CIVISTA BANCSHARES, INC. (CIVB) Business

Item 1. Business

General Development of Business

CIVISTA BANCSHARES, INC. (“CBI” or the "Company") was organized under the laws of the State of Ohio on February 19, 1987 and is a registered financial holding company under the Gramm-Leach-Bliley Act of 1999, as amended (the “GLBA”). CBI’s office is located at 100 East Water Street, Sandusky, Ohio. CBI and its subsidiaries are sometimes referred to together as the “Company”. The Company had total consolidated assets of $4,336,453 at December 31, 2025.

CIVISTA BANK (“Civista”), owned by the Company since 1987, opened for business in 1884 as The Citizens National Bank. In 1898, Civista was reorganized under Ohio banking law and was known as The Citizens Bank and Trust Company. In 1908, Civista surrendered its trust charter and began operation as The Citizens Banking Company. The name Civista Bank was introduced during the first quarter of 2015 to distinguish ourselves from the many other banks using the “Citizens” name in our existing and prospective markets. Civista maintains its main office at 100 East Water Street, Sandusky, Ohio and operates branch banking offices in the following Ohio communities: Sandusky, Spencer, Wellington, Norwalk, Berlin Heights, Huron, Port Clinton, Castalia, New Washington, Shelby, Willard, Greenwich, Plymouth, Shiloh, Akron, Dublin, Plain City, Russells Point, Urbana, West Liberty, Quincy, Dayton, Beachwood, Gahanna, Napoleon, Malinta, Liberty Center, Holgate, Bowling Green, and in the following Indiana communities: Lawrenceburg, Aurora, West Harrison, Milan, Osgood and Versailles. Civista also operates loan production offices in Westlake, Ohio and Fort Mitchell, Kentucky and a leasing company office in Pittsburgh, Pennsylvania. Civista and its wholly owned subsidiaries as discussed below, accounted for 99.8% of the Company’s consolidated assets at December 31, 2025.

FIRST CITIZENS INVESTMENTS, INC. (“FCI”) was formed in 2007 as a wholly owned subsidiary of Civista to hold and manage its securities portfolio. The operations of FCI are located in Wilmington, Delaware.

CIVISTA LEASING & FINANCING (“CLF”) formerly known as Vision Financial Group, Inc. ("VFG") was acquired in the fourth quarter of 2022 as a wholly owned subsidiary of Civista. Effective as of August 31, 2023, VFG was merged with and into Civista, and CLF is now operated as a full-service general equipment leasing and financing division of Civista. The operations of CLF are located in Pittsburgh, Pennsylvania.

FIRST CITIZENS INSURANCE AGENCY, INC. (“FCIA”) was formed as a wholly owned subsidiary of CBI to allow the Company to participate in commission revenue generated through its third-party insurance agreement.

WATER STREET PROPERTIES, INC. (“WSP”) was formed as a wholly owned subsidiary of CBI to hold properties repossessed by CBI subsidiaries.

CIVB RISK MANAGEMENT, INC. (“CRMI”), a wholly owned subsidiary of CBI, is a Delaware-based captive insurance company which insures against certain risks unique to the operations of the Company and for which insurance may not be currently available or economically feasible in today’s insurance marketplace. CRMI pools resources with several other similar insurance company subsidiaries of financial institutions to spread a limited amount of risk among themselves. CRMI is subject to regulations of the State of Delaware and undergoes periodic examinations by the Delaware Department of Insurance.

Acquisition of The Farmers Savings Bank

At the close of business on November 6, 2025, Civista closed the previously announced acquisition of The Farmers Savings Bank ("FSB"). The acquisition added approximately $268.1 million of total assets, $106.2 million of total loans and leases, $236.1 million of total deposits, and two branches in Medina and Lorain Counties in Northeast Ohio. The 2025 results reflect inclusion of FSB since November 7, 2025.

Upon the closing of the acquisition, FSB was merged with and into Civista Bank. In addition, the management and organization structure was updated to reflect the combined organization. On-boarding of former FSB colleagues and their initial training remain ongoing. Certain of Civista's products and services are being introduced across the legacy FSB customer base, and customer-facing colleagues are focused on both growing and retaining customers. Technology conversions were completed in mid-February 2026, subsequent to year-end, and did not impact the Company's December 31, 2025 financial statements.

3

Offering of Common Shares

On July 10, 2025, CBI announced an underwritten public offering of up to a maximum of 3,788,238 of its common shares. CBI subsequently closed on the sale of 3,294,120 common shares on July 14, 2025, and the sale of an additional 494,118 common shares on July 16, 2025 pursuant to the underwriters' exercise of their overallotment option, at the public offering price of $21.25 per share. The aggregate net proceeds from the offering were approximately $75.7 million, after deducting $608 of direct expenses and the underwriting discount of $4.2 million. The net proceeds from the offering were initially used to pay-down short-term FHLB advances, but the long-term strategic plan is to use the net proceeds for general corporate purposes, which may include supporting organic growth opportunities and future strategic transactions.

Narrative Description of Business

General

The Company’s primary business is incidental to the subsidiary bank and its subsidiaries. Civista, through its locations in the Ohio counties of Erie, Crawford, Champaign, Cuyahoga, Franklin, Huron, Logan, Lorain, Madison, Medina, Montgomery, Ottawa, Richland, Henry, Wood and Summit, in the Indiana counties of Dearborn and Ripley and in the Kentucky county of Kenton, conducts general banking business that involves collecting customer deposits, making loans, purchasing securities, and offering trust services. Civista also engages in a general equipment leasing and financing business nationwide through its CLF division.

Interest and fees on loans accounted for 77% of total revenue for 2025, 75% of total revenue for 2024, and 73% of total revenue for 2023. The Company’s primary focus of lending continues to be real estate loans, both residential and commercial in nature. Commercial real estate loans comprised 50% of the total loan portfolio in 2025, 52% of the total loan portfolio in 2024, and 54% of the total loan portfolio in 2023. Residential real estate mortgage loans comprised 29% of the total loan portfolio in 2025, 25% of the total loan portfolio in 2024, and 23% of the total loan portfolio in 2023. Commercial and agriculture loans comprised 9% of the total loan portfolio in 2025, 11% in 2024, and 11% in 2023. Civista’s loan portfolio does not include any foreign-based loans, loans to lesser-developed countries or loans to CBI or its other subsidiaries.

