted against us. Any judgments or settlements in any pending litigation or future claims, litigation or investigation could have a material adverse effect on our business, reputation, financial condition, and results of operations.

From time to time, we are, or may become, involved in suits, legal proceedings, information-gatherings, investigations and proceedings by governmental and self-regulatory agencies that may lead to adverse consequences.

Many aspects of the banking business involve a substantial risk of legal liability. From time to time, we are, or may become, the subject of information-gathering requests, reviews, investigations and proceedings, and other forms of regulatory inquiry, including by bank regulatory agencies, self-regulatory agencies, the SEC and law enforcement authorities. The results of such proceedings could lead to significant civil or criminal penalties, including monetary penalties, damages, adverse judgements, settlements, fines, injunctions, restrictions on the way we conduct our business or reputational harm.

We could be adversely affected by changes in tax laws and regulations or the interpretations of such laws and regulations.

We are subject to the income tax laws of the U.S., and its states and municipalities in which we do business. These tax laws are complex and may be subject to different interpretations. We must make judgments and interpretations about the application of these inherently complex tax laws when determining our provision for income taxes, our deferred tax assets (DTAs) and liabilities, and our valuation allowance. Changes to the tax laws, administrative rulings or court decisions could increase our provision for income taxes and reduce our net income. In addition, our ability to continue to record our DTAs is dependent on our ability to realize their value through future projected earnings. In addition, our ability to continue to record our deferred tax assets is dependent on our ability to realize their value through future projected earnings. Future changes in tax laws or regulations could adversely affect our ability to record our DTAs. Loss of part or all of our DTAs would have a material adverse effect on our financial condition and results of operations. Loss of part or all of our deferred tax assets would have a material adverse effect on our financial condition and results of operations.

Our ability to realize deferred tax assets may be reduced, which may adversely impact our results of operations.

Deferred tax assets are reported as assets on our balance sheet and represent the decrease in taxes expected to be paid in the future because of net operating losses (“NOLs”) and tax credit carryforwards and because of future reversals of temporary differences in the bases of assets and liabilities as measured by enacted tax laws and their bases as reported in the financial statements. As of December 31, 2024, we had net deferred tax assets of $12.0 million. Realization of deferred tax assets is dependent upon the generation of sufficient future taxable income during the periods in which existing deferred tax assets are expected to become deductible for federal income tax purposes. Based on projections of future taxable income in periods in which deferred tax assets are expected to become deductible, management determined that the realization of our net deferred tax asset was more likely than not. As a result, we did not recognize a valuation allowance on our net deferred tax asset as of December 31, 2024. If it becomes more likely than not that some portion or the entire deferred tax asset will not be realized, a valuation allowance must be recognized. As a result, we did not recognize a valuation allowance on our net deferred tax asset as of December 31, 2019 or December 31, 2018. If it becomes more likely than not that some portion or the entire deferred tax asset will not be realized, a valuation allowance must be recognized. Our deferred tax asset may be further reduced in the future if estimates of future income or our tax planning strategies do not support the amount of the deferred tax assets. Charges to establish a valuation allowance with respect to our deferred tax asset could have a material adverse effect on our financial condition and results of operations.

Risks Related to an Investment in Our Common Stock

Our ability to pay cash dividends is limited, and we may be unable to pay future dividends even if we desire to do so.

The Federal Reserve has issued a policy statement regarding the payment of dividends by bank holding companies. In general, the Federal Reserve’s policies provide that dividends should be paid only out of current earnings and only if the prospective rate of earnings retention by the bank holding company appears consistent with the organization’s capital needs, asset quality and overall financial condition. The Federal Reserve’s policies also require that a bank holding company serve as a source of financial strength to its subsidiary banks by standing ready to use available resources to provide adequate capital funds to those banks during periods of financial stress or adversity and by maintaining the financial flexibility and capital-raising capacity to obtain additional resources for assisting its subsidiary banks where necessary. In addition, under the prompt corrective action regulations, the ability of a bank holding company to pay dividends may be restricted if a subsidiary bank becomes undercapitalized. These regulatory policies could affect our ability to pay dividends or otherwise engage in capital distributions.

Our ability to pay cash dividends may be limited by regulatory restrictions, by our Bank’s ability to pay cash dividends to the Company and by our need to maintain sufficient capital to support our operations. As a South Carolina-chartered bank, the Bank is subject to limitations on the amount of dividends that it is permitted to pay. Unless otherwise instructed by the S.C. Board, the Bank is generally permitted under South Carolina state banking regulations to pay cash dividends of up to 100% of net income in any calendar year without obtaining the prior approval of the S.C. Board. If our Bank is not permitted to pay cash dividends to us, it is unlikely that we would be able to pay cash dividends on our common stock. Moreover, holders of our common stock are entitled to receive dividends only when, and if declared by our board of directors. Although we have historically paid cash dividends on our common stock, we are not required to do so and our board of directors could reduce or eliminate our common stock dividend in the future.

