UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

WASHINGTON, D.C. 20549

FORM 10-K

☒ ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the fiscal year ended December 31, 2021

OR

☐ TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the transition period from                      to                     

Commission file number 001-36192

Civista Bancshares, Inc.

(Exact name of registrant as specified in its charter)

Ohio	34-1558688
State or other jurisdiction of incorporation or organization	(IRS Employer Identification No.)

100 East Water Street, Sandusky, Ohio 44870

(Address of principal executive offices) (Zip Code)

Registrant’s telephone number, including area code (419) 625 - 4121

Securities registered pursuant to Section 12(b) of the Act:

Title of each class	Trading Symbol(s)	Name of each exchange on which registered
Common shares, no par value	CIVB	The NASDAQ Stock Market LLC (NASDAQ Capital Market)

Securities registered pursuant to Section 12(g) of the Act: None

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.    Yes  ☐    No  ☒

Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act.    Yes  ☐    No  ☒

Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.    Yes  ☒    No  ☐

Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§ 232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files).    Yes  ☒    No  ☐

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer”, “accelerated filer”, “smaller reporting company”, and “emerging growth company” in Rule 12b-2 of the Exchange Act.

Large accelerated filer	☐	Accelerated filer	☒
Non-accelerated filer	☐	Smaller reporting company	☐
Emerging Growth Company	☐

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.  ☐

Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.  ☒

Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Act).    Yes  ☐    No  ☒

The aggregate market value of the voting and non-voting common equity held by non-affiliates of the registrant based upon the closing market price as of June 30, 2021 was $323,533,981. For this purpose, shares held by non-affiliates include all outstanding common shares except those beneficially owned by the directors and executive officers of the registrant.

As of February 24, 2022, there were 14,888,915 common shares, no par value, of the registrant issued and outstanding.

DOCUMENTS INCORPORATED BY REFERENCE

Portions of the registrant’s Annual Report to Shareholders for the fiscal year ended December 31, 2021 (the “2021 Annual Report”) are incorporated by reference into Parts I and II of this Form 10-K. Portions of the registrant’s Proxy Statement for the registrant’s 2022 Annual Meeting of Shareholders to be held on April 19, 2022 (the “2022 Proxy Statement”) are incorporated by reference into Part III of this Form 10-K.​​​​​​​

INDEX

Part I
Item 1.	Business	3
Item 1A.	Risk Factors	21
Item 1B.	Unresolved Staff Comments	34
Item 2.	Properties	34
Item 3.	Legal Proceedings	34
Item 4.	Mine Safety Disclosures	34
Part II
Item 5.	Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities	35
Item 6.	Reserved	35
Item 7.	Management’s Discussion and Analysis of Financial Condition and Results of Operations	35
Item 7A.	Quantitative and Qualitative Disclosures About Market Risk	35
Item 8.	Financial Statements and Supplementary Data	35
Item 9.	Changes in and Disagreements with Accountants on Accounting and Financial Disclosure	36
Item 9A.	Controls and Procedures	36
Item 9B.	Other Information	36
Item 9C.	Disclosure Regarding Foreign Jurisdictions that Prevent Inspections	36
Part III
Item 10.	Directors, Executive Officers and Corporate Governance	37
Item 11.	Executive Compensation	37
Item 12.	Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters	37
Item 13.	Certain Relationships and Related Transactions, and Director Independence	37
Item 14.	Principal Accountant Fees and Services	37
Part IV
Item 15.	Exhibits and Financial Statement Schedules	38
Item 16	Form 10-K Summary	40
Signatures		41

PART I

Item 1. Business

General Development of Business

CIVISTA BANCSHARES, INC. (“CBI”) was organized under the laws of the State of Ohio on February 19, 1987 and is a registered financial holding company under the Gramm-Leach-Bliley Act of 1999, as amended (the “GLBA”). CBI’s office is located at 100 East Water Street, Sandusky, Ohio. CBI and its subsidiaries are sometimes referred to together as the “Company”. The Company had total consolidated assets of $3,011,983 at December 31, 2021.

CIVISTA BANK (“Civista”), owned by the Company since 1987, opened for business in 1884 as The Citizens National Bank. In 1898, Civista was reorganized under Ohio banking law and was known as The Citizens Bank and Trust Company. In 1908, Civista surrendered its trust charter and began operation as The Citizens Banking Company. The name Civista Bank was introduced during the first quarter of 2015 to solidify our dual Citizens/Champaign brand and distinguish ourselves from the many other banks using the “Citizens” name in our existing and prospective markets. Civista maintains its main office at 100 East Water Street, Sandusky, Ohio and operates branch banking offices in the following Ohio communities: Sandusky (2), Norwalk (2), Berlin Heights, Huron, Port Clinton, Castalia, New Washington, Shelby (2), Willard, Greenwich, Plymouth, Shiloh, Akron, Dublin, Plain City, Russells Point, Urbana (2), West Liberty, Quincy, Dayton (3), Beachwood, and in the following Indiana communities: Lawrenceburg (3), Aurora, West Harrison, Milan, Osgood and Versailles. Civista also operates loan production offices in Westlake, Ohio and Fort Mitchell, Kentucky. Civista and its consolidated subsidiaries as discussed below, accounted for 99.8% of the Company’s consolidated assets at December 31, 2021.

FIRST CITIZENS INSURANCE AGENCY, INC. (“FCIA”) was formed in 2001 to allow the Company to participate in commission revenue generated through its third party insurance agreement. Assets of FCIA were not significant as of December 31, 2021.

WATER STREET PROPERTIES (“WSP”) was formed in 2003 to hold properties repossessed by CBI subsidiaries. Assets of WSP were not significant as of December 31, 2021.

FC REFUND SOLUTIONS, INC. (“FCRS”) was formed in 2012 to facilitate payment of individual state and federal income tax refunds. The operations of FCRS were discontinued June 30, 2019 as a result of inactivity due to FCRS no longer being necessary to facilitate the Company’s continuing participation in the tax refund processing program.

FIRST CITIZENS INVESTMENTS, INC. (“FCI”) was formed in the fourth quarter of 2007 as a wholly-owned subsidiary of Civista to hold and manage its securities portfolio. The operations of FCI are located in Wilmington, Delaware.

FIRST CITIZENS CAPITAL LLC (“FCC”) was also formed in the fourth quarter of 2007 as a wholly-owned subsidiary of Civista to hold inter-company debt that is eliminated in consolidation. The operations of FCC were discontinued December 31, 2021 as a result of inactivity.

CIVB RISK MANAGEMENT, INC. (“CRMI”), a wholly-owned subsidiary of CBI which was formed and began operations on December 26, 2017, is a Delaware-based captive insurance company which insures against certain risks unique to the operations of the Company and for which insurance may not be currently available or economically feasible in today’s insurance marketplace. CRMI pools resources with several other similar insurance company subsidiaries of financial institutions to spread a limited amount of risk among themselves. CRMI is subject to regulations of the State of Delaware and undergoes periodic examinations by the Delaware Division of Insurance.

CBI is a financial holding company. Through its subsidiary bank, the Company is primarily engaged in the business of community banking, which accounts for substantially all of its revenue, operating income and assets. Refer to the Consolidated Financial Statements on pages 30 through 35 of the 2021 Annual Report for additional information.

Narrative Description of Business

General

The Company’s primary business is incidental to the subsidiary bank and its subsidiaries. Civista, through its locations in the Ohio counties of Erie, Crawford, Champaign, Cuyahoga, Franklin, Huron, Logan, Madison, Montgomery, Ottawa, Richland and Summit, in the Indiana counties of Dearborn and Ripley and in the Kentucky county of Kenton, conducts a general banking business that involves collecting customer deposits, making loans, purchasing securities, and offering Trust services.

3

Interest and fees on loans accounted for 67% of total revenue for 2021, 69% of total revenue for 2020, and 70% of total revenue for 2019. The Company’s primary focus of lending continues to be real estate loans, both residential and commercial in nature. Residential real estate mortgage loans comprised 22% of the total loan portfolio in 2021, 22% of the total loan portfolio in 2020 and 27% of the total loan portfolio in 2019. Commercial real estate loans comprised 56% of the total loan portfolio in 2021, 48% in 2020, and 49% in 2019. Commercial and agriculture loans comprised 12% of the total loan portfolio in 2021, 20% in 2020, and 12% in 2019. Civista’s loan portfolio does not include any foreign-based loans, loans to lesser-developed countries or loans to CBI or its other subsidiaries.

On a parent company only basis, CBI’s primary source of funds is the receipt of dividends paid by its subsidiaries, principally Civista. The ability of Civista to pay dividends is subject to limitations under various laws and regulations and to prudent and sound banking principles. Generally, subject to certain minimum capital requirements, Civista may declare a dividend without the approval of the State of Ohio Division of Financial Institutions (the “ODFI”) unless the total of the dividends in a calendar year exceeds the total net profits of the bank for the year combined with the retained profits of the bank for the two preceding years. At December 31, 2021, Civista had $59,772 of accumulated net profits available to pay dividends to CBI without approval of the ODFI.

The Company’s business is not seasonal, nor is it dependent on a single or small group of customers.

Business Strategy

The Company’s strategy is to compete for business by providing high quality, personal service to customers, enhanced local presence and customer access to our decision-makers, rapid decision-making, and competitive interest rates and fees. We develop and maintain business relationships by taking on leadership roles in our communities through the involvement of our experienced commercial and retail bankers, management team and Board of Directors. We believe we will continue to drive growth and increase profitability, while maintaining our high level of asset quality, by doing the following:

Expand Relationships in Our Communities

We emphasize relationship banking by maintaining and growing our customers and contacts with personal interaction by our bankers and management teams in the communities that we serve. We strive to do this by offering a full suite of competitive banking products through efficient and varied delivery channels tailored to the needs of our customers and potential customers. Civista, through its Civista Wealth Management division, also offers investment and advisory solutions. Our approach is personalized and focused on what our clients need. We provide individuals, families, business and non-profits with personalized investment management, 401-(k) advisory services for employers, financial planning, trust services, and tailored lending.

Measured Loan Portfolio Growth while Aiding Borrowers Impacted by COVID-19

Our loan growth strategy is to originate high quality commercial loans with strong sponsors and favorable credit metrics on the retail side in order to achieve measured growth.

We believe it is critical to have as a strategic initiative a plan to work with our customers, in the short and medium terms, in navigating the impacts of the ongoing COVlD-19 pandemic. As part of this plan, we are focused on the inevitable changing needs and preferences of our customers in a post-COVID-19 environment. We have utilized several resources at our disposal, including loan modifications and payment deferrals, to proactively aid our borrowers.

During 2020, Civista implemented a temporary loan deferral program for customers impacted by COVID-19 pursuant to which Civista provided loan deferrals on an aggregate of 813 loans totaling $431.3 million. As of December 31, 2021, Civista had seven loans totaling $5.1 million and representing 0.3 percent of loans outstanding, excluding Paycheck Protection Program (“PPP”) loans, that remained on COVID-19 loan deferral. The COVID-19 loan modifications are not classified as TDRs because they satisfied certain requirements as set forth under the Coronavirus Aid, Relief, and Economic Security Act of 2020, as amended (the “CARES Act”) to not be classified as TDRs. Further details regarding these modifications are provided in the table on page 60 of the Company’s 2021 Annual Report to Shareholders. For loans subject to the deferral program, each borrower is required to resume making regularly scheduled loan payments at the end of the modification period and the deferred amounts will be moved to the end of the loan term.

Core Deposit Growth

We plan to continue to focus on growing our core, commercial operating and retail, non-maturity deposit base with an emphasis on relationship banking. Our business model focuses on gaining the majority of our customers’ banking relationships by implementing

4

many best practices for community banks, including personalized service and technology. We believe that these generate “stickier” deposit accounts with larger average balances than might be attracted otherwise. From time to time we also use pricing techniques in our efforts to attract banking relationships having larger than average balances.

Leverage Our Residential Mortgage Banking Infrastructure

We seek to leverage our mortgage banking infrastructure to support the origination of residential mortgage loans for sale into the secondary market, Mortgage loan originations and sales activity are strategies utilized to support growth in our non-interest income, while also serving to help manage the Company’s exposure to interest rate risk through the sale of longer-duration, fixed-rate loans into the secondary market.

Improve Our Operating Efficiency

Expense discipline is a key strategy to improve operating efficiency and contribute to earnings growth. We also strive to operate more efficiently by incorporating technology into our client offerings.

Maintain Robust Capital and Liquidity Levels

The Company’s capital position provides a source of strength and continues to significantly exceed all regulatory capital guidelines as demonstrated by the December 31, 2021 Tier 1 Leverage ratios of the Company and Civista of 10.2 percent and 10.8 percent, respectively. We plan to continue to maintain robust capital reserves, in part due to the risks and uncertainties associated with the COVID-19 pandemic.

In addition to our robust capital levels, we maintain significant sources of both on- and off-balance sheet liquidity and plan to continue to do so. At December 31, 2021, our liquid assets included $255.2 million of short-term cash and equivalents supplemented by $559.9 million of investment securities classified as available for sale which can be readily sold or pledged as collateral, if necessary. In addition, we had the capacity to borrow additional funds totaling $581.5 million from the Federal Home Loan Bank of Cincinnati at December 31, 2021.

Ensure the Adequacy of Our Allowance for Credit Losses

The economic implications of the COVID-19 pandemic on our business and the resulting impact on our asset quality are difficult to fully predict at this time. Notwithstanding this uncertainty, our reserve levels have remained adequate with total allowance amounting to $26.6 million at December 31, 2021.

Market Area and Competition

At December 31, 2021, our primary market area consisted of the counties in which we currently operate branches, and loan production offices, including Erie, Crawford, Champaign, Cuyahoga, Franklin, Huron, Logan, Madison, Montgomery, Ottawa, Richland and Summit Counties in Ohio, Dearborn and Ripley Counties in Indiana and Kenton County in Kentucky. Our lending is concentrated in these markets and our predominant sources of deposits are the communities in which our offices are located as well as the neighboring communities.

The banking business is highly competitive. We face substantial competition both in attracting deposits and in originating loans. We compete with numerous financial institutions, including large regional financial institutions, community banks, thrifts and credit unions operating without our market area. Nontraditional sources of competition for loan and deposit dollars come from captive auto finance companies, mortgage banking companies, internet banks, brokerage companies, insurance companies and direct mutual funds. As a result of their size, resources and ability to achieve economies of scale, certain of our competitors offer a broader range of products and services than we offer, as well as higher lending limits, which may adversely affect the ability of Civista to compete.

Products and Services

We offer a broad range of deposit and loan products and other banking services. These include personal and commercial checking accounts, retirement accounts, money market accounts, time and savings accounts, safe deposit boxes, wire transfers, access to automated teller services, internet banking, ACH origination, telephone banking, and mobile/digital banking. Civista also offers remote deposit capture banking for both retail and business customers, providing the ability to electronically scan and transmit checks for deposit.

5

Time deposits consist of certificates of deposit, including those held in IRA accounts. Reciprocal deposits are offered through Civista’s participation in the Certificate of Deposit Account Registry Service® (CDARS) and Insured Cash Sweep (ICS) programs offered through Promontory Interfinancial Network, LLC. Customers who are Federal Deposit Insurance Corporation (“FDIC”) insurance sensitive are able to place large dollar deposits with Civista and Civista uses either outlet to place those funds into certificates of deposit or money markets issued by other banks in the Network. This occurs in increments of less than the FDIC insurance limits so that both the principal and interest are eligible for complete FDIC insurance coverage. The FDIC currently considers these funds as brokered deposits.

We offer commercial and personal loans on a secured and unsecured basis, revolving lines of credit, commercial mortgage loans, and residential mortgages on both primary and secondary residences, home equity loans, bridge loans and other personal purpose loans. However, we are not and have not historically been a participant in the sub-prime lending market.

Commercial loans are loans made for business purposes and are primarily secured by collateral such as cash balances with Civista, business assets including accounts receivable, inventory and equipment, and liens on commercial real estate.

Construction loans are loans to finance the construction of commercial or residential properties secured by first liens on such properties. Commercial real estate loans include loans secured by first liens on completed commercial properties, including multi-family properties, to purchase or refinance such properties. Residential mortgages include loans secured by first liens on residential real estate to purchase or refinance primary and secondary residences. Home equity loans and lines of credit include loans secured by first or second liens on residential real estate for primary or secondary residences.

Consumer loans are made to individuals who qualify for auto loans, cash reserve, and installment loans. Our consumer loan portfolio includes unsecured overdraft lines of credit and personal loans as well as loans secured by savings accounts and certificates of deposit on deposit with Civista.

Our portfolio lending activities include the origination of one- to four-family first mortgage loans, primarily in our designated market area. The fixed-rate residential mortgage loans that we originate for portfolio generally meet the secondary mortgage market standards. As a complement to our residential one- to four-family portfolio lending activities, we operate a mortgage banking platform which supports the origination of one- to four-family mortgage loans that generally meet the secondary mortgage market standards. Such loans are generally originated by and sourced from the same resources and markets as those loans originated and held in our portfolio.

Through our Civista Wealth Management division we offer investment advisory services to individuals, families, businesses and non-profits with personalized investment management, 401(k) advisory services for employers, financial planning, and trust services.