On a parent company only basis, CBI’s primary source of funds is the receipt of dividends paid by its subsidiaries, principally Civista. The ability of Civista to pay dividends is subject to limitations under various laws and regulations and to prudent and sound banking principles. Generally, subject to certain minimum capital requirements, Civista may declare a dividend without the approval of the State of Ohio Division of Financial Institutions (the “ODFI”) unless the total of the dividends in a calendar year exceeds the total net profits of the bank for the year combined with the retained profits of the bank for the two preceding years. At December 31, 2025, Civista had $31,647 of accumulated net profits available to pay dividends to CBI without approval of the ODFI.

The Company’s business is not seasonal, nor is it dependent on a single or small group of customers.

Business Strategy

The Company’s strategy is to compete for business by providing high quality, personal service to customers, enhanced local presence and customer access to our decision-makers, rapid decision-making, and competitive interest rates and fees. We develop and maintain business relationships by taking on leadership roles in our communities through the involvement of our experienced commercial and retail bankers, management team and Board of Directors. We believe we will continue to drive growth and increase profitability, while maintaining our high level of asset quality, by doing the following:

Expand Relationships in Our Communities

We emphasize relationship banking by maintaining and growing our customers and contacts with personal interaction by our bankers and management teams in the communities that we serve. We strive to do this by offering a full suite of competitive banking products through efficient and varied delivery channels tailored to the needs of our customers and potential customers. Civista, through its Civista Wealth Management division, also offers investment and advisory solutions. Our approach is personalized and focused on what our clients need. We provide individuals, families, business and non-profits with personalized investment management, 401(k) advisory services for employers, financial planning, trust services, and tailored lending.

4

Core Deposit Growth

We plan to continue to focus on growing our core, commercial operating and retail, non-maturity deposit base with an emphasis on relationship banking. Our business model focuses on gaining the majority of our customers’ banking relationships by implementing many best practices for community banks, including personalized service and technology. We believe that these generate “stickier” deposit accounts with larger average balances than might be attracted otherwise. From time to time, we also use pricing techniques in our efforts to attract banking relationships having larger than average balances.

Leverage Our Residential Mortgage Banking Infrastructure

We seek to leverage our mortgage banking infrastructure to support the origination of residential mortgage loans for sale into the secondary market. Mortgage loan originations and sales activity are strategies utilized to support growth in our non-interest income, while also serving to help manage the Company’s exposure to interest rate risk through the sale of longer-duration, fixed-rate loans into the secondary market.

Improve Our Operating Efficiency

Expense discipline is a key strategy to improve operating efficiency and contribute to earnings growth. We also strive to operate more efficiently by incorporating technology into our client offerings.

Maintain Robust Capital and Liquidity Levels

The Company’s capital position provides a source of strength and continues to significantly exceed all regulatory capital guidelines as demonstrated by the December 31, 2025, Tier 1 Leverage ratios of the Company and Civista of 11.3% and 12.3%, respectively. We plan to continue to maintain robust capital reserves.

In addition to our robust capital levels, we maintain significant sources of both on- and off-balance sheet liquidity and plan to continue to do so. At December 31, 2025, our liquid assets included $77.3 million of short-term cash and equivalents supplemented by $681.9 million of investment securities classified as available for sale which can be readily sold or pledged as collateral, if necessary. In addition, we had the capacity to borrow additional funds totaling $696.0 million from the Federal Home Loan Bank ("FHLB") of Cincinnati at December 31, 2025.

Ensure the Adequacy of Our Allowance for Credit Losses

Despite the challenges presented by the economic and overall market conditions over the past five years, our reserve levels have remained adequate with our total allowance for credit losses amounting to $42.0 million at December 31, 2025.

Market Area and Competition

At December 31, 2025, our primary market area consisted of the counties in which we currently operate branches, and loan production offices, including Erie, Crawford, Champaign, Cuyahoga, Franklin, Huron, Logan, Lorain, Madison, Medina, Montgomery, Ottawa, Richland, Henry, Wood and Summit Counties in Ohio, Dearborn and Ripley Counties in Indiana and Kenton County in Kentucky. Our lending is concentrated in these markets and our predominant sources of deposits are the communities in which our offices are located as well as the neighboring communities.

The banking business is highly competitive. We face substantial competition both in attracting deposits and in originating loans and commercial equipment leasing. We compete with numerous financial institutions, including large regional financial institutions, community banks, thrifts and credit unions operating within our market area. Nontraditional sources of competition for loan and deposit dollars come from captive auto finance companies, mortgage banking companies, internet banks, brokerage companies, insurance companies, business leasing and finance companies and direct mutual funds. As a result of their size, resources and ability to achieve economies of scale, certain of our competitors offer a broader range of products and services than we offer, as well as higher lending limits, which may adversely affect the ability of Civista to compete.

5

Products and Services

We offer a broad range of deposit and loan products and other banking services. These include personal and commercial checking accounts, retirement accounts, money market accounts, time and savings accounts, safe deposit boxes, wire transfers, access to automated teller services, internet banking, ACH origination, telephone banking, and mobile/digital banking. Civista also offers remote deposit capture banking for both retail and business customers, providing the ability to electronically scan and transmit checks for deposit.

Time deposits consist of certificates of deposit, including those held in IRA accounts. Reciprocal deposits are offered through Civista’s participation in the Certificate of Deposit Account Registry Service® (CDARS) and Insured Cash Sweep (ICS) programs offered through IntraFi, LLC. Customers who are Federal Deposit Insurance Corporation (“FDIC”) insurance sensitive are able to place large dollar deposits with Civista, and Civista uses either outlet to place those funds into certificates of deposit or money markets issued by other banks in the IntraFi Network. This occurs in increments of less than the FDIC insurance limits so that both the principal and interest are eligible for complete FDIC insurance coverage.

We offer commercial and personal loans on a secured and unsecured basis, revolving lines of credit, commercial mortgage loans, residential mortgage loans on both primary and secondary residences, home equity loans, bridge loans and other personal purpose loans. However, we are not and have not historically been a participant in the sub-prime lending market.

Commercial loans are loans made for business purposes and are primarily secured by collateral such as cash balances with Civista, business assets including accounts receivable, inventory and equipment, and liens on commercial real estate.

Construction loans are loans to finance the construction of commercial or residential properties secured by first liens on such properties. Commercial real estate loans include loans secured by first liens on completed commercial properties, including multi-family properties, to purchase or refinance such properties. Residential mortgages include loans secured by first liens on residential real estate to purchase or refinance primary and secondary residences. Home equity loans and lines of credit include loans secured by first or second liens on residential real estate for primary or secondary residences.