Our stock price may be volatile, which could result in losses to our investors and litigation against us.

Our stock price has been volatile in the past and several factors could cause the price to fluctuate substantially in the future. These factors include but are not limited to: actual or anticipated variations in earnings, changes in analysts’ recommendations or projections, our announcement of developments related to our businesses, operations and stock performance of other companies deemed to be peers, new technology used or services offered by traditional and non-traditional competitors, news reports of trends, irrational exuberance on the part of investors, new federal banking regulations, and other issues related to the financial services industry. Our stock price may fluctuate significantly in the future, and these fluctuations may be unrelated to our performance. General market declines or market volatility in the future, especially in the financial institutions sector, could adversely affect the price of our common stock, and the current market price may not be indicative of future market prices. Stock price volatility may make it more difficult for you to resell your common stock when you want and at prices you find attractive. Moreover, in the past, securities class action lawsuits have been instituted against some companies following periods of volatility in the market price of its securities. We could in the future be the target of similar litigation. Securities litigation could result in substantial costs and divert management’s attention and resources from our normal business.

Future sales of our stock by our shareholders or the perception that those sales could occur may cause our stock price to decline.

Although our common stock is listed for trading on The NASDAQ Capital Market, the trading volume in our common stock is lower than that of other larger financial services companies. A public trading market having the desired characteristics of depth, liquidity, and orderliness depends on the presence in the marketplace of willing buyers and sellers of our common stock at any given time. This presence depends on the individual decisions of investors and general economic and market conditions over which we have no control. Given the relatively low trading volume of our common stock, significant sales of our common stock in the public market, or the perception that those sales may occur, could cause the trading price of our common stock to decline or to be lower than it otherwise might be in the absence of those sales or perceptions.

Economic and other circumstances may require us to raise capital at times or in amounts that are unfavorable to us. If we have to issue shares of common stock, they will dilute the percentage ownership interest of existing shareholders and may dilute the book value per share of our common stock and adversely affect the terms on which we may obtain additional capital.

We may need to incur additional debt or equity financing in the future to make strategic acquisitions or investments or to strengthen our capital position. Our ability to raise additional capital, if needed, will depend on, among other things, conditions in the capital markets at that time, which are outside of our control and our financial performance. We cannot provide assurance that such financing will be available to us on acceptable terms or at all, or if we do raise additional capital that it will not be dilutive to existing shareholders.

If we determine, for any reason, that we need to raise capital, subject to applicable NASDAQ rules, our board generally has the authority, without action by or vote of the shareholders, to issue all or part of any authorized but unissued shares of stock for any corporate purpose, including issuance of equity-based incentives under or outside of our equity compensation plans. Additionally, we are not restricted from issuing additional common stock or preferred stock, including any securities that are convertible into or exchangeable for, or that represent the right to receive, common stock or preferred stock or any substantially similar securities. The market price of our common stock could decline as a result of sales by us of a large number of shares of common stock or preferred stock or similar securities in the market or from the perception that such sales could occur. If we issue preferred stock that has a preference over the common stock with respect to the payment of dividends or upon liquidation, dissolution or winding-up, or if we issue preferred stock with voting rights that dilute the voting power of the common stock, the rights of holders of the common stock or the market price of our common stock could be adversely affected. Any issuance of additional shares of stock will dilute the percentage ownership interest of our shareholders and may dilute the book value per share of our common stock. Shares we issue in connection with any such offering will increase the total number of shares and may dilute the economic and voting ownership interest of our existing shareholders.

Provisions of our articles of incorporation and bylaws, South Carolina law, and state and federal banking regulations, could delay or prevent a takeover by a third party.

Our articles of incorporation and bylaws could delay, defer, or prevent a third party takeover, despite possible benefit to the shareholders, or otherwise adversely affect the price of our common stock. Our governing documents:

In addition, the South Carolina business combinations statute provides that a 10% or greater shareholder of a resident domestic corporation cannot engage in a “business combination” (as defined in the statute) with such corporation for a period of two years following the date on which the 10% shareholder became such, unless the business combination or the acquisition of shares is approved by a majority of the disinterested members of such corporation’s board of directors before the 10% shareholder’s share acquisition date. This statute further provides that at no time (even after the two-year period subsequent to such share acquisition date) may the 10% shareholder engage in a business combination with the relevant corporation unless certain approvals of the board of directors or disinterested shareholders are obtained or unless the consideration given in the combination meets certain minimum standards set forth in the statute. The law is very broad in its scope and is designed to inhibit unfriendly acquisitions, but it does not apply to corporations whose articles of incorporation contain a provision electing not to be covered by the law. Our articles of incorporation do not contain such a provision. An amendment of our articles of incorporation to that effect would, however, permit a business combination with an interested shareholder even though such status was obtained prior to the amendment.