Human Capital Resources

Our employees are vital to our success in the financial services industry. As a human-capital intensive business, the long-term success of our company depends on our people. Our goal is to ensure that we have the right talent, in the right place, at the right time. We do that through our commitment to attracting, developing and retaining our employees.

We strive to attract individuals who are people-focused and share our values. We have a comprehensive program dedicated to selecting new talent and enhancing the skills of our employees. In our recruiting efforts, we strive to have a diverse group of candidates to consider for our roles. To that end, we have strong relationships with a variety of industry associations that represent diverse professionals and partner with schools in the communities we serve to offer internship opportunities to students interested in the financial industry.

We have designed a compensation structure that we believe is attractive to our current and prospective employees. We also offer our employees the opportunity to participate in a variety of professional and leadership development programs. Our programs include a variety of industry, product, technical, professional, business development, leadership and regulatory topics. These programs are available online and in-person. In addition, we encourage all employees to be involved in the communities we serve through various volunteer activities.

We seek to retain our employees by using their feedback to create and continually enhance programs that support their needs. We use company-wide surveys to solicit feedback from our employees. We have a formal annual goal setting and performance review process for our employees. We promote a values-based culture, an important factor in retaining our employees. Our training, to share and communicate our culture to all employees, plays an important part in this process. We are committed to having a diverse

6

workforce, and an inclusive work environment is a natural extension of our culture. We are committed to ensuring that all our employees feel welcomed, valued, respected and heard so that they can fully contribute their unique talents for the benefit of our customers, their careers, our company and our communities. We have recently established a Diversity, Equity and Inclusion Council (“DEI Council”). This company-wide diversity and inclusion advisory council stewards the Company’s efforts and provides guidance on priorities. This council is composed of employees from all areas of our Company and locations where we operate.

We monitor and evaluate various turnover and attrition metrics throughout our organization. Our annualized voluntary turnover is relatively low, as is the case for turnover of our top performers, a record which we attribute to our strong values-based culture, commitment to career development, and attractive compensation and benefit programs.

Civista employs approximately 441 full-time equivalent employees to whom a variety of benefits are provided. CBI has no employees. CBI and its subsidiaries are not parties to any collective bargaining agreements. Management considers its relationship with its employees to be good.

Supervision and Regulation

CBI and its subsidiaries are subject to extensive supervision and regulation by federal and state agencies. The regulation of financial holding companies and their subsidiaries is intended primarily for the protection of consumers, depositors, borrowers, the Deposit Insurance Fund (the “DIF”) and the banking system as a whole, and not for the protection of shareholders. Applicable laws and regulations restrict permissible activities and investments and require actions to protect loan, deposit, brokerage, fiduciary and other customers, as well as the DIF. These laws and regulations also may restrict the ability of CBI to pay dividends to its shareholders, to repurchase its common shares or to receive dividends from Civista, and impose capital adequacy and liquidity requirements.

The following is a summary of the regulatory agencies that supervise and regulate CBI and Civista and the statutes and regulations that have, or could have, a material impact on the Company’s business. This discussion is qualified in its entirety by reference to such statutes and regulations. The statutes and regulations applicable to the Company are continually under review by the United States Congress and state legislatures and federal and state regulatory agencies, and a change in statutes, regulations or regulatory policies applicable to the Company could have a material effect on the Company’s business.

The Bank Holding Company Act: As a financial holding company, CBI is subject to regulation under the Bank Holding Company Act of 1956, as amended (the “BHCA”), and the examination and reporting requirements of the Board of Governors of the Federal Reserve System (the “Federal Reserve Board”). Under the BHCA, CBI is subject to periodic examination by the Federal Reserve Board and is required to file periodic reports regarding its operations and any additional information that the Federal Reserve Board may require. The Federal Reserve Board also has extensive enforcement authority over financial and bank holding companies, including the ability to assess civil money penalties, issue cease and desist and removal orders, and require that a financial or bank holding company divest subsidiaries, including its subsidiary banks.

Under applicable law and Federal Reserve Board policy, a financial or bank holding company is expected to act as a source of strength to each of its subsidiary banks. The Federal Reserve Board may require a financial or bank holding company to contribute additional capital to an undercapitalized subsidiary bank and may disapprove of the payment of dividends to shareholders if the Federal Reserve Board believes the payment of such dividends would be an unsafe or unsound practice.

The BHCA generally limits the activities of a bank holding company to banking, managing or controlling banks, furnishing services to or performing services for its subsidiaries and engaging in any other activities that the Federal Reserve Board has determined to be so closely related to banking or to managing or controlling banks as to be a proper incident to those activities. In addition, the BHCA requires every bank holding company to obtain the approval of the Federal Reserve Board prior to acquiring all or substantially all of the assets of any bank or another financial or bank holding company, acquiring direct or indirect ownership or control of more than 5% of the voting shares of any bank not already majority-owned by it, or merging or consolidating with another financial or bank holding company.

In April 2020, the Federal Reserve Board adopted a final rule to revise its regulations related to determinations of whether a company has the ability to exercise a controlling influence over another company for purposes of the BHCA. The final rule expands and codifies the presumptions for use in such determinations. By codifying the presumptions, the final rule provides greater transparency on the types of relationships that the Federal Reserve Board generally views as supporting a facts-and-circumstances determination that one company controls another company. The Federal Reserve Board’s final rule applies to questions of control under the BHCA, but does not extend to the Change in Bank Control Act.

7

Gramm-Leach-Bliley Act (“GLBA)”: The GLBA permits qualifying bank holding companies to elect to become financial holding companies and thereby affiliate with securities firms and insurance companies and engage in other activities that are financial in nature if (i) the holding company is well capitalized and well managed and (ii) each of the holding company’s subsidiary banks is well capitalized under the FDIC’s Deposit Insurance Corporation Act of 1991 prompt corrective action provisions, is well managed, and has at least a satisfactory rating under the Community Reinvestment Act (the “CRA”). In March, 2000, CBI became a financial holding company. No regulatory approval is required for a financial holding company to acquire a company, other than a bank or a savings association, engaged in activities that are financial in nature or incidental to activities that are financial in nature, as determined by the Federal Reserve Board.

The GLBA defines “financial in nature” to include:

• securities underwriting, dealing and market making;

• sponsoring mutual funds and investment companies;

• insurance underwriting and agency;

• merchant banking; and

• activities that the Federal Reserve Board has determined to be closely related to banking.

If a financial holding company or a subsidiary bank fails to maintain all requirements for the holding company to maintain financial holding company status, material restrictions may be placed on the activities of the financial holding company and its subsidiaries and on the ability of the holding company to enter into certain transactions and obtain regulatory approvals for new activities and transactions. The financial holding company could also be required to divest of subsidiaries that engage in activities that are not permitted for bank holding companies that are not financial holding companies. If restrictions are imposed on the activities of a financial holding company, the existence of such restrictions may not be made publicly available pursuant to confidentiality regulations of the bank regulatory agencies.

Transactions with Affiliates, Directors, Executive Officers and Shareholders: Transactions between Civista and its affiliates, including CBI, are subject to Sections 23A and 23B of the Federal Reserve Act, and Federal Reserve Board Regulation W, which generally limit the extent to which Civista may engage in “covered transactions” with affiliates and require that the terms of such transactions be the same, or at least as favorable, to Civista as the terms provided in a similar transaction between Civista and an unrelated party. The term “covered transaction” includes the making of loans to an affiliate, the purchase of assets from an affiliate, the issuance of a guarantee on behalf of an affiliate, the purchase of securities issued by an affiliate and other similar types of transactions.

A bank’s authority to extend credit to executive officers, directors and greater than 10% shareholders, as well as entities such persons control, is subject to Sections 22(g) and 22(h) of the Federal Reserve Act and Regulation O promulgated thereunder by the Federal Reserve Board. Among other things, these loans must be made on terms (including interest rates charged and collateral required) substantially similar to those offered to unaffiliated individuals or be made as part of a benefit or compensation program and on terms widely available to employees, and must not involve a greater than normal risk of repayment. In addition, the amount of loans a bank may make to these affiliated persons is based, in part, on the bank’s capital position, and specified approval procedures must be followed in making loans which exceed specified amounts.

Federal Deposit Insurance Corporation (“FDIC”): The FDIC is an independent federal agency which insures the deposits of federally-insured banks and savings associations up to certain prescribed limits and safeguards the safety and soundness of financial institutions. The general insurance limit is $250,000 per separately insured depositor. This insurance is backed by the full faith and credit of the United States Government.

As insurer, the FDIC is authorized to conduct examinations of and to require reporting by insured institutions, including Civista, to prohibit any insured institution from engaging in any activity the FDIC determines to pose a threat to the DIF, and to take enforcement actions against insured institutions. The FDIC may terminate insurance of deposits of any institution if the FDIC finds that the institution has engaged in unsafe and unsound practices, is in an unsafe or unsound condition or has violated any applicable law, regulation, rule, order or condition imposed by the FDIC or other regulatory agency.

The FDIC assesses a quarterly deposit insurance premium on each insured institution based on risk characteristics of the institution and may also impose special assessments in emergency situations. The premiums fund the DIF. Pursuant to the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (the “Dodd-Frank Act”), the FDIC has established 2.0% as the designated reserve ratio (“DRR”), which is the amount in the DIF as a percentage of all DIF insured deposits. In March 2016, the FDIC

8

adopted final rules designed to meet the statutory minimum DRR of 1.35% by September 30, 2020, the deadline imposed by the Dodd-Frank Act. The Dodd-Frank Act requires the FDIC to offset the effect on insured institutions with assets of less than $10 billion of the increase in the statutory minimum DRR to 1.35% from the former statutory minimum of 1.15%. Although the FDIC’s rules reduced assessment rates on all banks, they imposed a surcharge on banks with assets of $10 billion or more to be paid until the DRR reached 1.35%. The DRR met the statutory minimum of 1.35% on September 30, 2018. As a result, the previous surcharge imposed on banks with assets of $10 billion or more was lifted. In addition, preliminary assessment credits have been determined by the FDIC for banks with assets of less than $10 billion, which had previously contributed to the increase of the DRR to 1.35%. On June 30, 2019, the DRR reached 1.40%, and the FDIC applied credits for banks with assets of less than $10 billion (“small bank credits”) beginning September 30, 2019. As of June 30, 2020, the DRR fell below the minimum DRR to 1.30%. As a result, the FDIC adopted a restoration plan requiring the restoration of the DRR to 1.35% within eight years (September 30, 2028). This restoration plan maintained the scheduled assessment rates for all insured institutions. As of September 30, 2021, the DRR was 1.27%. The FDIC rules further changed the method of determining risk-based assessment rates for established banks with less than $10 billion in assets to better ensure that banks taking on greater risks pay more for deposit insurance than banks that take on less risk.

The FDIC is authorized to prohibit any insured institution from engaging in any activity that poses a serious threat to the insurance fund and may initiate enforcement actions against a bank, after first giving the institution’s primary regulatory authority an opportunity to take such action. The FDIC may also terminate the deposit insurance of any institution that has engaged in or is engaging in unsafe or unsound practices, is in an unsafe or unsound condition to continue operations or has violated any applicable law, order or condition imposed by the FDIC.

COVID-19 Legislation and Initiatives: In response to the novel COVID-19 pandemic (“COVID-19”), the Coronavirus Aid, Relief, and Economic Security Act of 2020, as amended (the “CARES Act”), was signed into law on March 27, 2020, to provide national emergency economic relief measures. Many of the CARES Act’s programs are dependent upon the direct involvement of U.S. financial institutions, such as CBI and Civista, and have been implemented through rules and guidance adopted by federal departments and agencies, including the U.S. Department of Treasury, the Federal Reserve Board and other federal banking agencies, including those with direct supervisory jurisdiction over CBI and Civista. Furthermore, as COVID-19 evolves, federal regulatory authorities continue to issue additional guidance with respect to the implementation, lifecycle, and eligibility requirements for the various CARES Act programs as well as industry-specific recovery procedures for COVID-19. In addition, it is possible that Congress will enact supplementary COVID-19 response legislation, including amendments to the CARES Act or new bills comparable in scope to the CARES Act. For example, on December 27, 2020, the Consolidated Appropriations Act, 2021 (the “CAA”) was signed into law, which, among other things, allowed certain banks to temporarily postpone implementation of the current expected credit loss model (accounting standard), which is described below. The Company is continuing to assess the impact of the CARES Act and other statues, regulations and supervisory guidance related to COVID-19.

The CARES Act amended the loan program of the Small Business Administration (the “SBA”), in which Civista participates, to create a guaranteed, unsecured loan program, the Paycheck Protection Program (the “PPP”), to fund operational costs of eligible businesses, organizations and self-employed persons during COVID-19. These loans are eligible to be forgiven if certain conditions are satisfied and are fully guaranteed by the SBA. In June 2020, the Paycheck Protection Program Flexibility Act was enacted, which, among other things, gave borrowers additional time and flexibility to use PPP loan proceeds. After previously being extended by Congress, the application deadline for PPP loans expired on May 31, 2021. No collateral or personal guarantees were required for PPP loans. In addition, neither the government nor lenders have been permitted to charge the recipients of PPP loans any fees. On December 27, 2020, the President signed into law omnibus federal spending and economic stimulus legislation titled the “Consolidated Appropriations Act, 2021” that included the Economic Aid to Hard-Hit Small Businesses, Nonprofits, and Venues Act (the “HHSB Act”). Among other things, the HHSB Act renewed the PPP, allocating $284.45 billion for both new first-time PPP loans under the existing PPP and the expansion of existing PPP loans for certain qualified, existing PPP borrowers. In addition to extending and amending the PPP, the HHSB Act also creates a new grant program for “shuttered venue operators”. As a participating lender in the PPP, Civista continues to monitor legislative, regulatory, and supervisory developments related thereto.

On September 29, 2020, the federal bank regulatory agencies issued a final rule that neutralizes the regulatory capital and liquidity coverage ratio effects of participating in certain COVID-19 liquidity facilities due to the fact there is no credit or market risk in association with exposures pledged to such facilities. As a result, the final rule supports the flow of credit to households and businesses affected by COVID-19.

On December 2, 2020, the federal bank regulatory agencies issued an interim final rule that provides temporary relief for specified community banking organizations related to certain regulations and reporting requirements as a result, in large part, of their growth in size from the response to COVID-19. Community banking organizations are subject to different rules and requirements based on their risk profile and asset size. Due to their involvement in federal COVID-19 response programs (such as the PPP) and other

9

lending that supports the U.S. economy, many community banking organizations experienced rapid and unexpected increases in their sizes, which were generally expected to be temporary. The temporary increase in size could have subjected community banking organizations to new regulations or reporting requirements. However, community banking organizations, such as CBI and Civista, under $10.0 billion in total assets as of December 31, 2019 were permitted to use asset data as of December 31, 2019, to determine the applicability of various regulatory asset thresholds during calendar years 2020 and 2021. As such, it was not until January 1, 2022 that asset growth again triggered new regulatory requirements for these community banking organizations.

Consumer Financial Protection Bureau: The Dodd-Frank Act established the Consumer Financial Protection Bureau (the “CFPB”), which regulates consumer financial products and services and certain financial services providers. The CFPB is authorized to prevent unfair, deceptive and abusive acts or practices and seeks to ensure consistent enforcement of laws so that consumers have access to fair, transparent and competitive markets for consumer financial products and services. Since it was established the CFPB has exercised extensive rulemaking and interpretive authority.

Consumer Protection Laws and Regulations: Banks are subject to regular examination to ensure compliance with federal consumer protection statutes and regulations, including, but not limited to, the following:

• The Equal Credit Opportunity Act (prohibiting discrimination in any credit transaction on the basis of any of various criteria);

• The Truth in Lending Act (requiring that credit terms are disclosed in a manner that permits a consumer to understand and compare credit terms more readily and knowledgeably);

• The Fair Housing Act (making it unlawful for a lender to discriminate in its housing-related lending activities against any person on the basis of certain criteria);

• The Home Mortgage Disclosure Act (requiring financial institutions to collect data that enables regulatory agencies to determine whether financial institutions are serving the housing credit needs of the communities in which they are located); and

• The Real Estate Settlement Procedures Act (requiring that lenders provide borrowers with disclosures regarding the nature and cost of real estate settlements and prohibits abusive practices that increase borrowers’ costs).

The banking regulators also use their authority under the Federal Trade Commission Act to take supervisory or enforcement action with respect to unfair or deceptive acts or practices by banks that may not necessarily fall within the scope of a specific banking or consumer finance law.

Community Reinvestment Act: The CRA requires depository institutions to assist in meeting the credit needs of their market areas, including low- and moderate-income areas, consistent with safe and sound banking practice. Under this Act, each institution is required to adopt a statement for each of its market areas describing the depositary institution’s efforts to assist in its community’s credit needs. Depositary institutions are periodically examined for compliance and assigned one of four ratings: outstanding, satisfactory, needs improvement, or substantial noncompliance. The rating assigned to a financial institution is considered in connection with various applications submitted by a financial institution or its holding company to its banking regulators, including applications to acquire another financial institution or to open a new branch office. In addition, all subsidiary banks of a financial holding company must maintain a satisfactory or outstanding rating in order for the financial holding company to avoid limitations on its activities. Civista received a rating of “satisfactory” in its most recent CRA examination.