Consumer loans are made to individuals who qualify for auto loans, cash reserve, and installment loans. Our consumer loan portfolio includes unsecured overdraft lines of credit and personal loans as well as loans secured by savings accounts and certificates of deposit with Civista.

Our portfolio lending activities include the origination of one- to four-family first mortgage loans, primarily in our designated market area. The fixed-rate residential mortgage loans that we originate for portfolio generally meet the secondary mortgage market standards. As a complement to our residential one- to four-family portfolio lending activities, we operate a mortgage banking platform which supports the origination of one- to four-family mortgage loans that generally meet the secondary mortgage market standards. Such loans are generally originated by and sourced from the same resources and markets as those loans originated and held in our portfolio.

Through our equipment leasing and financing business operated by our CLF division, we offer commercial equipment leasing services for businesses nationwide.

Through our Civista Wealth Management division, we offer investment advisory services to individuals, families, businesses and non-profits with personalized investment management, 401(k) advisory services for employers, financial planning, and trust services.

Human Capital Resources

Our employees are vital to our success in the financial services industry. As a human-capital intensive business, the long-term success of our Company depends on our people. Our goal is to ensure that we have the right talent, in the right place, at the right time. We do that through our commitment to attracting, developing and retaining our employees.

We strive to attract individuals who are people-focused and share our values. We have a comprehensive program dedicated to selecting new talent and enhancing the skills of our employees. In our recruiting efforts, we strive to have

6

a diverse group of candidates to consider for our roles. To that end, we have strong relationships with a variety of industry associations that represent diverse professionals and partner with schools in the communities we serve to offer internship opportunities to students interested in the financial industry.

We have designed a compensation structure that we believe is attractive to our current and prospective employees. We also offer our employees the opportunity to participate in a variety of professional and leadership development programs. Our programs include a variety of industry, product, technical, professional, business development, leadership and regulatory topics. These programs are available online and in-person. In addition, we encourage all employees to be involved in the communities we serve through various volunteer activities.

We seek to retain our employees by using their feedback to create and continually enhance programs that support their needs. We use company-wide surveys to solicit feedback from our employees. We have a formal annual goal setting and performance review process for our employees. We promote a values-based culture, an important factor in retaining our employees. Our training, to share and communicate our culture to all employees, plays an important part in this process. We are committed to having a diverse workforce, and an inclusive work environment is a natural extension of our culture. We are committed to ensuring that all our employees feel welcomed, valued, respected and heard so that they can fully contribute their unique talents for the benefit of our customers, their careers, our Company and our communities.

We monitor and evaluate various turnover and attrition metrics throughout our organization. Our annualized voluntary turnover is relatively low, as is the case for turnover of our top performers, a record which we attribute to our strong values-based culture, commitment to career development, and attractive compensation and benefit programs.

Civista employs approximately 526 full-time equivalent employees to whom a variety of benefits are provided. CBI has no employees. CBI and its subsidiaries are not parties to any collective bargaining agreements. Management considers its relationship with its employees to be good.

Supervision and Regulation

CBI and its subsidiaries are subject to extensive supervision and regulation by federal and state agencies. The regulation of financial holding companies and their subsidiaries is intended primarily for the protection of consumers, depositors, borrowers, the Deposit Insurance Fund (the “DIF”) and the banking system as a whole, and not for the protection of shareholders. Applicable laws and regulations restrict permissible activities and investments and require actions to protect loan, deposit, brokerage, fiduciary and other customers, as well as the DIF. These laws and regulations also may restrict the ability of CBI to pay dividends to its shareholders, to repurchase its common shares or to receive dividends from Civista, and impose capital adequacy and liquidity requirements.

The following is a summary of the regulatory agencies that supervise and regulate CBI and Civista and the statutes and regulations that have, or could have, a material impact on the Company’s business. This discussion is qualified in its entirety by reference to such statutes and regulations. The statutes and regulations applicable to the Company are continually under review by the United States Congress and state legislatures and federal and state regulatory agencies, and a change in statutes, regulations or regulatory policies applicable to the Company could have a material effect on the Company’s business.

The Bank Holding Company Act: As a financial holding company, CBI is subject to regulation under the Bank Holding Company Act of 1956, as amended (the “BHCA”), and the examination and reporting requirements of the Board of Governors of the Federal Reserve System (the “Federal Reserve Board”). Under the BHCA, CBI is subject to periodic examination by the Federal Reserve Board and is required to file periodic reports regarding its operations and any additional information that the Federal Reserve Board may require. The Federal Reserve Board also has extensive enforcement authority over financial and bank holding companies, including the ability to assess civil money penalties, issue cease and desist and removal orders, and require that a financial or bank holding company divest subsidiaries, including its subsidiary banks.

Under applicable law and Federal Reserve Board policy, a financial or bank holding company is expected to act as a source of strength to each of its subsidiary banks. The Federal Reserve Board may require a financial or bank holding company to contribute additional capital to an undercapitalized subsidiary bank and may disapprove of the payment of dividends to shareholders if the Federal Reserve Board believes the payment of such dividends would be an unsafe or unsound practice.

7

The BHCA generally limits the activities of a bank holding company to banking, managing or controlling banks, furnishing services to or performing services for its subsidiaries and engaging in any other activities that the Federal Reserve Board has determined to be so closely related to banking or to managing or controlling banks as to be a proper incident to those activities. In addition, the BHCA requires every bank holding company to obtain the approval of the Federal Reserve Board prior to acquiring all or substantially all of the assets of any bank or another financial or bank holding company, acquiring direct or indirect ownership or control of more than 5% of the voting shares of any bank not already majority-owned by it, or merging or consolidating with another financial or bank holding company.

In April 2020, the Federal Reserve Board adopted a final rule to revise its regulations related to determinations of whether a company has the ability to exercise a controlling influence over another company for purposes of the BHCA. The final rule expands and codifies the presumptions for use in such determinations. By codifying the presumptions, the final rule provides greater transparency on the types of relationships that the Federal Reserve Board generally views as supporting a facts-and-circumstances determination that one company controls another company. The Federal Reserve Board’s final rule applies to questions of control under the BHCA, but does not extend to the Change in Bank Control Act.

Federal Reserve System: The Federal Reserve Board requires all depository institutions to maintain reserves at specified levels against their transaction accounts, primarily checking accounts. In response to the COVID-19 pandemic, the Federal Reserve Board reduced reserve requirement ratios to 0% effective on March 26, 2020, to support lending to households and businesses. The reserve requirement ratio remained at 0% as of December 31, 2025.

