S&T Bancorp : Risk Committee Charter (Risk Committee Charter 2026 05 35fa92)
STBA
Published on 05/15/2026 at 03:37 pm EDT
The Risk Committee ("Committee") is appointed by the Board of Directors (the "Board") of S&T Bancorp, Inc. and S&T Bank (collectively, the "Company") and is authorized to perform its functions for and on behalf of the Company and its subsidiaries (collectively, "S&T"). The Committee shall be a joint committee of S&T Bancorp, Inc. and S&T Bank (collectively and/or individually herein, as the case may be, "S&T"). This Committee Charter ("Charter") governs the operations of the Committee and identifies the Purpose, Membership, Meeting Requirements, Responsibilities and Duties, Reporting and Recommendations, and Resources and Authority of the Committee.
The Committee's primary purpose is to provide assistance to the Board in fulfilling its fiduciary responsibilities with respect to its oversight and assessment of S&T's enterprise-wide risk management ("ERM") framework, including, among other things, the identification, assessment, measurement, monitoring, and management of the following major risk categories: Strategic, Compliance/Regulatory, Credit, Information Technology and Security, Legal, Liquidity, Market (Interest Rate), and Operational. The Committee is responsible for reviewing and recommending to the Board for approval certain risk appetites taking into account S&T's structure, risk profile, complexity, activities, size and other appropriate risk-related factors. The Committee is also responsible for overseeing the credit administration and lending risk management practices. Additionally, the Committee is responsible for the performance of the Credit Risk Review function and its assessment of the management of credit risk arising from the lending and credit-related functions. 
The Committee shall also assist the Board and its other committees that oversee specific risk-related issues and serve as a resource to management by overseeing risk across the enterprise.
Non-management Committee members are appointed annually by the Board on the recommendation of the Nominating and Corporate Governance Committee. The members shall serve until their successors are duly elected and qualified by the Board or until such member's earlier resignation or removal. The Committee shall be comprised of three or more members. Each member shall have an understanding of risk management and expertise commensurate with S&T's size, complexity, and risk profile and at least one of the committee members must have experience in identifying, assessing, and managing risk exposures of large complex firms. The Board will consider the experience of the designated member with risk management expertise, including, for example, background in risk management or oversight applicable to the size and complexity of S&T's activities, attitude toward risk and leadership capabilities.
The Board will appoint one of the members of the Committee to serve as its chair. The chair shall satisfy the independence requirements promulgated by the Securities and Exchange Commission, the NASDAQ Stock Market or applicable rules and regulations promulgated by them, and any governmental and/or regulatory body exercising authority over the Company.
The Committee may delegate to its chair such power and authority as the Committee deems to be appropriate, except such powers and authorities required by law or regulation to be exercised by the whole Committee or a subcommittee of at least two members. The Committee may also appoint a secretary, who need not be a director.
The Committee shall meet as often as it determines is necessary and appropriate but is expected to meet at least four times a year, or more frequently as needed. The Chair shall have the authority to call a special meeting of the Committee or seek a unanimous written consent of the Committee whenever he or she deems such a meeting or consent necessary or desirable. The Committee may meet in executive session without members of management
in attendance at the Committee's discretion. Any member of the Committee may call for an executive session.
A majority of the members of the Committee shall constitute a quorum for the transaction of business, and the act of the majority of those present at any meeting at which a quorum is present, shall be the act of the Committee.
Members of the Committee may participate in a meeting of the Committee by means of a conference call or similar communications equipment by means of which all persons participating in the meeting can hear each other.
Any director, officer or employee of S&T, outside counsel, independent auditor or other person may attend meetings, as the Committee deems appropriate. The Committee will meet in separate executive sessions with the Chief Risk Officer (CRO) and any other persons, solely at the Committee's discretion, to discuss any matters that the Committee or any of these persons believe should be discussed privately and have such direct and independent interaction with such persons from time to time as the members of the Committee deems appropriate. Additionally, at least quarterly or as needed, the Committee will meet in a separate executive session with the Director of Credit Risk Review.
The primary responsibility is oversight. In performing their responsibilities, Committee members are entitled to rely in good faith upon S&T's records and upon information, opinions, reports or statements prepared or presented by any of S&T's officers or employees, or by any other person as to matters the member reasonably believes are within such other person's professional or expert competence and who has been selected with reasonable care by or on behalf of S&T. Each member of the Committee also may rely in good faith upon actions taken by another committee of the Board as to matters within its designated authority.
In carrying out its responsibilities, the Committee's policies and procedures should remain flexible to enable the Committee to react to changing conditions and circumstances. The following shall be the principal responsibilities and duties of the Committee and are intended to serve as a guide with the understanding that the Committee may supplement them as appropriate.