Economic Growth, Regulatory Relief and Consumer Protection Act: On May 25, 2018, the Economic Growth, Regulatory Relief and Consumer Protection Act (the “Regulatory Relief Act”) was enacted, which repealed or modified certain provisions of the Dodd-Frank Act and eased restrictions on all but the largest banks (those with consolidated assets in excess of $250 billion). Bank holding companies with consolidated assets of less than $100 billion, including CBI, are no longer subject to enhanced prudential standards. The Regulatory Relief Act also relieves bank holding companies and banks with consolidated assets of less than $100 billion, including CBI and Civista, from certain record-keeping, reporting and disclosure requirements. Certain other regulatory requirements applied only to banks with consolidated assets in excess of $50 billion and so did not apply to CBI or Civista even before the enactment of the Regulatory Relief Act.

Patriot Act and Anti-Money Laundering: The Uniting and Strengthening of America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (the “Patriot Act”) gives the United States government powers to address terrorist threats through enhanced domestic security measures, expanded surveillance powers, increased information sharing and broadened anti-money laundering requirements. Title III of the Patriot Act encourages information sharing among bank regulatory agencies and law enforcement bodies. Further, certain provisions of Title III impose affirmative obligations on a broad range of financial

10

institutions. Among other requirements, Title III and related regulations require regulated financial institutions to establish a program specifying procedures for obtaining identifying information from customers seeking to open new accounts and establish enhanced due diligence policies, procedures and controls designed to detect and report suspicious activity. Civista has established policies and procedures that Civista believes comply with the requirements of the Patriot Act.

The Anti-Money Laundering Act of 2020 (the “AMLA”), which amends the Bank Secrecy Act of 1970 (the “BSA”), was enacted in January 2021. The AMLA is intended to be a comprehensive reform and modernization to U.S. bank secrecy and anti-money laundering laws. Among other things, it codifies a risk-based approach to anti-money laundering compliance for financial institutions; requires the development of standards for evaluating technology and internal processes for BSA compliance; expands enforcement-related and investigation-related authority, including increasing available sanctions for certain BSA violations and instituting BSA whistleblower initiatives and protections.

Office of Foreign Assets Control Regulation. The U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) administers and enforces economic and trade sanctions against targeted foreign countries and regimes, under authority of various laws, including designated foreign countries, nationals and others. OFAC publishes lists of specially designated targets and countries. Civista is responsible for, among other things, blocking accounts of, and transactions with, such targets and countries, prohibiting unlicensed trade and financial transactions with them and reporting blocked transactions after their occurrence. Failure to comply with these sanctions could have serious financial, legal and reputational consequences, including causing applicable bank regulatory authorities not to approve merger or acquisition transactions when regulatory approval is required or to prohibit such transactions even if approval is not required. Regulatory authorities have imposed cease and desist orders and civil money penalties against institutions found to be violating these obligations.

Securities and Exchange Commission (“SEC”) and The Nasdaq Stock Market LLC (“Nasdaq”): CBI is also under the jurisdiction of the SEC and certain state securities commissions for matters relating to the offering and sale of its securities. CBI is subject to the registration, disclosure, reporting and regulatory requirements of the Securities Act of 1933, as amended (the “Securities Act”), the Securities Exchange Act of 1934, as amended (the “Exchange Act”), and the regulations promulgated under each of the Securities Act and the Exchange Act, as administered by the SEC. CBI’s common shares are listed with Nasdaq under the symbol “CIVB” and CBI is subject to the rules for Nasdaq listed companies.

Corporate Governance: As mandated by the Sarbanes-Oxley Act of 2002, the SEC has adopted rules and regulations governing, among other matters, corporate governance, auditing and accounting, executive compensation and enhanced and timely disclosure of corporate information. Nasdaq has also adopted corporate governance rules. The Board of Directors of the Company has taken a series of actions to strengthen and improve the Company’s governance practices in light of the rules of the SEC and Nasdaq. The Board of Directors has adopted charters for the Audit Committee, the Compensation Committee and the Nominating Committee, as well as a Code of Conduct (Ethics) applicable to all directors, officers and employees of the Company. In addition, in accordance with Section 302(a) of the Sarbanes-Oxley Act, written certifications by CBI’s Chief Executive Officer and Chief Financial Officer are required. These certifications attest that CBI’s quarterly and annual reports filed with the SEC do not contain any untrue statement of a material fact. See Item 9A “Controls and Procedures” in Part II of this Form 10-K for CBI’s evaluation of its disclosure controls and procedures.

Regulation of Bank Subsidiary: As an Ohio chartered bank, Civista is subject to supervision and regulation by the State of Ohio Department of Commerce, Division of Financial Institutions (the “ODFI”). In addition, Civista is a member of the Federal Reserve System and, therefore, is subject to supervision and regulation by the Federal Reserve Board. Civista is subject to periodic examinations by both ODFI and the Federal Reserve Board. These examinations are designed primarily for the protection of the depositors of the bank and not shareholders.

Banking subsidiaries of financial and bank holding companies are also subject to federal regulation regarding such matters as reserves, limitations on the nature and amount of loans and investments, issuance or retirement of its own securities, limitations on the payment of dividends and other aspects of banking operations.

Regulatory Capital Requirements: The Federal Reserve Board has adopted risk-based guidelines for financial holding companies and other bank holding companies as well as state member banks, and the FDIC has adopted risk-based capital guidelines for state non-member banks. The guidelines provide a systematic analytical framework which makes regulatory capital requirements sensitive to differences in risk profiles among banking organizations, takes off-balance sheet exposures expressly into account in evaluating capital adequacy, and minimizes disincentives to holding liquid, low-risk assets. Capital levels as measured by these standards are also used to categorize financial institutions for purposes of certain prompt corrective action regulatory provisions.

In July 2013, the United States banking regulators issued new capital rules applicable to smaller banking organizations which also implement certain of the provisions of the Dodd-Frank Act (the “Basel III Capital Rules”). Community banking organizations,

11

including CBI and Civista, began transitioning to the new rules on January 1, 2015. The new minimum capital requirements became effective on January 1, 2015, whereas a new capital conservation buffer and deductions from common equity capital phased in from January 1, 2016 through January 1, 2019, and most deductions from common equity tier 1 capital phased in from January 1, 2015 through January 1, 2019.

The Basel III Capital Rules include (a) a minimum common equity tier 1 capital ratio of 4.5%, (b) a minimum Tier 1 capital ratio of 6.0%, (c) a minimum total capital ratio of 8.0%, and (d) a minimum leverage ratio of 4.0%.

Common equity for the common equity tier 1 capital ratio generally includes common stock (plus related surplus), retained earnings, accumulated other comprehensive income (unless an institution elects to exclude such income from regulatory capital), and limited amounts of minority interests in the form of common stock, subject to applicable regulatory adjustments and deductions.

Tier 1 capital generally includes common equity as defined for the common equity tier 1 capital ratio, plus certain non-cumulative preferred stock and related surplus, cumulative preferred stock and related surplus, trust preferred securities that have been grandfathered (but which are not permitted going forward), and limited amounts of minority interests in the form of additional Tier 1 capital instruments, less certain deductions.

Tier 2 capital, which can be included in the total capital ratio, generally consists of other preferred stock and subordinated debt meeting certain conditions plus limited amounts of the allowance for loan and lease losses, subject to specified eligibility criteria, less applicable deductions.

The deductions from common equity tier 1 capital include goodwill and other intangibles, certain deferred tax assets, mortgage-servicing assets above certain levels, gains on sale in connection with a securitization, investments in a banking organization’s own capital instruments and investments in the capital of unconsolidated financial institutions (above certain levels).

Under the guidelines, capital is compared to the relative risk related to the balance sheet. To derive the risk included in the balance sheet, one of several risk weights is applied to different balance sheet and off-balance sheet assets, primarily based on the relative credit risk of the counterparty. The capital amounts and classification are also subject to qualitative judgments by the regulators about components, risk weightings and other factors.

The Basel III Capital Rules also place restrictions on the payment of capital distributions, including dividends, and certain discretionary bonus payments to executive officers if the banking organization does not hold a capital conservation buffer of greater than 2.5 percent composed of common equity tier 1 capital above its minimum risk-based capital requirements, or if its eligible retained income is negative in that quarter and its capital conservation buffer ratio was less than 2.5 percent at the beginning of the quarter.

In September 2019, the Federal Reserve Board, along with other federal bank regulatory agencies, issued a final rule, effective January 1, 2020, that gave community banks, including the Company, the option to calculate a simple leverage ratio to measure capital adequacy if the community banks met certain requirements. Under the rule, a community bank is eligible to elect the Community Bank Leverage Ratio (“CBLR”) framework if it had less than $10 billion in total consolidated assets, limited amounts of certain assets and off-balance sheet exposures, and a leverage ratio greater than 9.0%. Qualifying institutions that elected to use the CBLR framework (each, a “CBLR Bank”) and that maintain a leverage ratio of greater than 9.0% will be considered to have satisfied the risk-based and leverage capital requirements in the regulatory agencies’ generally applicable capital rules and to have met the well-capitalized ratio requirements. No CBLR Bank was required to calculate or report risk-based capital, and each CBLR Bank could opt out of the framework at any time, without restriction, by reverting to the generally applicable risk-based capital rule. Pursuant to the CARES Act, on August 26, 2020, the federal banking agencies adopted a final rule that temporarily lowered the CBLR threshold and provided a gradual transition back to the prior level. Specifically, the CBLR threshold was reduced to 8.0% for the remainder of 2020, increased to 8.5% for 2021, and returned to 9.0% on January 1, 2022. This final rule became effective on October 1, 2020. The Company did not utilize the CBLR in assessing capital adequacy and, instead, continued to follow existing capital rules.

In December 2018, the federal banking agencies issued a final rule to address regulatory capital treatment of credit loss allowances under the current expected credit loss (“CECL”) model (accounting standard). The rule revises the federal banking agencies’ regulatory capital rules to identify which credit loss allowances under the CECL model are eligible for inclusion in regulatory capital and to provide banking organizations the option to phase in over three years the day-one adverse effects on regulatory capital that may result from the adoption of the CECL model. The Company currently anticipates recording a one-time cumulative effect adjustment upon adoption, and does not anticipate utilizing the three year phase in. The Company expects to maintain risk-based capital ratios in excess of “well-capitalized” after the impact of the one-time cumulative effect adjustment.

12

At December 31, 2021, both CBI and Civista were in compliance with all of the regulatory capital requirements to which they are subject. For CBI’s and Civista’s capital ratios, see Note 18 to the Company’s 2021 Consolidated Financial Statements.

The Federal Reserve Board has adopted regulations governing prompt corrective action to resolve the problems of capital deficient and otherwise troubled state-chartered member banks. At each successively lower defined capital category, a bank is subject to more restrictive and numerous mandatory or discretionary regulatory actions or limits, and the Federal Reserve Board has less flexibility in determining how to resolve the problems of the institution. In addition, the Federal Reserve Board generally can downgrade a bank’s capital category, notwithstanding its capital level, if, after notice and opportunity for hearings, the bank is deemed to be engaged in an unsafe or unsound practice, because it has not corrected deficiencies that resulted in it receiving a less than satisfactory examination rating on matters other than capital or it is deemed to be in an unsafe or unsound condition. Civista’s capital at December 31, 2021, met the standards for the highest capital category, a “well-capitalized” bank.

Federal Reserve Board regulations also limit the payment of dividends by Civista to CBI. Civista may not pay a dividend if it would cause Civista not to meet its capital requirements. In addition, the dividends that Civista may pay to CBI without prior approval of the Federal Reserve Board is limited to net income for the year plus its retained net income for the preceding two years.

Volcker Rule

In December 2013, five federal agencies adopted a final regulation implementing the Volcker Rule provision of the Dodd-Frank Act (the “Volcker Rule”). The Volcker Rule places limits on the trading activity of insured depository institutions and entities affiliated with a depository institution, subject to certain exceptions. The trading activity includes a purchase or sale as principal of a security, derivative, commodity future or option on any such instruments in order to benefit from short-term price movements or to realize short-term profits. The Volcker Rule exempts specified U.S. Government, agency and/or municipal obligations, and it excepts trading conducted in certain capacities, including as a broker or other agent, through a deferred compensation or pension plan, as a fiduciary on behalf of customers, to satisfy a debt previously contracted, repurchase and securities lending agreements and risk-mitigating hedging activities.

The Volcker Rule also prohibits a banking entity from having an ownership interest in, or substantial relationships with, a hedge fund or private equity fund, also known as “covered funds,” with a number of exceptions. To the extent that Civista engages in any of the trading activities or has any ownership interest in or relationship with any of the types of funds regulated by the Volcker Rule, Civista believes that its activities and relationships fall within the scope of one or more of the exceptions provided in the Volcker Rule.

In July 2019, the five federal agencies that adopted the Volcker Rule adopted a final rule to exempt certain community banks, including Civista, from the Volcker Rule, consistent with the Regulatory Relief Act. Under the final rule, community banks with $10 billion or less in total consolidated assets and total trading assets and liabilities of 5.0% or less of total consolidated assets are excluded from the restrictions of the Volcker Rule. On June 25, 2020, the federal bank regulatory agencies also finalized a rule modifying the Volcker Rule’s prohibition on banking entities investing in or sponsoring covered funds. Such rule permits certain banking entities to offer financial services and engage in other activities that do not raise concerns that the Volcker Rule was originally intended to address.

Non-Banking Subsidiaries. The Company’s non-banking subsidiaries are also subject to regulation by the Federal Reserve Board and other applicable federal and state agencies. FCIA, as a licensed insurance agency, is subject to regulation by the Ohio Department of Insurance and the state insurance regulatory agencies of those states where it conducts business. CRMI, as a Delaware-chartered captive insurance company, is subject to the laws and regulations of the State of Delaware and undergoes periodic examinations by the Delaware Division of Insurance.

Executive and Incentive Compensation

The Dodd-Frank Act requires that the federal banking agencies, including the Federal Reserve Board and the FDIC, issue a rule related to incentive-based compensation. No final rule implementing this provision of the Dodd-Frank Act has, as of the date of the filing of this Annual Report on Form 10-K, been adopted, but a proposed rule was published in 2016 that expanded upon a prior proposed rule published in 2011. The proposed rule is intended to: (i) prohibit incentive-based payment arrangements that the banking agencies determine could encourage certain financial institutions to take inappropriate risks by providing excessive compensation or that could lead to material financial loss; (ii) require the board of directors of those financial institutions to take certain oversight actions related to incentive-based compensation; and (iii) require those financial institutions to disclose information concerning incentive-based compensation arrangements to the appropriate federal regulator. Although a final rule has not been issued, the Company has undertaken efforts to ensure that the Company’s incentive compensation plans do not encourage inappropriate risks, consistent with the principles identified above.

13

In June 2010, the Federal Reserve Board, the OCC and the FDIC issued comprehensive final guidance on incentive compensation policies intended to ensure that the incentive compensation policies of banking organizations do not undermine the safety and soundness of such organizations by encouraging excessive risk-taking. The guidance, which covers all employees that have the ability to materially affect the risk profile of an organization, either individually or as part of a group, is based upon the key principles that a banking organization’s incentive compensation arrangements should (i) provide incentives that do not encourage risk-taking beyond the organization’s ability to effectively identify and manage risks, (ii) be compatible with effective internal controls and risk management and (iii) be supported by strong corporate governance, including active and effective oversight by the organization’s board of directors. These three principles are incorporated into the proposed joint compensation regulations under the Dodd-Frank Act, described above.

The Federal Reserve Board and the OCC review, as part of their respective regular, risk-focused examination process, the incentive compensation arrangements of banking organizations, such as CBI and Civista, that are not “large, complex banking organizations.” These reviews are tailored to each organization based on the scope and complexity of the organization’s activities and the prevalence of incentive compensation arrangements. Deficiencies will be incorporated into the organization’s supervisory ratings, which can affect the organization’s ability to make acquisitions and take other actions. Enforcement actions may be taken against a banking organization if its incentive compensation arrangements, or related risk-management control or governance processes, pose a risk to the organization’s safety and soundness and the organization is not taking prompt and effective measures to correct the deficiencies.

Public company compensation committee members must meet heightened independence requirements and consider the independence of compensation consultants, legal counsel and other advisors to the compensation committee. A compensation committee must have the authority to hire advisors and to have the public company fund reasonable compensation of such advisors.

Public companies will be required, once stock exchanges impose additional listing requirements under the Dodd-Frank Act, to implement “clawback” procedures for incentive compensation payments and to disclose the details of the procedures which allow recovery of incentive compensation that was paid on the basis of erroneous financial information necessitating a restatement due to material noncompliance with financial reporting requirements. This clawback policy is intended to apply to compensation paid within a three-year look-back window of the restatement and would cover all executives who received incentive awards. The Company has implemented a clawback policy and it is posted under the “Corporate Overview” tab on the “Governance Documents” page of CBI’s Internet website.

SEC regulations require public companies such as CBI to provide various disclosures about executive compensation in annual reports and proxy statements and to present to their shareholders a non-binding vote on the approval of executive compensation.