Finally, the Change in Bank Control Act and the Bank Holding Company Act generally require filings and approvals prior to certain transactions that would result in a party acquiring control of the Company or the Bank.

An investment in our common stock is not an insured deposit.

Our common stock is not a bank deposit and, therefore, is not insured against loss by the FDIC, any other deposit insurance fund or by any other public or private entity. An investment in our common stock is inherently risky for the reasons described in this “Risk Factors” section and elsewhere in this report and is subject to the same market forces that affect the price of common stock in any company. As a result, if you acquire our common stock, you may lose some or all of your investment.

General Risk Factors

Evolving ESG expectations could increase costs and risks

Regulatory, investor, and stakeholder expectations around environmental, social, and governance (“ESG”) practices continue to evolve, potentially increasing compliance costs and operational burdens. Recent shifts in U.S. policies have altered the landscape of ESG practices. The Trump Administration has rolled back several climate initiatives and withdrawn from international agreements, such as the Paris Climate Accord. These changes may reduce certain compliance requirements but also introduce uncertainty regarding future regulations. Stakeholders, including investors and customers, continue to scrutinize corporate ESG practices, and failure to meet their evolving expectations could impact our reputation and financial performance. Additionally, state-level regulations and international standards may impose differing ESG requirements, leading to potential operational complexities.

Climate change could have a material adverse impact on us and our customers.

We are exposed to risks of physical impacts of climate change and risks arising from the process of transitioning to a less carbon-dependent economy. Climate change-related physical risks include increased severity and frequency of adverse weather events, such as extreme storms and flooding, and longer-term shifts in climate patterns, such as rising temperatures and sea levels and changes in precipitation amount and distribution. Such physical risks may have adverse impacts on us, both directly on our business operations and as a result of impacts on our borrowers and counterparties, such as declines in the value of loans, investments, real estate and other assets, disruptions in business operations and economic activity, including supply chains, and market volatility.

The risks associated with climate change are rapidly changing and evolving, making them difficult to assess due to limited data and other uncertainties. We could experience increased expenses resulting from strategic planning, litigation, and technology and market changes, and reputational harm as a result of negative public sentiment, regulatory scrutiny, and reduced investor and stakeholder confidence due to our response to climate change and our climate change strategy, which, in turn, could have a material negative impact on our business, results of operations, and financial condition.

Our historical operating results may not be indicative of our future operating results.

We may not be able to sustain our historical rate of growth, and, consequently, our historical results of operations will not necessarily be indicative of our future operations. Various factors, such as economic conditions, regulatory and legislative considerations, and competition, may also impede our ability to expand our market presence. If we experience a significant decrease in our historical rate of growth, our results of operations and financial condition may be adversely affected because a high percentage of our operating costs are fixed expenses.

A downgrade of the U.S. credit rating could negatively impact our business, results of operations and financial condition.

Recent developments have heightened concerns about the U.S. credit rating and its potential impact on our business. In August 2023, Fitch Ratings downgraded the U.S. long-term credit rating from “AAA” to “AA+”, citing expected fiscal deterioration, a high and growing government debt burden, and erosion of governance standards. Subsequently, in November 2023, Moody’s Investors Service revised its outlook on U.S. ratings to negative, reflecting large fiscal deficits and a decline in debt affordability. These downgrades underscore the potential risks associated with U.S. fiscal policy, including political polarization and challenges in managing the national debt. Such factors could lead to increased borrowing costs, market volatility, and a potential decline in investor confidence. These conditions may adversely affect our business operations, financial condition, and results.

Item 1B. Unresolved Staff Comments.

Not applicable.

Item 1C. Cybersecurity

Our risk management program is designed to identify, assess, and mitigate risks across various aspects of our company, including financial, operational, regulatory, reputational, and legal. Cybersecurity is a critical component of this program, given the increasing reliance on technology and potential for cyber threats. Our Information Security Officer has primary oversight of the cybersecurity component of the Bank’s risk management program, together with our Director of Information Technology Infrastructure. Both of these individuals are key members of senior management, reporting directly to the Chief Operations/Chief Risk Officer and as discussed below, periodically to the Audit & Compliance Committee of our board of directors.