Gramm-Leach-Bliley Act (“GLBA)”: The GLBA permits qualifying bank holding companies to elect to become financial holding companies and thereby affiliate with securities firms and insurance companies and engage in other activities that are financial in nature if (i) the holding company is well capitalized and well managed and (ii) each of the holding company’s subsidiary banks is well capitalized under the FDIC’s Deposit Insurance Corporation Act of 1991 prompt corrective action provisions, is well managed, and has at least a satisfactory rating under the Community Reinvestment Act (the “CRA”). In March 2000, CBI became a financial holding company. No regulatory approval is required for a financial holding company to acquire a company, other than a bank or a savings association, engaged in activities that are financial in nature or incidental to activities that are financial in nature, as determined by the Federal Reserve Board.

The GLBA defines “financial in nature” to include:

•
securities underwriting, dealing and market making;

•
sponsoring mutual funds and investment companies;

•
insurance underwriting and agency;

•
merchant banking; and

•
activities that the Federal Reserve Board has determined to be closely related to banking.

If a financial holding company or a subsidiary bank fails to maintain all requirements for the holding company to maintain financial holding company status, material restrictions may be placed on the activities of the financial holding company and its subsidiaries and on the ability of the holding company to enter into certain transactions and obtain regulatory approvals for new activities and transactions. The financial holding company could also be required to divest of subsidiaries that engage in activities that are not permitted for bank holding companies that are not financial holding companies. If restrictions are imposed on the activities of a financial holding company, the existence of such restrictions may not be made publicly available pursuant to confidentiality regulations of the bank regulatory agencies.

Transactions with Affiliates, Directors, Executive Officers and Shareholders: Transactions between Civista and its affiliates, including CBI, are subject to Sections 23A and 23B of the Federal Reserve Act, and Federal Reserve Board Regulation W, which generally limit the extent to which Civista may engage in “covered transactions” with affiliates and require that the terms of any such transactions be the same, or at least as favorable, to Civista as the terms provided in a similar transaction between Civista and an unrelated party. The term “covered transaction” includes the making of a loan to an affiliate, the purchase of assets from an affiliate, the issuance of a guarantee on behalf of an affiliate, the purchase of securities issued by an affiliate and other similar types of transactions.

A bank’s authority to extend credit to executive officers, directors and greater than 10% shareholders, as well as entities such persons control, is subject to Sections 22(g) and 22(h) of the Federal Reserve Act and Regulation O promulgated thereunder by the Federal Reserve Board. Among other things, these loans must be made on terms (including interest rates charged and collateral required) substantially similar to those offered to unaffiliated

8

individuals or be made as part of a benefit or compensation program and on terms widely available to employees, and must not involve a greater than normal risk of repayment. In addition, the amount of loans a bank may make to these affiliated persons is based, in part, on the bank’s capital position, and specified approval procedures must be followed in making loans which exceed specified amounts.

Federal Deposit Insurance Corporation (“FDIC”): The FDIC is an independent federal agency which insures the deposits of federally-insured banks and savings associations up to certain prescribed limits and safeguards the safety and soundness of financial institutions. The general insurance limit is $250,000 per separately insured depositor. This insurance is backed by the full faith and credit of the United States Government.

As insurer, the FDIC is authorized to conduct examinations of and to require reporting by insured institutions, including Civista, to prohibit any insured institution from engaging in any activity the FDIC determines to pose a threat to the DIF, and to take enforcement actions against insured institutions. The FDIC may terminate insurance of deposits of any institution if the FDIC finds that the institution has engaged in unsafe and unsound practices, is in an unsafe or unsound condition or has violated any applicable law, regulation, rule, order or condition imposed by the FDIC or other regulatory agency.

The FDIC assesses a quarterly deposit insurance premium on each insured institution based on risk characteristics of the insured institution to the DIF, with institutions deemed less risky paying lower rates. Currently, assessments for institutions with less than $10 billion of total assets are based on financial measures and supervisory ratings derived from statistical models that estimate the probability of failure within three years. The FDIC may increase or decrease the range of assessments uniformly, except that no adjustments can deviate more than two basis points from the base assessment without notice and comment rule making. The FDIC may also impose special assessments in emergency situations. The premiums fund the DIF. Pursuant to the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (the “Dodd-Frank Act”), the FDIC has established 2.0% as the designated reserve ratio (“DRR”), which is the amount in the DIF as a percentage of all DIF insured deposits. In March 2016, the FDIC adopted final rules designed to meet the statutory minimum DRR of 1.35%. Because the DRR fell below the minimum DRR to 1.30%, the FDIC adopted a restoration plan requiring the restoration of the DRR to 1.35% within eight years (September 30, 2028). The FDIC rules further changed the method of determining risk-based assessment rates for established banks with less than $10 billion in assets to better ensure that banks taking on greater risks pay more for deposit insurance than banks that take on less risk. As of December 31, 2025, the DRR was above the statutory minimum of 1.35%.

The FDIC is authorized to prohibit any insured institution from engaging in any activity that poses a serious threat to the insurance fund and may initiate enforcement actions against a bank, after first giving the institution’s primary regulatory authority an opportunity to take such action. The FDIC may also terminate the deposit insurance of any institution that has engaged in or is engaging in unsafe or unsound practices, is in an unsafe or unsound condition to continue operations or has violated any applicable law, order or condition imposed by the FDIC.

Consumer Protection Laws: Civista is subject to a number of federal and state consumer protection laws that extensively govern our relationship with our customers. These laws include the Equal Credit Opportunity Act, the Fair Credit Reporting Act, the Truth in Lending Act, the Truth in Savings Act, the Electronic Fund Transfer Act, the Expedited Funds Availability Act, the Home Mortgage Disclosure Act, the Fair Housing Act, the Real Estate Settlement Procedures Act, the Fair Debt Collection Practices Act, the Service Members Civil Relief Act and these laws’ respective state-law counterparts, as well as state usury laws and laws regarding unfair and deceptive acts and practices. These and other federal and state laws, among other things, require disclosures of the cost of credit and terms of deposit accounts, provide substantive consumer rights, prohibit discrimination in credit transactions, regulate the use of credit report information, provide financial privacy protections, prohibit unfair, deceptive and abusive practices, restrict our ability to raise interest rates and subject us to substantial regulatory oversight. Violations of applicable consumer protection laws can result in significant potential liability from litigation brought by customers, including actual damages, restitution and attorneys’ fees. Federal bank regulators, state attorneys general and state and local consumer protection agencies may also seek to enforce consumer protection requirements and obtain these and other remedies, including regulatory sanctions, customer rescission rights, action by the state and local attorneys general in each jurisdiction in which we operate and civil money penalties. Failure to comply with consumer protection requirements may also result in our failure to obtain any required bank regulatory approval for merger or acquisition transactions we may wish to pursue or our prohibition from engaging in such transactions even if approval is not required.