Financial Privacy Provisions: Federal and state regulations limit the ability of banks and other financial institutions to disclose non-public information about consumers to non-affiliated third parties. These limitations require disclosure of privacy policies to consumers and, in some circumstances, allow consumers to prevent disclosure of certain personal information to a non-affiliated third party. These regulations affect how consumer information is transmitted through diversified financial companies and conveyed to outside vendors.

Civista is also subject to regulatory guidelines establishing standards for safeguarding customer information. These guidelines describe the federal bank regulatory agencies’ expectations for the creation, implementation and maintenance of an information security program, which would include administrative, technical and physical safeguards appropriate to the size and complexity of the institution and the nature and scope of its activities. The standards set forth in the guidelines are intended to ensure the security and confidentiality of customer records and information, protect against any anticipated threats or hazards to the security or integrity of such records and protect against unauthorized access to or use of such records or information that could result in substantial harm or inconvenience to any customer.

Cybersecurity

In March 2015, federal regulators issued two related statements regarding cybersecurity. One statement indicates that financial institutions should design multiple layers of security controls to establish several lines of defense and to ensure that their risk management processes also address the risk posed by compromised customer credentials, including security measures to reliably authenticate customers accessing Internet-based services of the financial institution. The other statement indicates that a financial institution’s management is expected to maintain sufficient business continuity planning processes to ensure the rapid recovery, resumption and maintenance of the financial institution’s operations after a cyber-attack involving destructive malware. A financial institution is also expected to develop appropriate processes to enable recovery of data and business operations and address

14

rebuilding network capabilities and restoring data if the financial institution or its critical service providers fall victim to this type of cyber-attack. If Civista fails to observe the regulatory guidance, it could be subject to various regulatory sanctions, including financial penalties.

In February 2018, the SEC published interpretive guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents. These SEC guidelines, and any other regulatory guidance, are in addition to notification and disclosure requirements under state and federal banking law and regulations.

In November 2021, the OCC, the Federal Reserve Board and the FDIC issued a final rule requiring banking organizations that experience a computer-security incident to notify certain entities. A computer-security incident occurs when actual or potential harm to the confidentiality, integrity, or availability of an information system or the information occurs, or there is a violation or imminent threat of a violation to banking security policies and procedures. The affected bank must notify its respective federal regulator of the computer-security incident as soon as possible and no later than 36 hours after the bank determines a computer-security incident has occurred. These notifications are intended to promote early awareness of threats to banking organizations and will help banks react to those threats before they manifest into bigger incidents. This rule also requires bank service providers to notify its customers of a computer-security incident.

State regulators have also been increasingly active in implementing privacy and cybersecurity standards and regulations. Recently, several states have adopted regulations requiring certain financial institutions to implement cybersecurity programs and providing detailed requirements with respect to these programs, including data encryption requirements. Many states have also recently implemented or modified their data breach notification and data privacy requirements. The Company expects this trend of state-level activity in those areas to continue, and is continually monitoring developments in the states in which our customers are located.

In the ordinary course of business, the Company relies on electronic communications and information systems to conduct its operations and to store sensitive data. The Company employs an in-depth, layered, defensive approach that leverages people, processes and technology to manage and maintain cybersecurity controls. The Company employs a variety of preventative and detective tools to monitor, block, and provide alerts regarding suspicious activity, as well as to report on any suspected advanced persistent threats. Notwithstanding the strength of the Company’s defensive measures, the threat from cyber-attacks is severe, attacks are sophisticated and increasing in volume, and attackers respond rapidly to changes in defensive measures. While to date, the Company has not detected a significant compromise, significant data loss or any material financial losses related to cybersecurity attacks, Company’s systems and those of its customers and third-party service providers are under constant threat and it is possible that the Company could experience a significant event in the future. Risks and exposures related to cybersecurity attacks are expected to remain high for the foreseeable future due to the rapidly evolving nature and sophistication of these threats, as well as due to the expanding use of Internet banking, mobile banking and other technology-based products and services by us and our customers.

Effect of Environmental Regulation

Compliance with federal, state and local provisions regulating the discharge of materials into the environment, or otherwise relating to the protection of the environment, has not had a material effect upon the capital expenditures, earnings or competitive position of the Company. In the opinion of management, the Company does not have exposure to material costs associated with compliance with environmental laws and regulations or material expenditures related to environmental hazardous waste mitigation or cleanup.

The Company believes its primary exposure to environmental risk is through the lending activities of Civista. In cases where management believes environmental risk potentially exists, Civista mitigates its environmental risk exposure by requiring environmental site assessments at the time of loan origination to confirm collateral quality as to commercial real estate parcels posing higher than normal potential for environmental impact, as determined by reference to present and past uses of the subject property and adjacent sites. In addition, environmental assessments are typically required prior to any foreclosure activity involving non-residential real estate collateral.

Effects of Government Monetary Policy

The earnings of the Company are affected by general and local economic conditions and by the policies of various governmental regulatory authorities. In particular, the Federal Reserve Board regulates money and credit conditions and interest rates to influence general economic conditions, primarily through open market acquisitions or dispositions of United States Government securities,

15

varying the discount rate on member bank borrowings and setting reserve requirements against member and nonmember bank deposits. Federal Reserve Board monetary policies have had a significant effect on the interest income and interest expense of commercial banks, including Civista, and are expected to continue to do so in the future.

Available Information

CBI maintains an Internet website at www.civb.com (this uniform resource locator, or URL, is an inactive textual reference only and is not intended to incorporate CBI’s website into this Annual Report on Form 10-K). CBI makes available free of charge on or through its Internet website its annual reports on Form 10-K, quarterly reports on Form 10-Q, current reports on Form 8-K and amendments to those reports filed or furnished pursuant to Section 13(a) or 15(d) of the Securities Exchange Act of 1934, as amended (the Exchange Act), as well as CBI’s definitive proxy statements filed pursuant to Section 14 of the Exchange Act, as soon as reasonably practicable after CBI electronically files such material with, or furnishes it to, the SEC.

Statistical Information

The following section contains certain financial disclosures related to the Company as required under Subpart 1400 of the SEC’s Regulation S-K, or a specific reference as to the location of the required disclosures in the Registrant’s 2021 Annual Report to Shareholders, portions of which are incorporated in this Form 10-K by reference.

Distribution of Assets, Liabilities and Shareholders’ Equity; Interest Rates and Interest Differential

Average balance sheet information and the related analysis of net interest income for the years ended December 31, 2021, 2020 and 2019 is included on pages 14 through 16—“Distribution of Assets, Liabilities and Shareholders’ Equity; Interest Rates and Interest Differential” and “Changes in Interest Income and Interest Expense Resulting from Changes in Volume and Changes in Rate”, within Management’s Discussion and Analysis of Financial Condition and Results of Operations of the Company’s 2021 Annual Report to Shareholders and is incorporated into this Item I by reference.

Investments in Debt Securities

The following table sets forth the maturities of securities at December 31, 2021 and the weighted average yields of such debt securities. Maturities are reported based on stated maturities and do not reflect principal prepayment assumptions.

	Within one year					After one but within five years					After five but within ten years					After ten years
	Amount		Yield			Amount		Yield			Amount		Yield			Amount		Yield
	(Dollars in thousands)
Available for Sale (2)
U.S. Treasury securities and obligations of U.S. government agencies	$	3,252		1.32	%	$	25,714		0.63	%	$	18,691		1.29	%	$	233		1.56	%
Obligations of states and political subdivisions (1)		537		3.56			8,904		4.03			42,211		2.72			247,184		2.90
Mortgage-backed securities in government sponsored entities		1,573		3.11			16,560		3.23			11,872		0.82			183,143		1.90
Total	$	5,362		2.07	%	$	51,178		2.07	%	$	72,774		2.04	%	$	430,560		2.51	%

(1) Weighted average yields on nontaxable obligations have been computed based on actual yields stated on the security.

(2) The weighted average yield has been computed using the historical amortized cost for available-for-sale securities.

16

Loan Portfolio

Maturities and Sensitivities of Loans to Changes in Interest Rates

The following table shows the amount of commercial and agriculture, commercial real estate, residential real estate, real estate construction, farm real estate and consumer and other loans outstanding as of December 31, 2021, which, based on the contract terms for repayments of principal, are due in the periods indicated. In addition, the amounts due after one year are classified according to their sensitivity to changes in interest rates.

	Maturing
	Within one year		After one but within five years		After five but within fifteen years		After fifteen years		Total
	(Dollars in thousands)
Commercial & Agriculture	$	70,434	$	115,810	$	59,678	$	580	$	246,502
Commercial Real Estate:
Owner Occupied		8,311		48,099		216,523		22,519		295,452
Non-Owner Occupied		36,837		241,402		535,859		15,212		829,310
Residential Real Estate		6,393		18,744		201,719		203,204		430,060
Real Estate Construction		24,703		78,299		39,660		14,465		157,127
Farm Real Estate		2,380		3,578		18,667		3,794		28,419
Consumer and Other		2,512		6,139		2,017		341		11,009
Total	$	151,570	$	512,071	$	1,074,123	$	260,115	$	1,997,879

	Due After One Year
	Fixed Rate		Variable Rate
	(Dollars in thousands)
Commercial & Agriculture	$	78,080	$	97,988
Commercial Real Estate:
Owner Occupied		54,777		232,364
Non-Owner Occupied		197,951		594,522
Residential Real Estate		121,192		302,475
Real Estate Construction		24,962		107,462
Farm Real Estate		7,283		18,756
Consumer and Other		7,465		1,032
Total	$	491,710	$	1,354,599

The preceding maturity information is based on contract terms at December 31, 2021 and does not include any possible “rollover” at maturity date. In the normal course of business, Civista considers and acts on the borrowers’ requests for renewal of loans at maturity. Evaluation of such requests includes a review of the borrower’s credit history, the collateral securing the loan and the purpose for such request.

17

Allowance for Credit Losses

Analysis of the Allowance for Loan Losses

The following table shows the daily average loan balances and changes in the allowance for credit losses for the years indicated.

	2021			2020			2019
	(Dollars in thousands)
Total loans outstanding	$	1,997,879		$	2,057,502		$	1,708,970
Allowance for credit losses at year end		26,641			25,028			14,767
Loans accounted for on a nonaccrual basis		3,673			5,125			5,599
Allowance for credit losses to total loans outstanding		1.33	%		1.22	%		0.86	%
Nonaccrual loans to total loans outstanding		0.18	%		0.25	%		0.33	%
Allowance for credit losses to nonaccrual loans		725.32	%		488.35	%		263.74	%
Average loans outstanding:
Commercial & Agriculture		338,916			359,820			185,093
Commercial Real Estate—Owner Occupied		278,777			256,962			193,335
Commercial Real Estate—Non-Owner Occupied		755,578			643,622			576,383
Real Estate Mortgage		433,351			462,834			464,509
Real Estate Construction		176,775			175,573			140,184
Farm Real Estate		28,968			33,935			35,819
Consumer and Other		14,542			20,726			17,652
Total average loans outstanding		2,026,907			1,953,472			1,612,975
Net charge-offs (recoveries):
Commercial & Agriculture		(150	)		13			28
Commercial Real Estate—Owner Occupied		(7	)		(111	)		(128	)
Commercial Real Estate—Non-Owner Occupied		(395	)		(48	)		(102	)
Real Estate Mortgage		(182	)		18			35
Real Estate Construction		(1	)		(4	)		21
Farm Real Estate		(12	)		(13	)		(5	)
Consumer and Other		(36	)		(4	)		98
Total net charge-offs (recoveries)		(783	)		(149	)		(53	)
Ratio of net charge-offs (recoveries) during the year to average loans outstanding:
Commercial & Agriculture		(0.04	)%		0.00	%		0.02	%
Commercial Real Estate—Owner Occupied		(0.00	)%		(0.04	)%		(0.07	)%
Commercial Real Estate—Non-Owner Occupied		(0.05	)%		(0.01	)%		(0.02	)%
Real Estate Mortgage		(0.04	)%		0.00	%		0.01	%
Real Estate Construction		(0.00	)%		(0.00	)%		0.01	%
Farm Real Estate		(0.04	)%		(0.04	)%		(0.01	)%
Consumer and Other		(0.25	)%		(0.02	)%		0.56	%
Total net recoveries (charge-offs)		(0.04	)%		(0.01	)%		(0.00	)%

The amount of net charge-offs fluctuates from year to year due to factors relating to the condition of the general economy, decline in market values of collateral and deterioration of specific businesses.

The determination of the balance of the allowance for loan losses is based on a detailed analysis of the loan portfolio and reflects an amount that, in management’s judgment, is adequate to provide for probable incurred loan losses. Such analysis is based on a review of specific loans, the character of the loan portfolio, current economic conditions, risk management practices and such other factors as management believes require current recognition in estimating probable incurred loan losses.

18

Allocation of Allowance for Credit Losses

The following tables allocate the allowance for loan losses at December 31 to each loan category. The allowance has been allocated according to the amount deemed to be reasonably necessary to provide for the probable losses estimated to be incurred within the following categories of loans at the dates indicated.

	2021					2020
	Allowance		Percentage of loans to total loans			Allowance		Percentage of loans to total loans
	(Dollars in thousands)
Commercial and Agriculture	$	2,600		12.3	%	$	2,810		19.9	%
Commercial Real Estate—Owner Occupied		4,464		14.9			4,057		13.6
Commercial Real Estate—Non-Owner Occupied		13,860		41.5			12,451		34.3
Real Estate Mortgage		2,597		21.5			2,484		21.5
Real Estate Construction		1,810		7.9			2,439		8.5
Farm Real Estate		287		1.4			338		1.6
Consumer and Other		176		0.5			209		0.6
Unallocated		847		—			240		—
	$	26,641		100.0	%	$	25,028		100.0	%

	2019
	Allowance		Percentage of loans to total loans
	(Dollars in thousands)
Commercial and Agriculture	$	2,219		11.9	%
Commercial Real Estate—Owner Occupied		2,541		14.4
Commercial Real Estate—Non-Owner Occupied		6,584		34.6
Real Estate Mortgage		1,582		27.1
Real Estate Construction		1,250		9.1
Farm Real Estate		344		2.0
Consumer and Other		247		0.9
Unallocated		—		—
	$	14,767		100.0	%

Civista measures the adequacy of the allowance for loan losses by using both specific and general components. The specific component relates to the evaluation of each loan identified as impaired. The general component consists of a pooling of commercial credits risk graded as special mention and substandard, based on portfolio experience, and general reserves, which are based on a twelve quarter loss migration analysis, adjusted for current economic factors. Loss migration rates are calculated over a twelve quarter period for all portfolio segments. Factors in the determination of the economic reserve include items such as changes in the economic and business conditions of its market, changes in lending policies and procedures, changes in loan concentrations, as well as a few others. The allowance for loan losses to total loans increased from 1.22% in 2020 to 1.33% in 2021. The unallocated reserve of Civista increased to $847 in 2021 from $240 in 2020. Management considers both the increase in unallocated and the end-of-period number to be insignificant and within the loan policy guidelines.

Deposits

The average daily amount of deposits (all in domestic offices) and average rates paid on such deposits is summarized for the years indicated.

	2021					2020
	Average balance		Average rate paid			Average balance		Average rate paid
	(Dollars in thousands)
Noninterest-bearing demand deposits	$	907,591		N/A		$	739,648		N/A
Interest-bearing demand deposits		497,067		0.03	%		379,828		0.05	%
Savings, including Money Market deposit accounts		818,153		0.13	%		670,716		0.24	%
Certificates of deposit, including IRA’s		265,294		1.11	%		288,262		1.76	%
	$	2,488,105				$	2,078,454

19

Uninsured deposits at December 31, 2021 and 2020 were $599,380 and $515,454, respectively. Uninsured deposits as December 31, 2021 and 2020 are based on estimates and include portions of FDIC-insured deposit accounts that exceed the insurance limit of $250,000 per separately insured depositor.

Maturities of certificates of deposits and individual retirement accounts of more than $250,000 outstanding at December 31, 2021 are summarized as follows.

	Certificates of Deposits		Individual Retirement Accounts		Total
	(Dollars in thousands)
3 months or less	$	12,532	$	301	$	12,833
Over 3 through 6 months		6,784		611		7,395
Over 6 through 12 months		12,785		648		13,433
Over 12 months		23,410		1,296		24,706
	$	55,511	$	2,856	$	58,367

20

Item lA. Risk Factors

FOR WARD-LOOKING STATEMENTS

This Annual Report on Form 10-K may contain “forward-looking statements” within the meaning of Section 27A of the Securities Act of 1933, as amended (the “Securities Act”), and Section 21E of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), relating to such matters as financial condition, anticipated operating results, cash flows, business line results, credit quality expectations, prospects for new lines of business, economic trends (including interest rates) and similar matters. Forward-looking statements reflect our expectations, estimates or projections concerning future results or events. These statements are generally identified by the use of forward-looking words or phrases such as “believe,” “belief,” “expect,” “anticipate,” “may,” “could,” “intend,” “intent,” “estimate,” “plan,” “foresee,” “likely,” “will,” “should” or other similar words or phrases. Forward-looking statements are not guarantees of performance and are inherently subject to known and unknown risks, uncertainties and assumptions that are difficult to predict and could cause our actual results, performance or achievements to differ materially from those expressed in or implied by the forward-looking statements.