Alignment of Strategy and Risk
Reviews ERM design to support the achievement of strategic goals, to improve long-term organization performance and to enhance shareholder value.
Work with the Board and management to confirm that S&T's strategic, liquidity, and capital plans are consistent with S&T's risk appetite and that material risks and any notable emerging themes are addressed in the risk management framework.
Review the effect of the risks to capital, earnings, and liquidity under normal and stressed conditions and approve the Contingency Funding Plan on an annual basis.
Review credit administration management practices, strategies, and performance, including reporting from credit risk review, to ensure alignment with S&T's risk appetite.
Risk Framework
Approve and periodically review S&T's risk management framework, which outlines S&T's overarching approach to risk management and the policies, processes, and governance structures used by management to execute its risk management program including maintaining a strong risk culture and facilitating appropriate credible challenge of business decisions.
Engage management in an ongoing risk appetite dialogue based upon changes to S&T's strategy, business model, risk profile, or market conditions and as new risks and opportunities arise. The Committee considers current risks, which include the respective timeframes reflected by those risks, emerging risks, and future threats.
Evaluate risk identification, measurement, monitoring, and controlling techniques employed by
management and ensure current methodologies remain commensurate with S&T's size and complexity.
Oversee and review direction of risk, risk acceptance items, and Key Risk and Performance Indicators (KRIs/KPIs) and confirm appropriate risk tolerances and limits to ensure consistency with S&T's risk appetite.
Review summary results and reports of the analysis of all risk categories in the aggregate and by risk type as provided through the management-level ERM Committee by the CRO. Review and discuss with the CRO and other executive management, S&T's risk profile and risk trends against its risk appetite, as well as monitoring of any mitigation efforts.
Ensure effective and timely escalation of material issues are provided to the Board and hold management accountable for timely and appropriate mitigation actions.
Review management's annual corporate insurance program update, including coverages that serve as a risk mitigation strategy to transfer risks that cannot otherwise be adequately mitigated or controlled. Such exposures include potential catastrophic or excessive financial loss.
Collaborate with the Compensation and Benefits Committee in its consideration of the relationship between risk management policies and practices, corporate strategies, and executive compensation.
Consult with other committees of the Board on risk-related matters, in such manner as the Committee Chair deems appropriate.
Compliance with Laws and Regulations
1. Oversee management's efforts to implement and maintain an effective Compliance Management System to ensure compliance with federal consumer protection laws, regulations and regulatory policy by receiving regular reporting and materials from the Chief Compliance Officer and the Chief Security Officer (CSO) for S&T's Consumer Compliance Program, and Fraud and Anti-Money Laundering
/Countering the Financing of Terrorism (AML/CFT) Program, respectively.
Review the results of management's investigation and follow-up (including disciplinary action) of any instances of noncompliance (e.g., violations of Corporate Policy #601- General Code of Conduct or Policy #608- Code of Conduct for the CEO and CFO), as warranted. The CRO shall coordinate with the General Counsel, as needed, to compile pertinent information for reporting purposes.
Discuss with S&T's General Counsel, external counsel and/or the CRO any significant legal, compliance or regulatory matters that may have a material impact on S&T, including material notices to or inquiries received from regulators or governmental agencies.
The Committee shall receive corporate attorney's reports of evidence of a material violation of securities laws or breaches of fiduciary duty.
The Committee shall review the adequacy of Management's corrective action plans related to regulatory examination reports or other regulatory matters.
CRO and Risk Management Functions
The CRO shall report directly to the CEO, but shall have direct access to the Committee, without impediment, and shall provide regular communications to the Committee as described below.
Ensure the CRO has adequate stature and resources within the organization.
The CEO will assess and evaluate the capabilities and performance of the CRO and will complete an annual performance evaluation with input from the Committee.
Review and approve the appointment, replacement, or dismissal of the CRO. Have input and oversee the CRO succession planning.
Receive communications from the CRO, or at the invitation of the CRO, any other officer, on any risk management or regulatory compliance activities or other matters the CRO determines necessary, including
private meetings without management present.
Credit and Credit Administration
While the Committee does not exercise approval authority, lending activity should be reviewed for the Committee to be fully informed of management's decisions including discussing and obtaining the approval of the Committee for any significant changes to the type(s) of assets or lending structures (e.g., indirect lending, specialty leasing, etc.) which would increase/decrease the risk to the Bank prior to implementation.
Review credit administration management reports for the Committee to oversee credit activity to ensure adequate credit risk management practices, including credit risk appetite, underwriting standards, loan concentrations and ongoing portfolio monitoring and management.