The Consumer Financial Protection Bureau (“CFPB”) is a federal agency responsible for implementing, examining and enforcing compliance with federal consumer protection laws. The CFPB has broad rulemaking authority for a

9

wide range of consumer financial laws that apply to all banks, including, among other things, laws relating to fair lending and the authority to prohibit “unfair, deceptive or abusive” acts and practices. Abusive acts or practices are defined as those that materially interfere with a consumer’s ability to understand a term or condition of a consumer financial product or service or take unreasonable advantage of a consumer’s (i) lack of financial savvy, (ii) inability to self-protect in the selection or use of consumer financial products or services, or (iii) reasonable reliance on a covered entity to act in the consumer’s interests. The CFPB can issue cease-and-desist orders against banks and other entities that violate consumer financial laws. The CFPB may also institute a civil action against an entity in violation of federal consumer financial law in order to impose a civil penalty or injunction. The CFPB has examination and enforcement authority over all banks with more than $10 billion in assets, as well as their affiliates. Banking regulators take into account compliance with consumer protection laws when considering approval of a proposed transaction.

In October 2024, the CFPB issued a final rule that requires a provider of payment accounts or products, such as a bank, to make data available to consumers, free upon request, regarding the products or services they obtain from the provider. Any such data provider is also required to make such data available to third parties, with the consumer’s express authorization and through an interface that satisfies formatting, performance, and security standards, for the purpose of such third parties providing the consumer with financial products or services requested by the consumer. Data required to be made available under the rule includes transaction information, account balance, account and routing numbers, terms and conditions, upcoming bill information, and certain account verification data. The final rule is intended to give consumers control over their financial data, including with whom it is shared, and encourage competition in the provision of consumer financial products or services. Banks with over $3 billion and less than $10 billion in total assets must comply with the new requirements by April 1, 2028.

Community Reinvestment Act ("CRA"): The CRA requires depository institutions to assist in meeting the credit needs of their market areas, including low- and moderate-income areas, consistent with safe and sound banking practice. Under this Act, each institution is required to adopt a statement for each of its market areas describing the depository institution’s efforts to assist in its community’s credit needs. Depository institutions are periodically examined for compliance and assigned one of four ratings: outstanding, satisfactory, needs improvement, or substantial noncompliance. The rating assigned to a financial institution is considered in connection with various applications submitted by a financial institution or its holding company to its banking regulators, including applications to acquire another financial institution or to open a new branch office. In addition, all subsidiary banks of a financial holding company must maintain a satisfactory or outstanding rating in order for the financial holding company to avoid limitations on its activities. Civista received a rating of “satisfactory" in its most recent CRA examination.

Economic Growth, Regulatory Relief and Consumer Protection Act: The Economic Growth, Regulatory Relief and Consumer Protection Act (the "Regulatory Relief Act") repealed or modified certain provisions of the Dodd-Frank Act and eased restrictions on all but the largest banks (those with consolidated assets in excess of $250 billion). Bank holding companies with consolidated assets of less than $100 billion, including CBI, are no longer subject to enhanced prudential standards. The Regulatory Relief Act also relieves bank holding companies and banks with consolidated assets of less than $100 billion, including CBI and Civista, from certain record-keeping, reporting and disclosure requirements. Certain other regulatory requirements applied only to banks with consolidated assets in excess of $50 billion and so did not apply to CBI or Civista even before the enactment of the Regulatory Relief Act.

Patriot Act and Anti-Money Laundering: The Uniting and Strengthening of America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (the “Patriot Act”) gives the United States government powers to address terrorist threats through enhanced domestic security measures, expanded surveillance powers, increased information sharing and broadened anti-money laundering requirements. Title III of the Patriot Act encourages information sharing among bank regulatory agencies and law enforcement bodies. Further, certain provisions of Title III impose affirmative obligations on a broad range of financial institutions. Among other requirements, Title III and related regulations require regulated financial institutions to establish a program specifying procedures for obtaining identifying information from customers seeking to open new accounts and establish enhanced due diligence policies, procedures and controls designed to detect and report suspicious activity. Civista has established policies and procedures that Civista believes comply with the requirements of the Patriot Act.

The Anti-Money Laundering Act of 2020 (the “AMLA”), which amends the Bank Secrecy Act of 1970 (the “BSA”), was enacted in January 2021. The AMLA is intended to be a comprehensive reform and modernization to U.S. bank secrecy and anti-money laundering laws. Among other things, it codifies a risk-based approach to anti-money laundering compliance for financial institutions; requires the development of standards for evaluating technology and internal processes for BSA compliance; expands enforcement-related and investigation-related authority, including

10

increasing available sanctions for certain BSA violations and instituting BSA whistleblower initiatives and protections.

Office of Foreign Assets Control Regulation. The U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) administers and enforces economic and trade sanctions against targeted foreign countries and regimes, under authority of various laws, including designated foreign countries, nationals and others. OFAC publishes lists of specially designated targets and countries. Civista is responsible for, among other things, blocking accounts of, and transactions with, such targets and countries, prohibiting unlicensed trade and financial transactions with them and reporting blocked transactions after their occurrence. Failure to comply with these sanctions could have serious financial, legal and reputational consequences, including causing applicable bank regulatory authorities not to approve merger or acquisition transactions when regulatory approval is required or to prohibit such transactions even if approval is not required. Regulatory authorities have imposed cease and desist orders and civil money penalties against institutions found to be violating these obligations.

Securities and Exchange Commission ("SEC") and The Nasdaq Stock Market LLC ("Nasdaq"): CBI is also under the jurisdiction of the SEC and certain state securities commissions for matters relating to the offering and sale of its securities. CBI is subject to the registration, disclosure, reporting and regulatory requirements of the Securities Act of 1933, as amended (the "Securities Act"), the Securities Exchange Act of 1934, as amended (the "Exchange Act"), and the regulations promulgated under each of the Securities Act and the Exchange Act, as administered by the SEC. CBI’s common shares are listed with Nasdaq under the symbol "CIVB" and CBI is subject to the rules applicable to Nasdaq listed companies.