The Private Securities Litigation Reform Act of 1995 provides a safe harbor for forward-looking statements, and the purpose of this section is to secure the use of the safe harbor provisions.

Forward-looking statements involve risks and uncertainties. Actual results may differ materially from those predicted by the forward-looking statements because of various factors and possible events, including those factors and events identified in the risk factors set forth below. There is also the risk that the Company’s management or Board of Directors incorrectly analyzes these risks and uncertainties or that the strategies the Company develops to address them are unsuccessful. The forward-looking statements included in this report are only made as of the date of this report, and we disclaim any obligation to publicly update any forward-looking statement to reflect subsequent events or circumstances, except as required by law. All subsequent written and oral forward-looking statements attributable to the Company or any person acting on the Company’s behalf are qualified in their entirety by the following cautionary statements

ECONOMIC AND POLITICAL RISKS

THE ECONOMIC IMPACT OF THE ONGOING COVID-19 PANDEMIC, OR AN OUTBREAK OF ANOTHER HIGHLY INFECTIOUS OR CONTAGIOUS DISEASE, COULD ADVERSELY AFFECT OUR BUSINESS, FINANCIAL CONDITION AND RESULTS OF OPERATIONS.

The ongoing COVID-19 pandemic has negatively impacted global, national and local economies, disrupted global and national supply chains, lowered equity market valuations, and created significant volatility and disruption in financial markets. In addition, the pandemic resulted in temporary closures of many businesses and the institution of social distancing and sheltering in place requirements in many states and communities and may result in the same or similar restrictions in the future. As a result, the demand for Civista’s products and services has been and may continue to be significantly impacted, which could adversely affect our revenue and results of operations. Furthermore, the COVID- 19 pandemic could result in the recognition of credit losses in our loan portfolios and increases in our allowance for credit losses, particularly if businesses remain required to operate at diminished capacities or are required to close again, the impact on the global, national and local economies worsen, or more customers draw on their lines of credit or seek additional loans to help finance their businesses. Our business operations may also be disrupted if significant portions of our workforce are unable to work effectively, including because of illness, quarantines, government actions, or other restrictions in connection with COVID-19. The extent to which COVID-19 impacts our business, results of operations, and financial condition, as well as our regulatory capital and liquidity ratios, will depend on future developments, which are highly uncertain and cannot be predicted, including the scope and duration of the pandemic and actions taken by governmental authorities and other third parties in response to the pandemic.

As of December 31, 2021, we continued to hold and service a limited number of PPP loans. These PPP loans are subject to the provisions of the CARES Act and to complex and evolving rules and guidance issued by the SBA and other government agencies. We expect that most if not all of our remaining PPP borrowers will seek full or partial forgiveness of their loan obligations. We have credit risk on the PPP loans if the SBA determines that there is a deficiency in the manner in which we originated, funded or serviced loans, including any issue with the eligibility of a borrower to receive a PPP loan. We could face additional risks in our administrative capabilities to service our PPP loans, and risk with respect to the determination of loan forgiveness. In the event of a loss resulting from a default on a PPP loan and a determination by the SBA that there was a deficiency in the manner in which we originated, funded or serviced the PPP loan, the SBA may deny its liability under the guaranty, reduce the amount of the guaranty or, if the SBA has already paid under the guaranty, seek recovery of any loss related to the deficiency.

The spread of COVID-19, including new variants thereof, has also caused us to modify our business practices, including employee travel, employee work locations, and cancellation of physical participation in meetings, events and conferences. Further,

21

technology in employees’ homes may not be as robust as in our offices and could cause the networks, information systems, applications, and other tools available to such employees to be more limited or less reliable. The continuation of these work-from-home measures also introduces additional operational risk, including increased cybersecurity risk from phishing, malware, and other cybersecurity attacks, all of which could expose us to risks of data or financial loss and could seriously disrupt our operations and the operations of any impacted customers.

COVID-19, including the spread of new variants thereof, or a new pandemic could subject us to any of the following risks, any of which could, individually or in the aggregate, have a material adverse effect on our business, financial condition, liquidity, and results of operations:

• demand for our products and services may decline, making it difficult to grow assets and income;

• if the economy is unable to fully reopen or experiences additional or new closures or downturns as a result of the COVID-19 pandemic, loan delinquencies, problem assets, and foreclosures may increase, resulting in increased charges and reduced income;

• collateral for loans, especially real estate, may decline in value, which could cause loan losses to increase;

• our allowance for loan losses may have to be increased if borrowers experience financial difficulties beyond forbearance periods, which will adversely affect our net income;

• the net worth and liquidity of loan guarantors may decline, impairing their ability to honor commitments to us;

• a prolonged weakness in economic conditions resulting in a reduction of future projected earnings could result in our recording a valuation allowance against our current outstanding deferred tax assets;

• we rely on third party vendors for certain services, and the unavailability of a critical service due to COVID-19 could have an adverse effect on us; and

• continued adverse economic conditions could result in protracted volatility in the price of our common shares.

Moreover, our future success and profitability substantially depend on the management skills of our executive officers and directors, many of whom have held officer and director positions with us for many years. The unanticipated loss or unavailability of key employees due to COVID-19, including new variants thereof, or any similar pandemic could harm our ability to operate our business or execute our business strategy. We may not be successful in finding and integrating suitable successors in the event of key employee loss or unavailability.

Even after the COVID-19 pandemic subsides, the U.S. economy will likely require time to recover, the length of which is unknown and during which the United States may experience a recession or market correction. Our business could be materially and adversely affected by such recession or market correction.

We continue to closely monitor the impact of COVID-19 and related risks as they evolve. To the extent the effects of COVID-19 adversely impact our business, financial condition, liquidity or results of operations, it may also have the effect of heightening many of the other risks described in this section.

CHANGES IN ECONOMIC AND POLITICAL CONDITIONS COULD ADVERSELY AFFECT OUR EARNINGS THROUGH DECLINES IN DEPOSITS, LOAN DEMAND, THE ABILITY OF OUR CUSTOMERS TO REPAY LOANS AND THE VALUE OF THE COLLATERAL SECURING OUR LOANS.

Our success depends to a significant extent upon local and national economic and political conditions, as well as governmental fiscal and monetary policies. Conditions such as inflation, recession, unemployment, changes in interest rates, fiscal and monetary policy, an increasing federal government budget deficit, slowing gross domestic product, tariffs, a U.S. withdrawal from or significant renegotiation of trade agreements, trade wars, and other factors beyond our control may adversely affect Civista’s deposit levels and composition, the quality of investment securities available for purchase, demand for loans, the ability of Civista’s borrowers to repay their loans, and the value of the collateral securing loans made by Civista. Disruptions in U.S. and global financial markets, and changes in oil production in the Middle East also affect the economy and stock prices in the U.S., which can affect our earnings capital, as well as the ability of Civista’s customers to repay loans. Because we have a significant amount of real estate loans, decreases in real estate values could adversely affect the value of property used as collateral and our ability to sell the collateral upon foreclosure. Adverse changes in the economy, including those resulting from the ongoing COVID-19 pandemic, may also have a negative effect on the ability of our borrowers to make timely repayments of their loans, which would have an adverse impact on our earnings and cash flows.

22

ADVERSE CHANGES IN THE REAL ESTATE MARKET COULD CAUSE INCREASES IN DELINQUENCIES AND NON-PERFORMING ASSETS, INCLUDING ADDITIONAL LOAN CHARGE-OFFS, AND COULD DEPRESS OUR INCOME, EARNINGS AND CAPITAL.

At December 31, 202 I, approximately 21.5% and 56.3%, respectively, of our loan portfolio was comprised of residential and commercial real estate loans. Adverse changes in economic conditions both nationally and in the communities we serve have and may continue to cause deterioration to the value of real estate Civista uses to secure its loans. Adverse changes in the economy, deterioration of our real estate portfolio, a decrease in real estate values, an increase in unemployment, decreased or nonexistent housing price appreciation or increases in interest rates could reduce our earnings and consequently our financial condition because borrowers may not be able to repay their loans. The value of the collateral securing our loans and the quality of our loan portfolio may decline and customers may not want or need our products and services.

Any of these scenarios could cause us to make fewer loans, increase delinquencies and non-performing assets, require us to charge off a higher percentage of our loans or result in additional increases to our provision for loan losses in future periods, which could adversely affect our business, financial condition and results of operations.

CHANGES IN INTEREST RATES COULD HAVE A MATERIAL ADVERSE EFFECT ON OUR NET INTEREST INCOME.

Our results of operations are affected principally by net interest income, which is the difference between interest earned on loans and investments and interest expense paid on deposits and other borrowings. The spread between the yield on our interest-earning assets and our overall cost of funds has been compressed in the recent low interest rate environment, and our net interest income may continue to be adversely impacted by an extended period of continued low rates. We cannot predict or control changes in interest rates. National, regional and local economic conditions and the policies of regulatory authorities, including monetary policies of the Board of Governors of the Federal Reserve System, affect the movement of interest rates and our interest income and interest expense. If the interest rates paid on deposits and other borrowed funds increase at a faster rate than the interest rates received on loans and other investments, our net interest income, and therefore earnings, could be adversely affected. Earnings could also be adversely affected if the interest rates received on loans and other investments fall more quickly than the interest rates paid on deposits and other borrowed funds.

In addition, certain assets and liabilities may react in different degrees to changes in market interest rates. For example, interest rates on some types of assets and liabilities may fluctuate prior to changes in broader market interest rates, while interest rates on other types may lag behind. Some of our assets, such as adjustable rate mortgages, have features that restrict changes in their interest rates, including rate caps.

Interest rates are highly sensitive to many factors that are beyond our control. Some of these factors include:

• inflation;

• recession;

• unemployment;

• money supply;

• international disorders; and

• instability in domestic and foreign financial markets.

Changes in interest rates may affect the level of voluntary prepayments on our loans and may also affect the level of financing or refinancing by customers. We believe that the impact on our cost of funds from a rise in interest rates will depend on a number of factors, including but not limited to, the competitive environment in the banking sector for deposit pricing, opportunities for clients to invest in other markets such as fixed income and equity markets, and the propensity of customers to invest in their businesses. The effect on our net interest income from an increase in interest rates will ultimately depend on the extent to which the aggregate impact of loan re-pricings exceeds the impact of increases in our cost of funds.

See the discussion under the caption “Quantitative and Qualitative Disclosures About Market Risk” on pages 19 through 21 of the 2021 Annual Report for additional information related to the Company’s interest rate risk.

A TRANSITION AWAY FROM LIBOR AS A REFERENCE RATE FOR FINANCIAL CONTRACTS COULD NEGATIVELY IMPACT OUR INCOME AND EXPENSES AND THE VALUE OF VARIOUS FINANCIAL CONTRACTS.

23

LIBOR is used extensively in the United States and globally as a benchmark for various commercial and financial contracts, including adjustable rate mortgages, corporate debt, interest rate swaps and other derivatives. LIBOR is set based on interest rate information reported by certain banks, which may stop reporting such information after 2021. On July 27, 2017, the United Kingdom’s Financial Conduct Authority (“FCA”) announced that it intends to stop persuading or compelling banks to submit LIBOR rates after 2021. On November 30, 2020, to facilitate an orderly LIBOR transition, the OCC, the FDIC, and the Federal Reserve Board jointly announced that entering into new contracts using LIBOR as a reference rate after December 31, 2021, would create a safety and soundness risk. On March 5, 2021, the FCA announced that all LIBOR settings will either cease to be provided by any administrator or no longer be representative immediately after December 31, 202 I, in the case of 1-week and 2-month LIBOR, and immediately after June 30, 2023, in the case of the remaining LIBOR settings. In the U.S., efforts to identify a set of alternative U.S. dollar reference interest rates are ongoing, and the Alternative Reference Rate Committee (“ARRC”) has recommended the use of a Secured Overnight Funding Rate (“SOFR”). SOFR is different from LIBOR in that it is a backward looking secured rate rather than a forward looking unsecured rate.

These differences could lead to a greater disconnect between our costs to raise funds for SOFR as compared to LIBOR. For cash products and loans, ARRC has also recommended Term SOFR, which is a forward looking SOFR based on SOFR futures and may in part reduce differences between SOFR and LIBOR. There are operational issues which may create a delay in the transition to SOFR or other substitute indices, leading to uncertainty across the industry. These consequences cannot be entirely predicted and could have an adverse impact on the market value for or value of LIBOR-linked securities, loans, and other financial obligations or extensions of credit.

The Company has limited exposure to LIBOR, with total exposure as of December 31, 2021 of approximately $362.9 million. The Company’s primary exposure to LIBOR relates to its promissory notes with borrowers, swap contracts with clients, offsetting swap contracts with third parties related to the swap contracts with clients, the Company’s LIBOR-based borrowings (if any), and Civista’s swap contracts which can be tied to LIBOR. The Company’s contracts generally include a LIBOR term (for example, one month, three month, or one year) plus an incremental margin rate. The Company is working through this transition via a multi-disciplinary project team. We are still evaluating the impact the change to a benchmark like SOFR or Prime Rate will have on our financial condition, results of operations or cash flows.

RISKS RELATED TO OUR BUSINESS OPERATIONS

WE ARE EXPOSED TO OPERATIONAL RISK.

We are exposed to many types of operational risk, including reputational risk, legal and compliance risk, the risk of fraud or theft by employees or outsiders, unauthorized transactions by employees or operational errors, including clerical or record-keeping errors or those resulting from faulty or disabled computer or telecommunications systems. Many of these risks are heightened in light of COVID-19.

We rely heavily on communications and information systems to conduct our business. Any failure, interruption or breach in security of these systems could result in failures or disruptions in our customer relationship management, general ledger, deposit, loan and other systems.

We may be subject to disruptions of our operating systems arising from events that are wholly or partially beyond our control, which may include, for example, computer viruses, cyber-attacks, spikes in transaction volume and/or customer activity, electrical or telecommunications outages, or natural disasters. Although we have programs in place related to business continuity, disaster recovery and information security to maintain the confidentiality, integrity and availability of our systems, business applications and customer information, such disruptions may give rise to interruptions in service to customers, loss of data privacy and loss or liability to us. Any failure or interruption in our operations or information systems, or any security or data breach, could cause reputational damage, jeopardize the confidentiality of customer information, result in a loss of customer business, subject us to regulatory intervention or expose us to civil litigation and financial loss or liability, any of which could have a material adverse effect on us.

Given the volume of transactions we process, certain errors may be repeated or compounded before they are discovered and successfully rectified. Our necessary dependence upon automated systems to record and process our transaction volume may further increase the risk that technical system flaws or employee tampering or manipulation of those systems will result in losses that are difficult to detect. We may also be subject to disruptions of our operating systems arising from events that are wholly or partially beyond our control (for example, computer viruses or electrical or telecommunications outages), which may give rise to disruption of service to customers and to financial loss or liability. We are further exposed to the risk that our external vendors may be unable to fulfill their contractual obligations (or will be subject to the same risk of fraud or operational errors by their respective employees as we are) and to the risk that our (or our vendors’) consumer compliance, business continuity and data security systems prove to be inadequate.

24

Negative public opinion can result from our actual or alleged conduct in any number of activities, including lending practices, corporate governance and acquisitions, social media and other marketing activities, the implementation of environmental, social and governance (ESP) practices, and from actions taken by governmental regulators and community organizations in response to any of the foregoing activities. Negative public opinion could adversely affect our ability to attract and keep customers, could expose us to potential litigation and regulatory action, and could have a material adverse effect on the price of our common shares or result in heightened volatility of our stock price.

UNAUTHORIZED DISCLOSURE OF SENSITIVE OR CONFIDENTIAL CLIENT INFORMATION OR BREACHES IN SECURITY OF OUR SYSTEMS, COULD SEVERELY HARM OUR BUSINESS.

As part of our financial institution business, we collect, process and store sensitive consumer data by utilizing computer systems and telecommunications networks operated by both us and third-party service providers. Our necessary dependence upon automated systems to record and process transactions poses the risk that technical system flaws, employee errors, tampering or manipulation of those systems, or attacks by third parties will result in losses and may be difficult to detect. We have security and backup and recovery systems in place, as well as a business continuity plan, to ensure the computer systems will not be inoperable, to the extent possible. The Company also routinely reviews documentation of such controls and backups related to third-party service providers. Our inability to use or access these information systems at critical points in time could unfavorably impact the timeliness and efficiency of our business operations. In recent years, some banks have experienced denial of service attacks in which individuals or organizations flood the bank’s website with extraordinarily high volumes of traffic, with the goal and effect of disrupting the ability of the bank to process transactions. Other businesses have been victims of ransomware attacks in which the business becomes unable to access its own information and is presented with a demand to pay a ransom in order to once again have access to its information.

We could be adversely affected if one of our employees or a third-party service provider causes a significant operational break-down or failure, either as a result of human error or where an individual purposefully sabotages or fraudulently manipulates our operations or systems. We are further exposed to the risk that the third-party service providers may be unable to fulfill their contractual obligations (or will be subject to the same risks as faced by us). These disruptions may interfere with service to our customers, cause additional regulatory scrutiny and result in a financial loss or liability. We are also at risk of the impact of natural disasters, terrorism and international hostilities on our systems or for the effects of outages or other failures involving power or communications systems operated by others.

