Risk Factors Dashboard

Once a year, publicly traded companies issue a comprehensive report of their business, called a 10-K. A component mandated in the 10-K is the ‘Risk Factors’ section, where companies disclose any major potential risks that they may face. This dashboard highlights all major changes and additions in new 10K reports, allowing investors to quickly identify new potential risks and opportunities.

View risk factors by ticker

Search filings by term

Risk Factors - PKBK

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing

Item 1A. Risk Factors.

Not applicable

Item 1B. Unresolved Staff Comments.

None.

Item 1C. Cybersecurity

The Risk Management Committee of the Board of Directors (the “Committee”) is responsible for overseeing the risks from cybersecurity threats. The Committee receives reports from, and oversees, IT Risk Assessment, Cybersecurity Risk Assessment, Annual IT Program Status Report, Vendor Management Risk Assessment, and Quarterly Internal Vulnerability Reports and current Cyber Events briefings. The Committee also makes budgeting, procedure, and policy decisions designed and intended to improve the Company’s residual risk. The Committee also makes budgeting, procedure, and policy decisions designed and intended to improve the Company’s residual risk.

The IT Steering Committee consists of the Company’s senior management, the entire IT team, and various operations personnel. The primary function of the IT Steering Committee is to perform Strategic Planning, discuss hardware and software replacement, new projects, current cybersecurity threats, and ongoing cybersecurity issues and threats. The primary function of the IT Steering Committee is to perform Strategic Planning, discuss hardware and software replacement, new projects, current cybersecurity threats, and ongoing cybersecurity issues and threats. The IT manager provides an IT status report to the Risk Management committee on a quarterly basis.

Our IT department performs annual risk assessments to evaluate the effectiveness of the controls to support the requirements under Gramm-Leach Bliley Act ("GLBA"), and Federal Institutions Examination Council ("FFIEC") Guidance on Securing Customer Information. The focus areas include:

technology systems used for information that is collected, processed, and stored;

assessing internal and external cybersecurity threats and vulnerabilities;

performing regular penetration and controls testing;

evaluation and assessment of impact should the information or systems become compromised;

evaluation for the effectiveness of the governance structure for Information security risk management.

Internal and external Penetration Testing is performed annually. Tests are conducted or reviewed by independent third parties or qualified Associates independent of those that develop or maintain the security program. Testing is performed annually by third party auditors contracted through the company's IT department. Management reviews test results promptly and ensures that appropriate steps are taken to address adverse test results. Management reviews test results promptly and ensures that appropriate steps are taken to address adverse test results. Remediation efforts are organized and made available to the Committee as well as for review by third party auditors and examiners.

The Company has adopted an Incident Response Plan (the “Plan”) to monitor, detect, mitigate and remediate cybersecurity incidents. The Plan requires all employees to have a working knowledge of the Company’s Information Security Program and Incident Response Policies. The Plan requires all employees to have a working knowledge of the Company’s Information Security Program and Incident Response Policies. Pursuant to the Plan, the Information Technology Administrator and Senior\Compliance Management identify information owners for sensitive customer information and create an incident response team. Pursuant to the Plan, the Information Technology Administrator and Senior\Compliance Management identify information owners for sensitive customer information and create an incident response team. Each Department Manager, upon notification of a potential unauthorized access, manipulation of data or theft of any item identified under GLBA Inventory and Asset Classification, is responsible for further assessing the situation in order to document the suspected or actual breech, and forward the appropriate documentation to the Information Technology Administrator. Each Department Manager, upon notification of a potential unauthorized access, manipulation of data or theft of any item identified under GLBA Inventory and Asset Classification, is responsible for further assessing the situation in order to document the suspected or actual breech, and forward the appropriate documentation to the Information Technology Administrator. The documentation of the suspected or actual incident includes the following:

a.

Identify the nature and scope of the incident.

b.

Identify the information systems affected.

c.

Identify the types of customer information potentially affected.

20
Table of Contents

Once the Department Manager has determined that unauthorized access, manipulation of data or theft of any item identified under GLBA Inventory and Asset Classification has occurred, Senior Management, the Compliance Officer and the Information Technology Administrator must be contacted immediately.

If theft of any item identified under GLBA Inventory and Asset Classification has occurred, and it cannot be determined what specific information was included on the Asset, the Asset is treated as if it contained sensitive customer information and Senior Management, the Compliance Officer and the Information Technology Administrator must be contacted immediately. If the Information Technology Administrator and Senior\Compliance Management declare an incident or if there is a confirmed theft or loss of customer information, appropriate regulatory authorities, law enforcement, and legal counsel are notified. If the Information Technology Administrator and Senior\Compliance Management declare an incident or if there is a confirmed theft or loss of customer information, appropriate regulatory authorities, law enforcement, and legal counsel are notified.

During the fiscal year ended December 31, 2025, the risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have not materially affected the Company, its business strategy, results of operations, or financial condition.

Recently Filed
Click on a ticker to see risk factors
Ticker * File Date
AMCI 17 hours ago
LASE 17 hours ago
MIND 18 hours ago
FDCT 3 days, 17 hours ago
HOFT 3 days, 17 hours ago
DREM 3 days, 17 hours ago
SRRE 3 days, 18 hours ago
FMHS 3 days, 20 hours ago
TVCN 1 week, 3 days ago
SCLX 1 week, 3 days ago
CHPG 1 week, 3 days ago
BWMG 1 week, 3 days ago
QNCX 1 week, 3 days ago
SOBR 1 week, 3 days ago
ASPI 1 week, 3 days ago
FGI 1 week, 3 days ago
PLCE 1 week, 3 days ago
TWOH 1 week, 3 days ago
AAPI 1 week, 3 days ago
BLNC 1 week, 3 days ago
PGOL 1 week, 3 days ago
CMLS 1 week, 4 days ago
BB 1 week, 4 days ago
IXAQF 1 week, 4 days ago
TLYS 1 week, 4 days ago
BEEM 1 week, 4 days ago
URSB 1 week, 4 days ago
DFNS 1 week, 4 days ago
BYND 1 week, 5 days ago
ALCY 1 week, 5 days ago
HYEX 1 week, 5 days ago
MOBQ 1 week, 5 days ago
GAME 1 week, 5 days ago
PPSI 1 week, 5 days ago
HSPT 1 week, 5 days ago
BBGI 1 week, 5 days ago
BUDZ 1 week, 5 days ago
HBUV 1 week, 5 days ago
VIRC 1 week, 5 days ago
GRUSF 1 week, 6 days ago
SMTK 1 week, 6 days ago
SBMW 1 week, 6 days ago
AIEV 1 week, 6 days ago
SKIL 1 week, 6 days ago
QMCI 1 week, 6 days ago
JAGX 2 weeks ago
CLCS 2 weeks ago
CMBMF 2 weeks ago
ELVG 2 weeks ago
SMXT 2 weeks ago

OTHER DATASETS

House Trading

Dashboard

Corporate Flights

Dashboard

App Ratings

Dashboard