Corporate Governance: As mandated by the Sarbanes-Oxley Act of 2002, the SEC has adopted rules and regulations governing, among other matters, corporate governance, auditing and accounting, executive compensation and enhanced and timely disclosure of corporate information. Nasdaq has also adopted corporate governance rules. The Board of Directors of the Company has taken a series of actions to strengthen and improve the Company’s governance practices in light of the rules of the SEC and Nasdaq. The Board of Directors has adopted charters for the Audit Committee, the Compensation Committee, the Nominating Committee and the Board Risk Committee, as well as a Code of Conduct (Ethics) applicable to all directors, officers and employees of the Company. Copies of the Code of Conduct and the Audit, Compensation, and Nominating Committee charters can be found on the Company’s website at www.civb.com by first clicking “Corporate Overview” and then “Governance Documents”. In addition, in accordance with Section 302(a) of the Sarbanes-Oxley Act, written certifications by CBI’s Chief Executive Officer and Chief Financial Officer are required. These certifications attest that CBI’s quarterly and annual reports filed with the SEC do not contain any untrue statement of a material fact. See "ITEM 9A. CONTROLS AND PROCEDURES” in Part II of this Annual Report on Form 10-K for CBI’s evaluation of its disclosure controls and procedures.

Regulation of Bank Subsidiary: As an Ohio chartered bank, Civista is subject to supervision and regulation by the ODFI. In addition, Civista is a member of the Federal Reserve System and, therefore, is subject to supervision and regulation by the Federal Reserve Board. Civista is subject to periodic examinations by both the ODFI and the Federal Reserve Board. These examinations are designed primarily for the protection of the depositors of the bank and not shareholders.

Banking subsidiaries of financial and bank holding companies are also subject to federal regulation regarding such matters as reserves, limitations on the nature and amount of loans and investments, issuance or retirement of its own securities, limitations on the payment of dividends and other aspects of banking operations.

Regulatory Capital Requirements: The Federal Reserve Board has adopted risk-based guidelines for financial holding companies and other bank holding companies as well as state member banks, and the FDIC has adopted risk-based capital guidelines for state non-member banks. The guidelines provide a systematic analytical framework which makes regulatory capital requirements sensitive to differences in risk profiles among banking organizations, takes off-balance sheet exposures expressly into account in evaluating capital adequacy, and minimizes disincentives to holding liquid, low-risk assets. Capital levels as measured by these standards are also used to categorize financial institutions for purposes of certain prompt corrective action regulatory provisions.

In July 2013, the United States banking regulators issued new capital rules applicable to smaller banking organizations which also implement certain of the provisions of the Dodd-Frank Act (the “Basel III Capital Rules”). Community banking organizations, including CBI and Civista, began transitioning to the new rules on January 1, 2015. The new minimum capital requirements became effective on January 1, 2015.

The Basel III Capital Rules include (a) a minimum common equity tier 1 capital ratio of 4.5%, (b) a minimum Tier 1 capital ratio of 6.0%, (c) a minimum total capital ratio of 8.0%, and (d) a minimum leverage ratio of 4.0%.

11

Common equity for the common equity tier 1 capital ratio generally includes common stock (plus related surplus), retained earnings, accumulated other comprehensive income (unless an institution elects to exclude such income from regulatory capital), and limited amounts of minority interests in the form of common stock, subject to applicable regulatory adjustments and deductions.

Tier 1 capital generally includes common equity as defined for the common equity tier 1 capital ratio, plus certain non-cumulative preferred stock and related surplus, cumulative preferred stock and related surplus, trust preferred securities that have been grandfathered (but which are not permitted going forward), and limited amounts of minority interests in the form of additional Tier 1 capital instruments, less certain deductions.

Tier 2 capital, which can be included in the total capital ratio, generally consists of other preferred stock and subordinated debt meeting certain conditions plus limited amounts of the allowance for loan and lease losses, subject to specified eligibility criteria, less applicable deductions.

The deductions from common equity tier 1 capital include goodwill and other intangibles, certain deferred tax assets, mortgage-servicing assets above certain levels, gains on sale in connection with a securitization, investments in a banking organization’s own capital instruments and investments in the capital of unconsolidated financial institutions (above certain levels).

Under the guidelines, capital is compared to the relative risk related to the balance sheet. To derive the risk included in the balance sheet, one of several risk weights is applied to different balance sheet and off-balance sheet assets, primarily based on the relative credit risk of the counterparty. The capital amounts and classification are also subject to qualitative judgments by the regulators about components, risk weightings and other factors.

The Basel III Capital Rules also place restrictions on the payment of capital distributions, including dividends, and certain discretionary bonus payments to executive officers if the banking organization does not hold a capital conservation buffer of at least 2.5% composed of common equity tier 1 capital above its minimum risk-based capital requirements, or if its eligible retained income is negative in that quarter and its capital conservation buffer ratio was less than 2.5% at the beginning of the quarter.

In December 2018, the federal banking agencies issued a final rule to address regulatory capital treatment of credit loss allowances under the current expected credit loss (“CECL”) model (accounting standard). The rule revised the federal banking agencies’ regulatory capital rules to identify which credit loss allowances under the CECL model are eligible for inclusion in regulatory capital and to provide banking organizations the option to phase in over three years the day-one adverse effects on regulatory capital that may result from the adoption of the CECL model. The adoption of CECL resulted in an increase to our total allowance for credit losses (“ACL”) on loans held for investment of $4.3 million, an increase in allowance for credit losses on unfunded loan commitments of $3.4 million, a reclassification of PCI discount from loans to the ACL of $1.7 million, and an increase in deferred tax asset of $1.6 million. The Company also recorded a net reduction of retained earnings of $6.1 million upon adoption.

At December 31, 2025, both CBI and Civista were in compliance with all of the regulatory capital requirements to which they are subject. For CBI’s and Civista’s capital ratios, see Note 19 to the Company’s 2025 Consolidated Financial Statements.

The Federal Reserve Board has adopted regulations governing prompt corrective action to resolve the problems of capital deficient and otherwise troubled state-chartered member banks. At each successively lower defined capital category, a bank is subject to more restrictive and numerous mandatory or discretionary regulatory actions or limits, and the Federal Reserve Board has less flexibility in determining how to resolve the problems of the institution. In addition, the Federal Reserve Board generally can downgrade a bank’s capital category, notwithstanding its capital level, if, after notice and opportunity for hearings, the bank is deemed to be engaged in an unsafe or unsound practice, because it has not corrected deficiencies that resulted in it receiving a less than satisfactory examination rating on matters other than capital or it is deemed to be in an unsafe or unsound condition. Civista’s capital at December 31, 2025, met the standards for the highest capital category, a “well-capitalized” bank.