Misconduct by employees could include fraudulent, improper or unauthorized activities on behalf of clients or improper use of confidential information. We may not be able to prevent employee errors or misconduct, and the precautions we take to detect this type of activity might not be effective in all cases. Employee errors or misconduct could subject us to civil claims for negligence or regulatory enforcement actions, including fines and restrictions on our business.

In addition, there have been instances where financial institutions have been victims of fraudulent activity in which criminals pose as customers to initiate wire and automated clearinghouse transactions out of customer accounts. Although we have policies and procedures in place to verify the authenticity of our customers, we cannot assure that such policies and procedures will prevent all fraudulent transfers. Such activity can result in financial liability and harm to our reputation.

We have implemented security controls to prevent unauthorized access to the computer systems, and we require our third-party service providers to maintain similar controls. However, we cannot be certain that these measures will be successful. A security breach of our computer systems and loss of confidential information, such as customer account numbers and related information, could result in a loss of customers’ confidence and, thus, loss of business. While Civista maintains specific “cyber” insurance coverage, which would apply in the event of various breach scenarios, the amount of coverage may not be adequate in any particular case. Furthermore, because cyber threat scenarios are inherently difficult to predict and can take many forms, some breaches may not be covered under our cyber insurance coverage.

Further, we may be impacted by data breaches at retailers and other third parties who participate in data interchanges with us and our customers that involve the theft of customer credit and debit card data, which may include the theft of our debit card personal identification numbers (PINs) and commercial card information used to make purchases at such retailers and other third parties. Such data breaches could result in us incurring significant expenses to reissue debit cards and cover losses, which could result in a material adverse effect on our results of operations. To date, we have not experienced any material losses relating to cyber-attacks or other information security breaches, but there can be no assurance that we will not suffer such attacks or attempted breaches, or incur resulting losses in the future. Our risk and exposure to these matters remains heightened because of, among other things, the evolving nature of these threats, and our plans to continue to implement internet and mobile banking capabilities to meet customer demand. As cyber and other data security threats continue to evolve, we may be required to expend significant additional resources to continue to modify and enhance its protective measures or to investigate and remediate any security vulnerabilities.

25

Our assets at risk for cyber-attacks include financial assets and non-public information belonging to customers. We use several third-party vendors who have access to our assets via electronic media. Certain cyber security risks arise due to this access, including cyber espionage, blackmail, ransom, and theft.

All of the types of cyber incidents discussed above could result in damage to our reputation, loss of customer business, costs of incentives to customers or business partners in order to maintain their relationships, litigation, increased regulatory scrutiny and potential enforcement actions, repairs of system damage, increased investments in cybersecurity (such as obtaining additional technology, making organizational changes, deploying additional personnel, training personnel and engaging consultants), increased insurance premiums, and loss of investor confidence and a reduction in the price of our common shares, all of which could result in financial loss and material adverse effects on our results of operations and financial condition.

NONCOMPLIANCE WITH THE BANK SECRECY ACT (BSA) AND OTHER ANTI-MONEY LAUNDERING STATUTES AND REGULATIONS COULD CAUSE A MATERIAL FINANCIAL LOSS.

The BSA and the Patriot Act contain anti-money laundering and financial transparency provisions intended to detect and prevent the use of the U.S. financial system for money laundering and terrorist financing activities. The BSA, as amended by the Patriot Act and the AMLA, requires depository institutions and their holding companies to undertake activities including maintaining an anti-money laundering program, verifying the identity of clients, monitoring for and reporting suspicious transactions, reporting on cash transactions exceeding specified thresholds, and responding to requests for information by regulatory authorities and law enforcement agencies. Financial Crimes Enforcement Network (also known as FinCEN), a unit of the Treasury Department that administers the BSA, is authorized to impose significant civil money penalties for violations of those requirements and has recently engaged in coordinated enforcement efforts with the federal bank regulatory agencies, as well as the U.S. Department of Justice, Drug Enforcement Administration, and Internal Revenue Service. The AMLA is intended to be a comprehensive reform and modernization to U.S. bank secrecy and anti-money laundering laws, which includes a codified risk-based approach to anti-money laundering compliance for financial institutions; requires the development of standards for evaluating technology and internal processes for BSA compliance; expands enforcement-related and investigation-related authority, including increasing available sanctions for certain BSA violations and instituting BSA whistleblower incentives and protections.

There is also increased scrutiny of compliance with the rules enforced by the Office of Foreign Assets Control (also known as OFAC). If the Company’s policies, procedures, and systems are deemed deficient, or if the policies, procedures, and systems of the financial institutions that the Company has already acquired or may acquire in the future are deficient, the Company may be subject to liability, including fines and regulatory actions such as restrictions on the Company’s ability to pay dividends and the necessity to obtain regulatory approvals to proceed with certain planned business activities, including acquisition plans, which could negatively impact our business, financial condition, and results of operations. Failure to maintain and implement adequate programs to combat money laundering and terrorist financing could also have serious reputational consequences for the Company.

OUR BUSINESS COULD BE ADVERSELY AFFECTED THROUGH THIRD PARTIES WHO PERFORM SIGNIFICANT OPERATIONAL SERVICES ON OUR BEHALF.

The third parties performing operational services for the Company are subject to risks similar to those faced by the Company relating to cybersecurity, breakdowns or failures of their own systems, or misconduct of their employees. Further, the operations of our third-party vendors could fail or otherwise become delayed as a result of COVID-19. Like many other community banks, Civista also relies, in significant part, on a single vendor for the systems which allow Civista to provide banking services to Civista’s customers, for which the systems are maintained on Civista’s behalf by this single vendor.

One or more of the third parties utilized by us may experience a cybersecurity event or operational disruption and, if any such event does occur, it may not be adequately addressed, either operationally or financially, by such third party. Certain of these third parties may have limited indemnification obligations to us in the event of a cybersecurity event or operational disruption, or may not have the financial capacity to satisfy their indemnification obligations.

Financial or operational difficulties of a third party provider could also impair our operations if those difficulties interfere with such third party’s ability to serve the Company. If a critical third-party provider is unable to meet the needs of the Company in a timely manner, or if the services or products provided by such third party are terminated or otherwise delayed and if the Company is not able to develop alternative sources for these services and products quickly and cost-effectively, our business could be materially adversely effected.

Additionally, regulatory guidance adopted by federal banking regulators addressing how banks select, engage and manage their third-party relationships, affects the circumstances and conditions under which we work with third parties and the cost of managing such relationships.

26

STRONG COMPETITION WITHIN OUR MARKET AREA MAY REDUCE OUR ABILITY TO ATTRACT AND RETAIN DEPOSITS AND ORIGINATE LOANS.

We face competition both in originating loans and in attracting deposits within our market area, which includes North Central, West Central, South Western Ohio, South Eastern Indiana and Northern Kentucky. We compete for clients by offering personal service and competitive rates on our loans and deposit products. The type of institutions we compete with include large regional financial institutions, community banks, thrifts and credit unions operating within our market areas. Nontraditional sources of competition for loan and deposit dollars come from captive auto finance companies, mortgage banking companies, internet banks, brokerage companies, insurance companies and direct mutual funds. As a result of their size and ability to achieve economies of scale, certain of our competitors offer a broader range of products and services than we offer. We expect competition to remain intense in the future as a result of legislative, regulatory and technological changes and the continuing trend of consolidation in the financial services industry. In addition, to stay competitive in our markets we may need to adjust the interest rates on our products to match the rates offered by our competitors, which could adversely affect our net interest margin. As a result, our profitability depends upon our continued ability to successfully compete in our market areas while achieving our investment objectives.

OUR ALLOWANCE FOR LOAN LOSSES MAY PROVE TO BE INSUFFICIENT TO ABSORB POTENTIAL LOSSES IN OUR LOAN PORTFOLIO.

We maintain an allowance for loan losses that we believe is a reasonable estimate of known and inherent losses within the loan portfolio. We make various assumptions and judgments about the collectability of our loan portfolio, including the creditworthiness of our borrowers and the value of the real estate and other assets serving as collateral for the repayment of loans. Through a periodic review and consideration of the loan portfolio, management determines the amount of the allowance for loan losses by considering general market conditions, the credit quality of the loan portfolio, the collateral supporting the loans and the performance of customers relative to their financial obligations with us. However, every loan we make carries a risk of non-payment. This risk is affected by, among other things, cash flow of the borrower and/or the project being financed, changes and uncertainties as to the future value of the collateral securing such loan, the credit history of the particular borrower, changes in economic and industry conditions, and the duration of the loan.

The amount of future losses is also susceptible to changes in economic, operating and other conditions, including changes in interest rates, which may be beyond our control, and these losses may exceed current estimates. We cannot fully predict the amount or timing of losses or whether the allowance for loan losses will be adequate in the future. If our assumptions prove to be incorrect, our allowance for loan losses may not be sufficient to cover losses inherent in our loan portfolio, resulting in additions to the allowance, which would adversely affect our earnings. Excessive loan losses and significant additions to our allowance for loan losses could have a material adverse impact on our financial condition and results of operations.

In addition, bank regulators periodically review our allowance for loan losses and may require us to increase our allowance for loan losses or recognize further loan charge-offs. Moreover, the Financial Accounting Standards Board (“FASB”) has changed its requirements for establishing the allowance for loan losses.

On June 16, 2016, the FASB issued Accounting Standard Update (“ASU”) 2016-13 “Financial Instruments - Credit Losses”, which replaces the incurred loss model with an expected loss model, and is referred to as the current expected credit loss (“CECL”) model. Under the incurred loss model, loans are recognized as impaired when there is no longer an assumption that future cash flows will be collected in full under the originally contracted terms. The FASB voted to defer the effective date for this ASU for smaller reporting companies, such as the Company, to annual reporting periods and interim reporting periods within those annual periods, beginning after December 15, 2022. Under the CECL model, financial institutions will be required to use historical information, current conditions and reasonable forecasts to estimate the expected loss over the life of the loan. The transition to the CECL model will bring with it significantly greater data requirements and changes to methodologies to accurately account for expected losses under the new parameters. If the methodologies and assumptions that we use in the CECL model are proven to be incorrect, or inadequate, the allowance for credit losses may not be sufficient, resulting in the need for additional allowance for credit losses to be established, which could have a material adverse impact on our financial condition and results of operations.

We may further experience increased delinquencies, credit losses, and corresponding charges to capital, which could require us to increase our provision for loan losses associated with impacts related to the coronavirus outbreak due to quarantines, market downturns, increased unemployment rates, changes in consumer behavior related to pandemic fears, and related emergency response legislation. We cannot predict the full impact of the coronavirus outbreak or any other future global pandemic on our business, but we may experience increased delinquencies and credit losses as a result of the outbreak. Further, if real estate markets or the economy in general deteriorate (due to the coronavirus outbreak or otherwise), Civista may experience increased delinquencies and credit losses. The allowance for loan losses may not be sufficient to cover actual loan-related losses.

27

Additionally, banking regulators may require Civista to increase its allowance for loan losses in the future, which could have a negative effect on Civista’s financial condition and results of operations. Additions to the allowance for loan losses will result in a decrease in net earnings and capital and could hinder our ability to grow our assets.

Any increase in our allowance for loan losses or loan charge-offs as required by these regulatory authorities could have a material adverse effect on our financial condition and results of operations.

THE SMALL TO MEDIUM SIZED BUSINESSES THAT WE LEND TO MAY HAVE FEWER RESOURCES TO WEATHER ADVERSE BUSINESS CONDITIONS, WHICH MAY IMPAIR THEIR ABILITY TO REPAY LOANS, AND SUCH IMPAIRMENT COULD ADVERSELY AFFECT OUR RESULTS OF OPERATIONS AND FINANCIAL CONDITION.

Our business development and marketing strategies primarily result in us serving the banking and financial services needs of small to medium-sized businesses. These businesses generally have fewer financial resources in terms of capital or borrowing capacity than larger entities, frequently have smaller market shares than their competition, may be more vulnerable to economic downturns, often need substantial additional capital to expand or compete and may experience substantial volatility in operating results, any of which may impair a borrower’s ability to repay a loan. In addition, the success of a small to medium-sized business often depends on the management skills, talents and efforts of one or two people or a small group of people, and the death, disability or resignation of one or more of these people could have a material adverse impact on the business and its ability to repay its loans. If general economic conditions negatively impact Ohio, Indiana or the specific markets in these states in which we operate and small to medium-sized businesses are adversely affected or our borrowers are otherwise affected by adverse business conditions, our business, financial condition and results of operations could be adversely affected.

Further, in response to the coronavirus pandemic, the FFCRA was passed on March 18, 2020. The FFCRA provides wide ranging emergency relief and appropriations for coronavirus testing, expansion of food assistance, Medicaid funding, and unemployment insurance benefits. In addition, the FFCRA requires that employers with 500 or fewer employees provide emergency paid sick leave and expanded emergency leave under the Family and Medical Leave Act. In addition to the regulatory compliance costs, the FFCRA could have a significant financial impact on our customers that are small to medium-sized businesses with 500 or fewer employees as the FFCRA will require these businesses to provide two weeks of paid sick leave and up to 12 weeks of paid (after 10 days) family and medical leave for employees who have worked at the company for at least 30 calendar days and who are unable to work (or even telework) in order to care for their children because of school closures or the unavailability of the child care provider due to the public health emergency. While the U.S. Department of Labor has broad authority to waive the applicability of these requirements for small businesses with fewer than 50 employees from the paid leave requirements if compliance with these requirements would affect the viability of the business, the applicability of this waiver, and the impact of these provisions on our impacted customers is unpredictable and unknown. The FFCRA has the potential to negatively impact our customers’ costs, demand for our customers’ products, and, thus, adversely affect our business, financial condition, and results of operations.

OUR BUSINESS AND FINANCIAL RESULTS ARE SUBJECT TO RISKS ASSOCIATED WITH THE CREDITWORTHINESS OF OUR CUSTOMERS AND COUNTERPARTIES.

Credit risk is inherent in the financial services business and results from, among other things, extending credit to customers, purchasing securities, and entering into financial derivative transactions and certain guarantee contracts. Credit risk is one of our most significant risks, particularly given the high percentage of our assets represented directly or indirectly by loans, and the importance of lending to our overall business. We manage credit risk by assessing and monitoring the creditworthiness of our customers and counterparties and by diversifying our loan portfolio. Many factors impact credit risk.

A borrower’s ability to repay a loan can be adversely affected by individual factors, such as business performance, job losses or health issues. A weak or deteriorating economy and changes in the United States or global markets also could adversely impact the ability of our borrowers to repay outstanding loans. Any decrease in our borrowers’ ability to repay loans would result in higher levels of nonperforming loans, net charge-offs, and provision for loan losses.

Despite maintaining a diversified loan portfolio, in the ordinary course of business, we may have concentrated credit exposure to a particular person or entity, industry, region or counterparty. Events adversely affecting specific customers, industries, regions or markets, a decrease in the credit quality of a customer base or an adverse change in the risk profile of a market, industry, or group of customers could adversely affect us.

Our credit risk may be exacerbated when collateral held by us to secure obligations to us cannot be realized upon or is liquidated at prices that are not sufficient to recover the full amount of the loan or derivative exposure due us.

28

Due in part to improvement in local and general economic conditions, as well as actions we have taken to manage our loan portfolio, our provision for loan losses has declined since the end of the recent recession. However, if we experience higher levels of provision for loan losses in the future, our net income could be negatively affected.

WE RELY HEAVILY ON OUR MANAGEMENT TEAM, AND THE UNEXPECTED LOSS OF KEY MANAGEMENT MAY ADVERSELY AFFECT OUR OPERATIONS.

Our success to date has been strongly influenced by our ability to attract and to retain senior management experienced in banking in the markets we serve. Our ability to retain executive officers and the current management teams will continue to be important to successful implementation of our strategies. The unexpected loss of services of any key management personnel, or the inability to recruit and retain qualified personnel in the future, could have an adverse effect on our business and financial results.

WE DEPEND UPON THE ACCURACY AND COMPLETENESS OF INFORMATION ABOUT CUSTOMERS AND OTHER PARTIES.

In deciding whether to extend credit or enter into other transactions with customers and counterparties, we may rely on information provided to us by customers and other parties, including financial statements and other financial information. We may also rely on representations of customers and counterparties as to the accuracy and completeness of that information and, with respect to financial statements, on reports of independent auditors. For example, in deciding whether to extend credit to a business, we may assume that the customer’s audited financial statements conform with accounting principles generally accepted in the United States and present fairly, in all material respects, the financial condition, results of operations and cash flows of the customer. We may also rely on the audit report covering those financial statements. Our financial condition and results of operations could be negatively impacted to the extent we rely on financial statements that do not comply with generally accepted accounting principles or that are materially misleading, or on other financial information that is incomplete or materially misleading.

WE DO NOT HAVE ASSURANCE REGARDING THE FUTURE REVENUES OF OUR TAX REFUND PROGRAM.