Our objective for managing cybersecurity risk is to avoid or minimize the impacts of external threat events or other efforts to penetrate, disrupt or misuse our systems or information. The structure of our information security program is designed around the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework, regulatory guidance, and other industry standards. In addition, we leverage certain industry and government associations, third-party benchmarking, audits, and threat intelligence feeds to facilitate and promote program effectiveness. Our Information Security Officer and Director of Information Technology Infrastructure and Chief Operations/Chief Risk Officer along with other key members of management regularly collaborate with expert resources, industry groups, and regulators to discuss cybersecurity trends and issues and identify best practices. The information security program is periodically reviewed and reported upon to the Audit & Compliance Committee of the Board with the goal of addressing changing threats, risks, and conditions.

We employ an in-depth, layered, defensive strategy that embraces a “trust by design” philosophy when designing new products, services, and technology. We leverage people, processes, and technology as part of our efforts to manage and maintain cybersecurity controls. We also employ a variety of preventative, detective and corrective controls/tools designed to monitor, block, and provide alerts regarding suspicious activity, as well as to report on suspected advanced persistent threats. We have established processes and systems designed to mitigate cyber risk, including regular and ongoing education and training, preparedness simulations, tabletop exercises, and recovery and resilience tests. We engage in regular assessments of our infrastructure, software systems, and network architecture, using internal cybersecurity measures and third-party specialists. We also maintain a third-party risk management program designed to identify, assess, and manage risks, including cybersecurity risks, associated with external service providers and our supply chain. We actively monitor our email gateways for malicious phishing email campaigns and monitor remote connections. We leverage internal and external auditors and independent external partners to periodically review our processes, systems, and controls, including with respect to our information security program, to assess their design and operating effectiveness and make recommendations to strengthen our risk management program.

We maintain an Incident Response Program that provides a documented framework for responding to actual or potential cybersecurity incidents, including timely notification of and escalation to the appropriate executive officers, Board-approved committees, regulators, law enforcement and the Audit & Compliance Committee of our board of directors. The Incident Response Plan is coordinated through the Information Security Officer and key members of management are embedded into the Plan by its design. The Incident Response Plan facilitates coordination across multiple parts of our organization and is evaluated at least annually.

Notwithstanding our defensive measures and processes, the threat posed by cyber attacks is severe. Our internal systems, processes, and controls are designed to mitigate loss from cyber attacks. To date, cybersecurity threats have not materially affected our company, but we remain diligent, nonetheless. For further discussion of risks from cybersecurity threats, see the section captioned “Our Information Systems May Experience Failure, Interruption or Breach in Security” in Item 1A. Risk Factors.

Governance

Our Information Security Officer is accountable for oversight, risk assessment and reporting on our information security program, leveraging the Director of Information Technology Infrastructure and other resources as needed. Responsibilities include cybersecurity risk assessment, defense operations, incident response, vulnerability assessment, threat intelligence, identity access governance, third-party risk management, board training, employee training, and business resilience. The foregoing responsibilities are covered on a day-to-day basis by a first line of defense function, and our second line of defense function, including the Information Security Officer, provides guidance, oversight, monitoring and challenge of the first line’s activities. The second line of defense function is separated from the first line of defense function through organizational structure and ultimately reports directly to the board of directors with a functional reporting line to the Chief Operations/Risk Officer. Both the first line of defense and the second line of defense are subject to experience and professional education requirements. In particular, our Information Security Officer has substantial relevant expertise and formal training in the areas of information security and cybersecurity risk management. Our board of directors has approved management committees including the Information Technology Steering Committee, which focuses on technology impact and business impact. This committee provides oversight and governance of the technology program and the information security program. This committee is chaired jointly by the Information Security Officer and Director of Information Technology Infrastructure and made up of key departmental managers from throughout the entire company. Two executive leadership team members oversee this committee.

The Information Security Officer reports summaries of key issues, including significant cybersecurity and/or privacy incidents, to the Audit & Compliance Committee of our board of directors on a quarterly basis (or more frequently as may be required by the Incident Response Plan).The Audit & Compliance Committee of our board of directors is responsible for overseeing our information security and technology programs, including management’s actions to identify, assess, mitigate, and remediate or prevent material cybersecurity issues and risks. Our Information Security Officer also provides quarterly reports to the Audit & Compliance Committee of our board of directors regarding the information security program and the technology program, key enterprise cybersecurity initiatives, and other matters relating to cybersecurity processes. The executive leadership team and the board of directors review and approve our information security and technology budgets and strategies annually.

Additionally, the Audit & Compliance Committee of our board of directors reviews our cyber security risk profile on a quarterly basis and provides a report to the full board of directors at no later than the next board meeting after their meetings.