Federal Reserve Board regulations also limit the payment of dividends by Civista to CBI. Civista may not pay a dividend if it would cause Civista not to meet its capital requirements. In addition, the dividends that Civista may pay to CBI without prior approval of the Federal Reserve Board is limited to net income for the year plus its retained net income for the preceding two years.

12

Volcker Rule

In December 2013, five federal agencies adopted a final regulation implementing the Volcker Rule provision of the Dodd-Frank Act (the "Volcker Rule"). The Volcker Rule places limits on the trading activity of insured depository institutions and entities affiliated with a depository institution, subject to certain exceptions. The trading activity includes a purchase or sale as principal of a security, derivative, commodity future or option on any such instruments in order to benefit from short-term price movements or to realize short-term profits. The Volcker Rule exempted specified U.S. Government, agency and/or municipal obligations, and it exempts trading conducted in certain capacities, including as a broker or other agent, through a deferred compensation or pension plan, as a fiduciary on behalf of customers, to satisfy a debt previously contracted, repurchase and securities lending agreements and risk-mitigating hedging activities.

The Volcker Rule also prohibits a banking entity from having an ownership interest in, or substantial relationships with, a hedge fund or private equity fund, also known as “covered funds,” with a number of exceptions. To the extent that Civista engages in any of the trading activities or has any ownership interest in or relationship with any of the types of funds regulated by the Volcker Rule, Civista believes that its activities and relationships fall within the scope of one or more of the exceptions provided in the Volcker Rule.

In July 2019, the five federal bank regulatory agencies that adopted the Volcker Rule adopted a final rule to exempt certain community banks, including Civista, from the Volcker Rule, consistent with the Regulatory Relief Act. Under the final rule, community banks with $10 billion or less in total consolidated assets and total trading assets and liabilities of 5.0% or less of total consolidated assets were excluded from the restrictions of the Volcker Rule. On June 25, 2020, the federal bank regulatory agencies also finalized a rule modifying the Volcker Rule’s prohibition on banking entities investing in or sponsoring covered funds. Such rule permits certain banking entities to offer financial services and engage in other activities that do not raise concerns that the Volcker Rule was originally intended to address.

Non-Banking Subsidiaries. The Company’s non-banking subsidiaries are also subject to regulation by the Federal Reserve Board and other applicable federal and state agencies. FCIA, as a licensed insurance agency, is subject to regulation by the Ohio Department of Insurance and the state insurance regulatory agencies of those states where it conducts business. CRMI, as a Delaware-chartered captive insurance company, is subject to the laws and regulations of the State of Delaware and undergoes periodic examinations by the Delaware Department of Insurance.

Executive and Incentive Compensation

The Dodd-Frank Act requires that the federal banking agencies, including the Federal Reserve Board and the FDIC, issue a rule related to incentive-based compensation. No final rule implementing this provision of the Dodd-Frank Act has, as of the date of the filing of this Annual Report on Form 10-K, been adopted. Although a final rule has not been issued, the Company has undertaken efforts to ensure that the Company’s incentive compensation plans do not encourage inappropriate risks.

In June 2010, the Federal Reserve Board, the Office of the Comptroller of the Currency (the "OCC") and the Federal Deposit Insurance Corporation (the "FDIC") issued comprehensive final guidance on incentive compensation policies intended to ensure that the incentive compensation policies of banking organizations do not undermine the safety and soundness of such organizations by encouraging excessive risk-taking. The guidance, which covers all employees that have the ability to materially affect the risk profile of an organization, either individually or as part of a group, is based upon the key principles that a banking organization's incentive compensation arrangements should (i) provide incentives that do not encourage risk-taking beyond the organization's ability to effectively identify and manage risks, (ii) be compatible with effective internal controls and risk management and (iii) be supported by strong corporate governance, including active and effective oversight by the organization's board of directors. These three principles are incorporated into the proposed joint compensation regulations under the Dodd-Frank Act, described above.

The Federal Reserve Board reviews, as part of its respective regular, risk-focused examination process, the incentive compensation arrangements of banking organizations, such as CBI and Civista, that are not “large, complex banking organizations.” These reviews are tailored to each organization based on the scope and complexity of the organization's activities and the prevalence of incentive compensation arrangements. Deficiencies will be incorporated into the organization's supervisory ratings, which can affect the organization's ability to make acquisitions and take other actions. Enforcement actions may be taken against a banking organization if its incentive compensation

13

arrangements, or related risk-management control or governance processes, pose a risk to the organization's safety and soundness and the organization is not taking prompt and effective measures to correct the deficiencies.

Public company compensation committee members must meet heightened independence requirements and consider the independence of compensation consultants, legal counsel and other advisors to the compensation committee. A compensation committee must have the authority to hire advisors and to have the public company fund reasonable compensation of such advisors.

Following the adoption of additional listing requirements in 2023 to comply with the Dodd-Frank Act and rules adopted by the SEC in October 2022, public companies are now required to adopt and implement "clawback" policies for incentive compensation payments and to disclose the details of the procedures which allow recovery of incentive compensation that was paid on the basis of erroneous financial information necessitating a restatement due to material noncompliance with financial reporting requirements. This clawback policy is intended to apply to compensation paid within the three completed fiscal years immediately preceding the date the issuer is required to prepare a restatement and would cover all executives who received incentive awards. The Company has adopted and implemented a clawback policy, which is included as Exhibit 97 to this Annual Report on Form 10-K and is also posted under the “Corporate Overview” tab on the “Governance Documents” page of CBI’s Internet website.

SEC regulations require public companies such as CBI to provide various disclosures about executive compensation in annual reports and proxy statements and to present to their shareholders a non-binding vote on the approval of executive compensation.

Financial Privacy Provisions: Federal and state regulations limit the ability of banks and other financial institutions to disclose non-public information about consumers to non-affiliated third parties. These limitations require disclosure of privacy policies to consumers and, in some circumstances, allow consumers to prevent disclosure of certain personal information to a non-affiliated third party. These regulations affect how consumer information is transmitted through diversified financial companies and conveyed to outside vendors.