The revenues from our tax refund program are based upon a contract with a third party. While the contract has a term of three years expiring October 31, 2022 and contains provisions for automatic renewal after that term, the amount to be paid to us is not fixed for any period after 2021. As a result, the amount paid to us may fluctuate, and there is no assurance that the parties will be able to negotiate compensation that is acceptable to us after that year.

FUTURE ACQUISITIONS OR OTHER EXPANSION MAY ADVERSELY AFFECT OUR FINANCIAL CONDITION AND RESULT OF OPERATIONS.

In the future, we may acquire other financial institutions or branches or assets of other financial institutions. We may also open new branches, enter into new lines of business, or offer new products or services.

On January I 0, 2022, we entered into an Agreement and Plan of Merger (the “Merger Agreement”) with Comunibanc Corp. (“Comunicbanc”) pursuant to which we will acquire Comunibanc and its wholly-owned subsidiary, The Henry County Bank. It is anticipated that The Henry County Bank will be merged with and into Civista upon completion of the transaction, at which time The Henry County Bank’s seven banking offices located in Northwest Ohio will become offices of Civista. At September 30, 2021, Comunibanc and The Henry County Bank had total consolidated assets of $329 million, total loans of $165 million and total deposits of $276 million. The merger transaction is anticipated to be completed during the second quarter of 2022, subject to the satisfaction of closing conditions in the Merger Agreement and the approval of the appropriate regulatory authorities and of the shareholders of Comunibanc.

Any future acquisition or expansion of our business, including the contemplated acquisition of Comunibanc, will involve a number of expenses and risks, which may include some or all of the following:

• the time and expense associated with identifying and evaluating potential acquisitions or expansions;

• the potential inaccuracy of estimates and judgments used to evaluate credit, operations, management and market risk with respect to target institutions;

• the time and costs of evaluating new markets, hiring local management and opening new offices, and the delay between commencing these activities and the generation of profits from the expansion;

• any financing required in connection with an acquisition or expansion;

29

• the diversion of management’s attention to the negotiation of a transaction and the integration of the operations and personnel of the combining businesses;

• entry into unfamiliar markets and the introduction of new products and services into our existing business;

• the possible impairment of goodwill associated with an acquisition and possible adverse short-term effects on our results of operations; and

• the risk of loss of key employees and customers.

We may incur substantial costs to expand, and we can give no assurance that such expansion will result in the levels of profits we expect. Neither can we assure that integration efforts for any future acquisitions will be successful. We may issue equity securities in connection with acquisitions, which could dilute the economic and voting interests of our existing shareholders.

LEGISLATIVE, LEGAL AND REGULATORY RISKS

LEGISLATIVE OR REGULATORY CHANGES OR ACTIONS COULD ADVERSELY IMPACT OUR BUSINESS.

The financial services industry is extensively regulated. We are subject to extensive state and federal regulation, supervision and legislation that govern almost all aspects of our operations. These laws and regulations are primarily intended for the protection of consumers, depositors, borrowers and the deposit insurance fund, not to benefit our shareholders.

Regulations affecting banks and financial services businesses are undergoing continuous change, particularly in light of COVID-19 and the stimulus programs issued in connection therewith, and management cannot predict the effect of those changes. While such changes are generally intended to lessen the regulatory burden on financial institutions, the impact of any changes to laws and regulations or other actions by regulatory agencies could adversely affect our business. Regulatory authorities have extensive discretion in connection with their supervisory and enforcement activities, including the ability to impose restrictions on the operation of an institution and the ability to determine the adequacy of an institution’s allowance for loan losses. Failure to comply with applicable laws, regulations and policies could result in sanctions being imposed by the regulatory agencies, including the imposition of civil money penalties, which could have a material adverse effect on our operations and financial condition. Even the reduction of regulatory restrictions could have an adverse effect on us if such lessening of restrictions increases competition within our industry or market areas.

DEPOSIT INSURANCE PREMIUMS MAY INCREASE AND HAVE A NEGATIVE EFFECT ON THE COMPANY’S RESULTS OF OPERATIONS.

The DIF maintained by the FDIC to resolve bank failures is funded by fees assessed on insured depository institutions. The costs of resolving bank failures increased for a period of time and decreased the DIF. The FDIC collected a special assessment in 2009 to replenish the DIF and also required a prepayment of an estimated amount of future deposit insurance premiums. If the costs of future bank failures increase, the deposit insurance premiums required to be paid by Civista may also increase. The FDIC recently adopted rules revising its assessments in a manner benefitting banks with assets totaling less than $10 billion. There can be no assurance, however, that assessments will not be changed in the future.

WE ARE SUBJECT TO EXAMINATIONS AND CHALLENGES BY TAX AUTHORITIES.

In the normal course of business, we are routinely subject to examinations and challenges from federal and state tax authorities regarding positions taken regarding their respective tax returns. State tax authorities have become increasingly aggressive in challenging tax positions taken by financial institutions, especially those positions relating to tax compliance and calculation of taxes subject to apportionment. Any challenge or examination by a tax authority may result in adjustments to the timing or amount of taxable net worth or taxable income, or deductions or the allocation of income among tax jurisdictions.

Management believes it has taken appropriate positions with respect to all tax returns and does not anticipate that any examination would have a material impact on our Consolidated Financial Statements. However, the outcome of such examinations and ultimate resolution of any resulting assessments are inherently difficult to predict. Thus, no assurance can be given that our tax liability for any tax year open to examination will be as reflected in our current and historical Consolidated Financial Statements.

30

ACCOUNTING CHANGES COULD IMPACT OUR REPORTED FINANCIAL CONDITION OR RESULTS OF OPERATIONS.

The accounting standard setters, including the Financial Accounting Standards Board (the FASB), the SEC and other regulatory bodies, periodically change the financial accounting and reporting guidance that governs the preparation of our consolidated financial statements. The pace of change continues to accelerate and changes in accounting standards can be hard to predict and could materially impact how we record and report our financial condition and results of operations. In some cases, we could be required to apply new or revised guidance retroactively, resulting in the restatement of prior period financial statements.

The preparation of consolidated financial statements in conformity with U.S. GAAP requires management to make significant estimates that affect the financial statements. Due to the inherent nature of these estimates, actual results may vary materially from management’s estimates. In June 2016, FASB issued a new accounting standard for recognizing current expected credit losses, commonly referred to as CECL. CECL will result in earlier recognition of credit losses and requires consideration of not only past and current events but also reasonable and supportable forecasts that affect collectability. The Company will be required to comply with the new standard in the first quarter of 2023. Upon adoption of CECL, credit loss allowances may increase, which would decrease retained earnings and regulatory capital. The federal banking regulators have adopted a regulation that will allow banks to phase in the day-one impact of CECL on regulatory capital over three years. CECL implementation poses operational risk, including the failure to properly transition internal processes or systems, which could lead to call report errors, financial misstatements, or operational losses.

WE MAY BE THE SUBJECT OF LITIGATION WHICH COULD RESULT IN LEGAL LIABILITY AND DAMAGE TO OUR BUSINESS AND REPUTATION.

From time to time, we may be subject to claims or legal action from customers, employees or others. Financial institutions like CBI and Civista are facing a growing number of significant class actions, including those based on the manner of calculation of interest on loans and the assessment of overdraft fees. Future litigation could include claims for substantial compensatory and/or punitive damages or claims for indeterminate amounts of damages. We are also involved from time to time in other reviews, investigations and proceedings (both formal and informal) by governmental and other agencies regarding our business. These matters also could result in adverse judgments, settlements, fines, penalties, injunctions or other relief. Like other large financial institutions, we are also subject to risk from potential employee misconduct, including non-compliance with policies and improper use or disclosure of confidential information. Substantial legal liability or significant regulatory action against us could materially adversely affect our business, financial condition or results of operations and/or cause significant reputational harm to our business.

WE COULD FACE LEGAL AND REGULATORY RISK ARISING OUT OF OUR RESIDENTIAL MORTGAGE BUSINESS.

Numerous federal and state governmental, legislative and regulatory authorities are investigating practices in the business of mortgage and home equity loan lending and servicing and in the mortgage-related insurance and reinsurance industries. We could face the risk of class actions, other litigation and claims from: the owners of or purchasers of such loans originated or serviced by us, homeowners involved in foreclosure proceedings or various mortgage-related insurance programs, downstream purchasers of homes sold after foreclosure, title insurers, and other potential claimants. Included among these claims are claims from purchasers of mortgage and home equity loans seeking the repurchase of loans where the loans allegedly breached origination covenants and representations and warranties made to the purchasers in the purchase and sale agreements. The CFPB has issued new rules for mortgage origination and mortgage servicing. Both the origination and servicing rules create new private rights of action for consumers against lenders and servicers in the event of certain violations.

RISKS RELATED TO OUR CAPITAL AND STOCK

WE MAY ELECT OR NEED TO RAISE ADDITIONAL CAPITAL IN THE FUTURE, BUT CAPITAL MAY NOT BE AVAILABLE WHEN IT IS NEEDED.

We are required by federal and state regulatory authorities to maintain adequate levels of capital to support our operations. In addition, federal banking agencies have recently finalized extensive changes to their capital requirements, including the adoption of the final “Basel III” rules as discussed above, which result in higher capital requirements and more restrictive leverage and liquidity ratios than those previously in place. If we experience significant loan losses, addition capital may need to be infused. In addition, we may elect to raise additional capital to support business growth and/or to finance acquisitions, if any, or we may otherwise elect or be required to raise additional capital. Our ability to raise additional capital, if needed, will depend on conditions in the capital markets, economic conditions and a number of other factors, many of which are outside our control, and are based on our financial performance. Accordingly, we cannot be assured of our ability to raise additional capital if needed or on terms acceptable to us. If we cannot raise additional capital when needed, it may have a material adverse effect on our financial condition, results of operations and prospects.

31

WE ARE A HOLDING COMPANY AND DEPEND ON OUR SUBSIDIARY BANK FOR DIVIDENDS.

As a financial holding company, we are a legal entity separate and distinct from our subsidiaries and affiliates. Our principal source of funds to support our operations, pay dividends on our common and preferred shares and service our debt is dividends from our subsidiary bank, Civista. In the event that Civista is unable to pay dividends to us, we may not be able to service our debt, pay our other obligations or pay dividends on our common or preferred shares. Accordingly, our inability to receive dividends from Civista could also have a material adverse effect on our business, financial condition and results of operations.

Various federal and state statutory provisions and regulations limit the amount of dividends that Civista may pay to us without regulatory approval. Generally, subject to certain minimum capital requirements, Civista may declare a dividend without the approval of the ODFI so long as the total amount of the dividends in a calendar year does not exceed Civista’s total net income for that year combined with its retained net income for the two preceding years. In addition, the Federal Reserve has issued policy statements that provide that insured banks and bank holding companies should generally only pay dividends out of current operating earnings. Thus, the ability of Civista to pay dividends in the future is currently influenced, and could be further influenced, by bank regulatory policies and capital guidelines and may restrict our ability to declare and pay dividends on our common or preferred shares.

THE MARKET PRICE OF OUR COMMON SHARES MAY BE SUBJECT TO FLUCTUATIONS AND VOLATILITY.

The market price of our common shares may fluctuate significantly due to, among other things, changes in market sentiment regarding our operations or business prospects, the banking industry generally or the macroeconomic outlook. Factors that could impact our trading price include:

• our operating and financial results, including how those results vary from the expectations of management, securities analysts and investors;

• developments in our business or operations or in the financial sector generally;

• future offerings by us of debt or preferred shares, which would be senior to our common shares upon liquidation and for purposes of dividend distributions;

• legislative or regulatory changes affecting our industry generally or our business and operations specifically;

• the operating and stock price performance of companies that investors consider to be comparable to us;

• announcements of strategic developments, acquisitions and other material events by us or our competitors;

• actions by our current shareholders, including future sales of common shares by existing shareholders, including our directors and executive officers; and

• other changes in U.S. or global financial markets, global economies and general market conditions, such as interest or foreign exchange rates, stock, commodity, credit or asset valuations or volatility.

Equity markets in general and our common shares in particular have experienced considerable volatility over the past few years. The market price of our common shares may continue to be subject to volatility unrelated to our operating performance or business prospects. Increased volatility could result in a decline in the market price of our common shares.

THE SALE OF SUBSTANTIAL AMOUNTS OF OUR COMMON SHARES OR SECURITIES CONVERTIBLE INTO OUR COMMON SHARES IN THE PUBLIC MARKET COULD DEPRESS THE PRICE OF OUR COMMON SHARES.

In recent years, the stock market has experienced a high level of price and volume volatility, and market prices for the stock of many companies have experienced wide fluctuations that have not necessarily been related to their operating performance. Therefore, our shareholders may not be able to sell their shares at the volumes, prices, or times that they desire. We cannot predict the effect, if any, that future sales of our common shares or securities convertible into our common shares in the market, or availability of shares of our common shares or securities convertible into our common shares for sale in the market, will have on the market price of our common shares. We can give no assurance that sales of substantial amounts of our common shares or securities convertible into our common shares in the market, or the potential for large amounts of sales in the market, would not cause the price of our securities to decline or impair our ability to raise capital through sales of our common shares.

32

GENERAL RISK FACTORS

ADVERSE CHANGES IN FINANCIAL MARKETS AND ECONOMIC CONDITIONS MAY ADVERSELY IMPACT OUR RESULTS OF OPERATIONS.

Although we primarily invest in securities issued by United States government agencies and sponsored entities and United States state and local governments with limited credit risk, certain of our investment securities possess higher credit risk since they represent beneficial interests in structured investments collateralized by residential mortgages, debt obligations and other similar assets. Even securities issued by United States government agencies and sponsored entities may entail risk depending on political and economic changes. Regardless of the level of credit risk, all investment securities are subject to changes in market value due to changing interest rates, implied credit spreads and credit ratings.

WE ARE AT RISK OF INCREASED LOSSES FROM FRAUD.

Criminals are committing fraud at an increasing rate and are using more sophisticated techniques. In some cases, these individuals are part of larger criminal rings, which allow them to be more effective. Such fraudulent activity has taken many forms, ranging from wire fraud, debit card fraud, check fraud, mechanical devices attached to ATM machines, social engineering and phishing attacks to obtain personal information, or impersonation of clients through the use of falsified or stolen credentials. Additionally, an individual or business entity may properly identify itself, yet seek to establish a business relationship for the purpose of perpetrating fraud. An emerging type of fraud even involves the creation of synthetic identification in which fraudsters “create” individuals for the purpose of perpetrating fraud. Further, in addition to fraud committed directly against the Company, the Company may suffer losses as a result of fraudulent activity committed against third parties. Increased deployment of technologies, such as chip card technology, defray and reduce certain aspects of fraud; however, criminals are turning to other sources to steal personally identifiable information, such as unaffiliated healthcare providers and government entities, in order to impersonate the consumer and thereby commit fraud.

CHANGES IN TAX LAWS COULD ADVERSELY AFFECT OUR PERFORMANCE

We are subject to extensive federal, state and local taxes, including income, excise, sales/use, payroll, franchise, withholding and ad valorem taxes. Changes to tax laws could have a material adverse effect on our results of operations, fair values of net deferred tax assets and obligations of states and political subdivisions held in our investment securities portfolio. In addition, our customers are subject to a wide variety of federal, state and local taxes. Changes in taxes paid by our customers may adversely affect their ability to purchase homes or consumer products, which could adversely affect their demand for our loans and deposit products. In addition, such negative effects on our customers could result in defaults on the loans we have made and decrease the value of mortgage-backed securities in which we have invested.

WE NEED TO CONSTANTLY UPDATE OUR TECHNOLOGY IN ORDER TO COMPETE AND MEET CUSTOMER DEMANDS.

The financial services market, including banking services, is undergoing rapid technological changes with frequent introductions of new technology-driven products and services. In addition to better serving customers, the effective use of technology increases efficiency and may enable us to reduce costs. Our future success will depend, in part, on our ability to use technology to provide products and services that provide convenience to customers and to create additional efficiencies in our operations. Some of our competitors have substantially greater resources to invest in technological improvements. We may not be able to effectively implement new technology-driven products and services or be successful in marketing these products and services to our customers. Failure to successfully keep pace with technological changes affecting the financial services industry could negatively affect our growth, revenue and profit.

WE ARE SUBJECT TO ENVIRONMENTAL LIABILITY RISK ASSOCIATED WITH CIVISTA’S LENDING ACTIVITIES. A significant portion of Civista’s Joan portfolio is secured by real property. During the ordinary course of business, Civista forecloses on and takes title to properties securing certain loans. In doing so, there is a risk that hazardous or toxic substances could be found on these properties. If hazardous or toxic substances are found, Civista may be liable for remediation costs, as well as for personal injury and property damage. Environmental laws and evolving regulation may require Civista to incur substantial expenses and may materially reduce the affected property’s value or limit Civista’s ability to use or sell the affected property. In addition, future laws and regulations or more stringent interpretations or enforcement policies with respect to existing laws or regulations may increase Civista’s exposure to environmental liability. Environmental reviews of real property before initiating foreclosure actions may not be sufficient to detect all potential environmental hazards. The remediation costs and any other financial liabilities associated with an environmental hazard could have a material adverse effect on our business, financial condition and results of operations.