Credit Risk Review
The Director of Credit Risk Review ("DCRR") shall report directly to the Committee Chairperson, with administrative oversight provided by the Chief Risk Officer ("CRO"). The DCRR's reporting relationship will be re-evaluated annually by the Committee to ensure the independence and objectivity of the credit risk review function. The functional reporting line for the credit risk review function is the ultimate source of its independence and authority. In this context, the Committee would: Review and approve the appointment, replacement, or dismissal of the DCRR, who shall have supervisory responsibility for the credit risk review function.
The Committee Chairperson will complete the annual performance evaluation of the DCRR, including determining compensation. Given the administrative oversight role, the CRO will also provide input regarding the DCRR's performance for consideration. The results will be reviewed with the full Committee.
At least annually, review with the DCRR, the role and scope of work performed by the Credit Risk Review Department, the annual commercial and consumer loan review plan including targeted reviews, the adequacy of staffing and the continuing professional education plan.
Receive periodic communications from the DCRR on the completion status of the annual loan review plan, as well as a summary of material changes made to such plan, if any. In addition, the DCRR or his/her designee shall review and discuss with the Committee the results of Credit Risk Review Reports and any other reviews as well as management's responses to the findings and recommendations. All final Credit Risk Review Reports shall be posted to the Boardvantage board portal by quarter end in order for the Committee members to review in advance of scheduled meetings.
Ensure the results of the Quality Control Program align with S&T's strategic plan and risk appetite related to residential mortgages originated for sale and portfolio.
Review and approve special project requests by management to ensure that they do not impair independence or objectivity.
Discuss with the DCRR at least annually, Credit Risk Review's contingency plan to mitigate any significant suspension in credit risk review coverage, particularly in high-risk areas.
Review and approve any outsourcing or co-sourcing arrangements pertaining to the credit risk review function.
Ensure that Credit Risk Review staff have access to all necessary S&T resources and that there are no unjustified restrictions or limitations.
General
At least annually, review and approve applicable corporate policies, including any material revisions, to ensure alignment with the evolving strategy, regulatory requirements, and S&T's risk appetite.
Review significant risk management reports and findings of regulators, internal auditors, and independent
external auditors, as applicable, including management's remediation plans and progress against such plans where finding(s) deemed significant.
Receive minutes from the Enterprise Risk Management Committee ("ERMC"), Asset/Liability Management Committee ("ALCO") and Credit Risk Oversight Committee ("CROC").
Annually review and approve applicable executive management committee charters.
In addition to any other reports that may be requested by the Committee from time to time, the governance established for risk management programs, including risk appetite statement, and methodology is reviewed at least annually. Also, annually review the results of the enterprise risk assessment. Quarterly, provide updates for each regulatory risk category, including emerging risks, direction of risk, risk acceptance items, Key Risk and Key Performance Indicator (KRI/KPI) results and any corresponding Management Action Plans. Regulatory program updates, regulatory matters and Code of Conduct incidents are also reviewed with the Committee. The Committee may also from time to time review quarterly updates regarding portfolio management performance, asset quality performance, asset quality health scorecard, and Credit Risk Review reports. Annual reviews of Credit stress testing and the Credit Risk Review Plan shall be reviewed.
The Committee may also periodically review updates of applicable management projects and initiatives.
The Committee shall review and reassess the adequacy of this Charter as needed, but at least annually, and recommend to the Board any proposed changes to this Charter.
The Committee shall provide for the maintenance of minutes of its meetings and report the Committee's activities to the Board with respect to such matters as are relevant to the Committee's discharge of its responsibilities and with respect to such recommendations, as the Committee may deem appropriate.
The Committee shall have the resources and authority appropriate to discharge its duties and responsibilities, including the authority to select, retain, terminate, and approve the fees and other retention terms of independent legal, accounting or other experts and advisors, as it deems necessary or appropriate. The Committee shall also have the authority, to the extent it deems necessary or appropriate, to ask S&T to provide the Committee with the support of one or more S&T employees to assist in carrying out its duties. S&T shall provide for appropriate funding, as determined solely by the Committee, for payment of compensation to any advisors retained by the Committee and to pay for ordinary administrative expenses of the Committee.
The Committee may authorize S&T's officers to take any and all actions necessary to implement actions approved by the Committee.
Approved: S&T Bancorp Inc. and S&T Bank Risk Committee, May 7, 2026 S&T Bancorp Inc. and S&T Bank Board of Directors, May 12, 2026
Disclaimer
S&T Bancorp Inc. published this content on May 15, 2026, and is solely responsible for the information contained herein. Distributed via Public Technologies (PUBT), unedited and unaltered, on May 15, 2026 at 19:36 UTC.