Civista is also subject to regulatory guidelines establishing standards for safeguarding customer information. These guidelines describe the federal bank regulatory agencies' expectations for the creation, implementation and maintenance of an information security program, which would include administrative, technical and physical safeguards appropriate to the size and complexity of the institution and the nature and scope of its activities. The standards set forth in the guidelines are intended to ensure the security and confidentiality of customer records and information, protect against any anticipated threats or hazards to the security or integrity of such records and protect against unauthorized access to or use of such records or information that could result in substantial harm or inconvenience to any customer.

Cybersecurity

In March 2015, federal regulators issued two related statements regarding cybersecurity. One statement indicates that financial institutions should design multiple layers of security controls to establish several lines of defense and to ensure that their risk management processes also address the risk posed by compromised customer credentials, including security measures to reliably authenticate customers accessing Internet-based services of the financial institution. The other statement indicates that a financial institution’s management is expected to maintain sufficient business continuity planning processes to ensure the rapid recovery, resumption and maintenance of the financial institution’s operations after a cyber-attack involving destructive malware. A financial institution is also expected to develop appropriate processes to enable recovery of data and business operations and address rebuilding network capabilities and restoring data if the financial institution or its critical service providers fall victim to this type of cyber-attack. If Civista fails to observe the regulatory guidance, it could be subject to various regulatory sanctions, including financial penalties.

In February 2018, the SEC published interpretive guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents. These SEC guidelines, and any other regulatory guidance, are in addition to notification and disclosure requirements under state and federal banking law and regulations.

In November 2021, the OCC, the Federal Reserve Board and the FDIC issued a final rule which became effective in May 2022, requiring banking organizations that experience a computer-security incident to notify certain entities. A computer-security incident occurs when actual or potential harm to the confidentiality, integrity, or availability of an information system or the information occurs, or there is a violation or imminent threat of a violation to banking

14

security policies and procedures. The affected bank must notify its respective federal regulator of the computer-security incident that rises to the level of a notification incident has occurred. These notifications are intended to promote early awareness of threats to banking organizations and will help banks react to those threats before they manifest into larger incidents. This rule also requires bank service providers to notify their bank organization customers of a computer-security incident that has caused, or is reasonably likely to cause, a material service disruption or degradation for four or more hours.

Furthermore, the Cyber Incident Reporting for Critical Infrastructure Act, enacted in March 2022, will require, once administrative rules are adopted, certain covered entities, including those in the financial services industry, to report a covered cyber incident to the U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (“CISA”) within 72 hours after it reasonably believes an incident has occurred. Separate reporting to CISA will also be required within 24 hours if a ransom payment is made as a result of a ransomware attack.

On July 26, 2023, the SEC adopted final rules that require public companies to promptly disclose material cybersecurity incidents in a Current Report on Form 8-K and detailed information regarding their cybersecurity risk management, strategy, and governance on an annual basis in an Annual Report on Form 10-K. Companies are required to report on Form 8-K any cybersecurity incident they determine to be material within four business days of making that determination. See Item "ITEM 1C. CYBERSECURITY" in Part 1 of this Annual Report on Form 10-K. These SEC rules, and any other regulatory guidance, are in addition to notification and disclosure requirements under state and federal banking law and regulations.

State regulators have also been increasingly active in implementing privacy and cybersecurity standards and regulations. Recently, several states have adopted regulations requiring certain financial institutions to implement cybersecurity programs and providing detailed requirements with respect to these programs, including data encryption requirements. Many states have also recently implemented or modified their data breach notification and data privacy requirements. The Company expects this trend of state-level activity in those areas to continue, and is continually monitoring developments in the states in which our customers are located.

In the ordinary course of business, the Company relies on electronic communications and information systems to conduct its operations and to store sensitive data. The Company employs an in-depth, layered, defensive approach that leverages people, processes and technology to manage and maintain cybersecurity controls. The Company employs a variety of preventative and detective tools to monitor, block, and provide alerts regarding suspicious activity, as well as to report on any suspected advanced persistent threats. Notwithstanding the strength of the Company’s defensive measures, the threat from cyber-attacks is severe, attacks are sophisticated and increasing in volume, and attackers respond rapidly to changes in defensive measures. While to date, the Company has not detected a significant compromise, significant data loss or any material financial losses related to cybersecurity attacks, the Company’s systems and those of its customers and third-party service providers are under constant threat and it is possible that the Company could experience a significant event in the future. Risks and exposures related to cybersecurity attacks are expected to remain high for the foreseeable future due to the rapidly evolving nature and sophistication of these threats, as well as due to the expanding use of Internet banking, mobile banking and other technology-based products and services by us and our customers.

Effect of Environmental Regulation

Compliance with federal, state and local provisions regulating the discharge of materials into the environment, or otherwise relating to the protection of the environment, has not had a material effect upon the capital expenditures, earnings or competitive position of the Company. In the opinion of management, the Company does not have exposure to material costs associated with compliance with environmental laws and regulations or material expenditures related to environmental hazardous waste mitigation or cleanup.

The Company believes its primary exposure to environmental risk is through the lending activities of Civista. In cases where management believes environmental risk potentially exists, Civista mitigates its environmental risk exposure by requiring environmental site assessments at the time of loan origination to confirm collateral quality as to commercial real estate parcels posing higher than normal potential for environmental impact, as determined by reference to present and past uses of the subject property and adjacent sites. In addition, environmental assessments are typically required prior to any foreclosure activity involving non-residential real estate collateral.

15

Effects of Government Monetary Policy

The earnings of the Company are affected by general and local economic conditions and by the policies of various governmental regulatory authorities. In particular, the Federal Reserve Board regulates money and credit conditions and interest rates to influence general economic conditions, primarily through open market acquisitions or dispositions of United States Government securities, varying the discount rate on member bank borrowings and setting reserve requirements against member and nonmember bank deposits. Federal Reserve Board monetary policies have had a significant effect on the interest income and interest expense of commercial banks, including Civista, and are expected to continue to do so in the future.

Available Information

CBI maintains an Internet website at www.civb.com (this uniform resource locator, or URL, is an inactive textual reference only and is not intended to incorporate CBI’s website into this Annual Report on Form 10-K). CBI makes available free of charge on or through its Internet website its annual reports on Form 10-K, quarterly reports on Form 10-Q, current reports on Form 8-K and amendments to those reports filed or furnished pursuant to Section 13(a) or 15(d) of the Exchange Act, as well as CBI’s definitive proxy statements filed pursuant to Section 14 of the Exchange Act, as soon as reasonably practicable after CBI electronically files such material with, or furnishes it to, the SEC. Copies of documents filed by CBI with the SEC are also available free of charge at the SEC's website at www.sec.gov.