33

CLIMATE CHANGE, SEVERE WEATHER, NATURAL DISASTERS, ACTS OF WAR OR TERRORISM AND OTHER EXTERNAL EVENTS COULD SIGNIFICANTLY IMPACT OUR BUSINESS.

Natural disasters, including severe weather events of increasing strength and frequency due to climate change, acts of war or terrorism, and other adverse external events could have a significant impact on our ability to conduct business or upon third parties who perform operational services for us or our customers. Such events could affect the stability of our deposit base, impair the ability of borrowers to repay outstanding loans, impair the value of collateral securing loans, cause significant property damage, result in lost revenue or cause us to incur additional expenses.

Item 1B. Unresolved Staff Comments

None.

Item 2. Properties

CBI neither owns nor leases any properties. Civista owns its main office at 100 East Water Street, Sandusky, Ohio, which is also the office of CBI. Civista also owns branch banking offices in the following Ohio and Indiana communities: Sandusky (2), Norwalk (2), Berlin Heights, Willard, Castalia, Port Clinton, New Washington, Shelby (2), Greenwich, Plymouth, Shiloh, Dublin, Plain City, Russells Point, Urbana (2), Dayton (2), Quincy, Lawrenceburg (3), Aurora, West Harrison, Milan, Osgood and Versailles. Civista leases branch banking offices in the Ohio communities of Akron, Huron, West Liberty, Dayton, and Beachwood. Civista also leases loan production offices in Westlake, Ohio and Fort Mitchell, Kentucky.

Item 3. Legal Proceedings

In the ordinary course of their respective businesses, CBI or Civista or their respective properties may be named or otherwise subject as a plaintiff, defendant or other party to various pending and threatened legal proceedings and various actual and potential claims. In view of the inherent difficulty of predicting the outcome of such matters, CBI cannot state what the eventual outcome of any such matters will be. However, based on current knowledge and after consultation with legal counsel, management believes these proceedings will not have a material adverse effect on the consolidated financial position, results of operations or liquidity of CBI or Civista.

Item 4. Mine Safety Disclosures

Not Applicable

34

PART II

Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities

Information regarding the market in which CBI’s common shares are traded is incorporated herein by reference from the information appearing under the caption “Common Shares and Shareholder Matters” located on page 4 of the 2021 Annual Report.

As of February 24, 2022, there were approximately 1,502 shareholders of record (not including the number of persons or entities holding stock in nominee or street name through various brokerage firms) of the Company’s common shares.

Information regarding the restrictions applicable to the Company’s payment of dividends is included under Item 1 of this Annual Report on Form 10-K and is incorporated herein by reference.

During the fourth quarter of 2021, the Company purchased common shares as follows:

Period	Total Number of Shares Purchased		Average Price Paid per Share		Total Number of Shares Purchased as Part of Publicly Announced Plans or Programs		Maximum Number (or Approximate Dollar Value) of Shares that May Yet Be Purchased Under the Plans or Programs
October 1, 2021 -October 31, 2021		4,000	$	23.99		4,000	$	10,964,868
November 1, 2021 - November 30, 2021		10,752	$	23.72		10,752	$	10,709,821
December 1, 2021 - December 31, 2021		58,789	$	23.83		58,789	$	9,308,655
Total		73,541	$	23.83		73,541	$	9,308,655

On August 12, 2021, the Company publicly announced a common share repurchase program, which replaced the Company’s previous repurchase program that was announced on April 20, 2020 repurchase program and authorizes the Company to repurchase a maximum aggregate value of $13,500,000 of its outstanding common shares. The expiration date of the common share repurchase program is August 10, 2022. A total of 181,375 common shares had been repurchased for an aggregate purchase price of $4,191,345 as of December 31, 2021 under this repurchase program.

Item 6. [Reserved]

Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operation

Information required by this item is incorporated herein by reference from the information appearing under the caption “Management’s Discussion and Analysis of Financial Condition and Results of Operations” located on pages 5 through 19 of the 2021 Annual Report.

Item 7A. Quantitative and Qualitative Disclosures About Market Risk

Information required by this item is incorporated herein by reference from the disclosures included under the caption “Quantitative and Qualitative Disclosures About Market Risk” on pages 19 through 21 of the 2021 Annual Report.

Item 8. Financial Statements and Supplementary Financial Data

Civista Bancshares, Inc.’s Report of Independent Auditors and Consolidated Financial Statements and accompanying notes are listed below and are incorporated herein by reference from pages 25 through 94 of the 2021 Annual Report (included as Exhibit 13.1 hereto).

Report of Independent Registered Public Accounting Firm on Financial Statements

Report of Independent Registered Public Accounting Firm (PCAOB ID: 686)

Consolidated Balance Sheets

December 31, 2021 and 2020

Consolidated Statements of Operations

For the years ended December 31, 2021, 2020 and 2019

35

Consolidated Statements of Comprehensive Income

For the years ended December 31, 2021, 2020 and 2019

Consolidated Statements of Changes in Shareholders’ Equity

For the years ended December 31, 2021, 2020 and 2019

Consolidated Statements of Cash Flows

For the years ended December 31, 2021, 2020 and 2019

Notes to Consolidated Financial Statements

Item 9. Changes in and Disagreements with Accountants on Accounting and Financial Disclosure

The Company has had no disagreements with its independent accountants on matters of accounting principles or practices, financial statement disclosure, or auditing scope or procedure required to be reported under this Item.

Item 9A. Controls and Procedures

Evaluation of Disclosure Controls and Procedures

Under the supervision and with the participation of our management, including our Chief Executive Officer and our Principal Accounting Officer, we evaluated the effectiveness of the design and operation of our disclosure controls and procedures, as defined in Rule 13a-15 under the Exchange Act, as of the end of the fiscal year covered by this Annual Report on Form 10-K. Based upon that evaluation, our Chief Executive Officer and Principal Accounting Officer concluded that our disclosure controls and procedures as of December 31, 2021, were effective.

Reports on Internal Control Over Financial Reporting

The “Management’s Report on Internal Control over Financial Reporting” and the “Report of Independent Registered Public Accounting Firm on Internal Control over Financial Reporting” located on pages 24 through 27 of the 2021 Annual Report are incorporated herein by reference.

Changes in Internal Control over Financial Reporting

There were no changes in the Company’s internal control over financial reporting that occurred during the Company’s most recent fiscal quarter ended December 31, 2021 that have materially affected, or are reasonably likely to materially affect, the Company’s internal control over financial reporting.

Item 9B. Other Information

There was no information the Company was required to disclose in a current report on Form 8-K during the fourth quarter of 2021 that was not reported.

Item 9C. Disclosure Regarding Foreign Jurisdictions that Prevent Inspections

Not Applicable

36

PART III

Item 10. Directors, Executive Officers, and Corporate Governance

The information contained under the captions “Proposal 1 – Election of Directors”, “Beneficial Ownership of Common Shares of the Corporation – Delinquent – Section 16(a) Reports”, “Board of Director Meetings and Committees – Audit Committee”, “Corporate Governance – Code of Ethics”, “Corporate Governance – Nominating Procedure” and “Executive Officers of the Corporation” in the 2022 Proxy Statement is incorporated herein by reference in response to this Item.

Item 11. Executive Compensation.

The information contained under the captions “2021 Compensation of Directors”, “Compensation Committee Interlocks and Insider Participation” and “Executive Compensation” in the 2022 Proxy Statement is incorporated herein by reference in response to this Item.

Item 12. Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters.

The information contained under the caption “Beneficial Ownership of Common Shares of the Company” in the 2022 Proxy Statement is incorporated herein by reference in response to this Item.

The following table shows the number of common shares remaining available for awards under the Company’s 2014 Incentive Plan at December 31, 2021.

Equity Compensation Plan Information
Plan category	(a) Number of Common Shares to be issued upon exercise of outstanding options, warrants and rights (a)	(b) Weighted-average exercise price of outstanding options, warrants and rights (b)	(c) Number of Common Shares remaining available for future issuance under equity compensation plans (excluding common shares reflected in column (a) )
Equity compensation plans approved by shareholders	—	—	154,123
Equity compensation plans not approved by shareholders	—	—	—
Total	—	—	154,123

Item 13. Certain Relationships and Related Transactions, and Director Independence.

The information contained under the caption “Corporate Governance – Director Independence” and “Corporate Governance – Transactions with Directors, Officers and Related Persons” in the 2022 Proxy Statement is incorporated herein by reference in response to this Item.

Item 14. Principal Accountant Fees and Services.

The information contained under the caption “Audit Committee Matters” of the 2022 Proxy Statement is incorporated herein by reference in response to this Item.

37

PART IV

Item 15. Exhibit and Financial Statement Schedules

(a) Documents filed as a Part of the Report

1. Financial Statements. Civista Bancshares, Inc.’s Report of Independent Auditors and Consolidated Financial Statements and accompanying notes are listed below and are incorporated herein by reference from pages 25 through 94 of the 2021 Annual Report (included as Exhibit 13.1 hereto).

Report of Independent Registered Public Accounting Firm on Financial Statements (PCAOB ID: 686)

Consolidated Balance Sheets

December 31, 2021 and 2020

Consolidated Statements of Operations

For the years ended December 31, 20210, 2020 and 2019

Consolidated Statements of Comprehensive Income

For the years ended December 31, 2021, 2020 and 2019

Consolidated Statements of Changes in Shareholders’ Equity

For the years ended December 31, 2021, 2020 and 2019

Consolidated Statements of Cash Flows

For the years ended December 31, 2021, 2020 and 2019

Notes to Consolidated Financial Statements

2. Financial Statement Schedules. All schedules are omitted because they are not applicable or the required information is shown in the financial statements or notes thereto.

3. Exhibits

Exhibit	Description	Location
2.1	Agreement and Plan of Merger, dated January 10, 2022 by and between Civista Bancshares, Inc. and Comunibanc Corp.	Filed as Exhibit 2.1 to Civista Bancshares, Inc.’s Current Report on Form 8-K dated and filed on January 10, 2022 and incorporated herein by reference. (File No. 001-36192).
3.1	Second Amended and Restated Articles of Incorporation of Civista Bancshares, Inc., as filed with the Ohio Secretary of State on November 15, 2018	Filed as Exhibit 3.1 to Civista Bancshares, Inc.’s Current Report on Form 8-K dated and filed on November 16, 2018 and incorporated herein by reference (File No. 001-36192).
3.2	Amended and Restated Code of Regulations of Civista Bancshares, Inc. (adopted April 15, 2008).	Filed as Exhibit 3.2 to Civista Bancshares, Inc.’s Quarterly Report on Form 10-Q for the period ended September 30, 2017, filed on November 8, 2017 and incorporated herein by reference. (File No. 001-36192)
4.1	Indenture dated November 30, 2021, by and between Civista Bancshares, Inc. and UMB Bank, National Association, as Trustee.	Filed as Exhibit 4.1 to Civista Bancshares, Inc.’s Current Report on Form 8-K dated and filed on November 30, 2022 and incorporated herein by reference (File No. 001-36192).
4.2	Forms of 3.25% Fixed-to-Floating Rate Subordinated Notes due 2031.	Included as Exhibit A-1 and Exhibit A-2 to the Indenture filed as Exhibit 4.1 hereto.

38

Exhibit	Description	Location
4.3	Agreement to furnish instrument and agreements defining rights of holders of long-term debt.	Included herewith.
4.4	Description of Capital Stock of Civista Bancshares, Inc.	Filed as Exhibit 4.2 to Civista Bancshares, Inc.’s Annual Report on Form 10-K for the year ended December 31, 2021, filed on March 15, 2021 and incorporated herein by reference (File No. 001-36192).
10.1*	Form of Change of Control Agreement by and among Civista Bancshares, Inc., Civista Bank and certain executive officers.	Filed as Exhibit 10.1 to Civista Bancshares, Inc.’s Current Report on Form 8-K dated and filed on March 8, 2019 and incorporated herein by reference. (File No. 001-36192).
10.2*	Form of Amended and Restated Change of Control Agreement by and among Civista Bancshares, Inc., Civista Bank and certain executive officers.	Filed as Exhibit 10.1 to Civista Bancshares, Inc.’s Current Report on Form 8-K dated and filed on March 8, 2019 and incorporated herein by reference. (File No. 001-36192).
10.3*	Form of Pension Shortfall Agreement by and among Civista Bancshares, Inc., Civista Bank and certain executive officers.	Filed as Exhibit 10.2 to Civista Bancshares, Inc.’s Current Report on Form 8-K dated and filed on October 29, 2015 and incorporated herein by reference. (File No. 001-36192).
10.4*	Supplemental Nonqualified Executive Retirement Plan	Filed as Exhibit 10.12 to Civista Bancshares, Inc.’s Annual Report on Form 10-K for the year ended December 31, 2011, filed on March 15, 2012 and incorporated herein by reference (File No. 0-25980).
10.5*	Amendment to Supplemental Nonqualified Executive Retirement Plan	Filed as Exhibit 10.13 to Civista Bancshares, Inc.’s Annual Report on Form 10-K for the year ended December 31, 2011, filed on March 15, 2012 and incorporated herein by reference (File No. 0-25980).
10.6*	Second Amendment to Supplemental Nonqualified Executive Retirement Plan	Filed as Exhibit 10.1 to Civista Bancshares, Inc.’s Quarterly Report on Form 10-Q for the period ended June 30, 2016, filed on August 9, 2016 and incorporated herein by reference (File No. 1-36192)
10.7*	2018 Amendment to Supplemental Nonqualified Executive Retirement Plan	Filed as Exhibit 10.1 to Civista Bancshares, Inc.’s Quarterly Report on Form 10-Q for the period ended June 30, 2018, filed on August 8, 2018 and incorporated herein by reference (File No. 1-36192).
10.8*	Civista Bancshares, Inc. 2014 Incentive Plan	Filed as Exhibit 10.1 to Civista Bancshares, Inc.’s Registration Statement on Form S-8 filed on February 26, 2015 and incorporated herein by reference (File No. 333-202316).
10.9*	Form of Restricted Stock Award Agreement under Civista Bancshares, Inc. 2014 Incentive Plan	Filed as Exhibit 10.8 to Civista Bancshares, Inc.’s Annual Report on Form 10-K for the year ended December 31, 2018, filed on March 15, 2019 and incorporated herein by reference. (File No. 1-36192)
13.1	Civista Bancshares, Inc. 2021 Annual Report to Shareholders (not deemed filed except for portions which are specifically incorporated by reference in this Annual Report on Form 10-K)	Included herewith
21.1	Subsidiaries of CBI	Included herewith
23.1	Consent of BKD, LLP	Included herewith

39

Exhibit	Description	Location
23.2	Consent of S.R. Snodgrass, P.C.	Included herewith
31.1	Rule 13a-14(a)/15-d-14(a) Certification of Chief Executive Officer	Included herewith
31.2	Rule 13a-14(a)/15-d-14(a) Certification of Principal Accounting Officer	Included herewith
32.1	Certification of Chief Executive Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002	Included herewith
32.2	Certification of Principal Accounting Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002	Included herewith
101	The following materials from Civista Bancshares, Inc.’s Annual Report on Form 10-K for the year ended December 31, 2021, formatted in Inline XBRL (eXtensible Business Reporting Language) pursuant to Rule 405 of Regulation S-T: (i) Consolidated Balance Sheets as of December 31, 2021 and 2020; (ii) Consolidated Statements of Operations for each of the three years ended December 31, 2021, 2020 and 2019; (iii) Consolidated Statements of Comprehensive Income for each of the three years ended December 31, 2021, 2020 and 2019; (iv) Consolidated Statements of Changes in Shareholders’ Equity for each of the three years ended December 31, 2021, 2020 and 2019; (v) Consolidated Statement of Cash Flows for each of the three years ended December 31, 2021, 2020 and 2019; and (vi) Notes to Consolidated Financial Statements .
104	Cover Page Interactive Data File (embedded within the Inline XBRL document)

* Management contract or compensatory plan or arrangement

Item 16. Form 10-K Summary

Not Applicable

40

SIGNATURES

Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized.

(Registrant) Civista Bancshares, Inc.
By	/s/ Dennis G. Shaffer
	Dennis G. Shaffer, President & CEO (Principal Executive Officer)

Date: March 15, 2022

Pursuant to the requirements of the Securities Exchange Act of 1934, this report has been signed on March 15, 2022 by the following persons (including a majority of the Board of Directors of the Registrant) in the capacities indicated:

/s/ Thomas A. Depler	/s/ Allen R. Nickles, CPA , CFE , CICA
Thomas A. Depler, Director	Allen R. Nickles, CPA, CFE , CICA , Director
/s/ Harry Singer	/s/ Julie A. Mattlin
Harry Singer, Director	Julie A. Mattlin, Director
/s/ Todd A. Michel	/s/ M. Patricia Oliver
Todd A. Michel, Senior Vice President,	M. Patricia Oliver, Director
(Principal Accounting Officer)
/s/ James O. Miller	/s/ Daniel J. White
James O. Miller, Chairman of the Board	Daniel J. White, Director
/s/ Dennis E. Murray, Jr.	/s/ Dennis G. Shaffer
Dennis E. Murray, Jr., Director	Dennis G. Shaffer, President & CEO, (Principal Executive Officer)
/s/ William F. Ritzmann
William F. Ritzmann, Director

41