Federal Deposit
Insurance Corporation

[¶12,377] In the Matter of County Bank, Rehoboth Beach, Delaware, Docket No. 04-274b (3-11-05).

A cease and desist order was issued, based on findings by the FDIC that it has reason to believe that respondent was engaged in unsafe and unsound practices. (This order was terminated by order of the FDIC dated 12-29-05; see ¶16,451.)

[.1] Short Term Loan Program (STLP)—Internal Control System—Establish

[.2] Short Term Loan Program (STLP)—Information Systems—Establish

[.3] Short Term Loan Program (STLP)—Internal Audit System—Establish

[.4] Audit—Audit Committee—Establish

[.5] Loan Policy—Merchants Required to Adhere

[.6] Loan Policy—Preparation or Revision of Policy Required

[.7] Compliance Committee—Establishment Required

[.8] Compliance Committee—Written Report Required

[.9] Progress Report—Written Report Required

[.10] Shareholders—Disclosure of Cease and Desist Order Required
{{05-31-05 p.12377.2}}

In the Matter of
COUNTY BANK
REHOBOTH BEACH, DELAWARE
(Insured State Nonmember Bank)
ORDER TO CEASE AND DESIST

FDIC-04-274b

County Bank, Rehoboth Beach, Delaware ("Insured Institution"), having been advised of its right to a Notice of Charges and of Hearing detailing the unsafe or unsound banking practices alleged to have been committed by the Insured Institution and of its right to a hearing on the alleged charges under section 8(b)(1) of the Federal Deposit Insurance Act ("Act"), 12 U.S.C. §1818(b)(1), and having waived those rights entered into a STIPULATION AND CONSENT TO THE ISSUANCE OF AN ORDER TO CEASE AND DESIST ("CONSENT AGREEMENT") with counsel for the Federal Deposit Insurance Corporation ("FDIC"), dated March 11, 2005, whereby solely for the purpose of this proceeding and without admitting or denying the alleged charges of unsafe or unsound banking, the Insured Institution consented to the issuance of an ORDER TO CEASE AND DESIST ("ORDER") by the FDIC.

The FDIC considered the matter and determined that it had reason to believe that the Insured Institution had engaged in unsafe or unsound banking practices. The FDIC, therefore, accepted the CONSENT AGREEMENT and issued the following:

ORDER TO CEASE AND DESIST

IT IS HEREBY ORDERED that the Insured Institution, its directors, officers, employees, agents, and other institution-affiliated parties (as that term is defined in Section 3(u) of the Act, 12 U.S.C. §1813(u)), and its successors and assigns cease and desist from the following unsafe or unsound banking practices:

(a) Operating with a board of directors ("Board") which fails to provide adequate supervision over and direction to the active management of the Insured Institution with regard to the Insured Institution's Short Term Loan Program ("STLP");

(b) Operating with management whose practices with respect to the STLP fail to provide effective oversight and control over the STLP and the third party Merchants ("Merchants") that market, originate and collect the short-term loans ("STLs") on behalf of the Insured Institution;

(c) Operating the Insured Institution with an inadequate system of internal controls ("Internal Control System") with regard to the nature, scope and risks of its STLP activities;

(d) Operating the Insured Institution with inadequate information systems ("Information Systems") with regard to the nature, scope and risks of its STLP activities;

(e) Operating the Insured Institution with an inadequate internal audit system ("Internal Audit System") with regard to the size of the institution and the nature and scope of its STLP activities;

(f) Engaging in hazardous lending practices that include, but are not limited to, allowing individuals other than the named borrower to execute loan documents, allowing Merchants to circumvent paydown requirements, and allowing Merchants to circumvent cooling off periods; and

(g) Operating in contravention of the Insured Institution's Policy and Procedures — Short Term Loans ("Loan Policy") as more fully set forth in the FDIC's Report of Examination of the Insured Institution (Risk Management) dated October 4, 2004 (the "Report of Examination (Risk Management)") and the FDIC's Report of Examination of the Insured Institution (Compliance) dated October 4, 2004 (the "Report of Examination (Compliance)").

IT IS FURTHER ORDERED that the Insured Institution, its institution-affiliated parties, and its successors and assigns take affirmative action as follows:

[.1] 1. With regard to the STLP, within ninety (90) days of the effective date of this ORDER, the Board shall establish and implement a comprehensive Internal Control System appropriate to the size of the institution and the nature, scope and risk of its STLP activities. At a minimum, the Internal Control System shall provide for:

(a) a revised organizational structure for the day to day operation and oversight of the Insured Institution's STLP that provides for the following:

(i) clear lines of authority and identification of reporting lines;

(ii) delegation of responsibility for monitoring

each Merchant's compliance with the requirements of the Insured Institution's Loan Policy including, but not limited to, those specific areas of non-compliance noted in the Report of Examination (Risk Management) and Report of Examination (Compliance); and

(iii) delegation of responsibility for reporting to the Board the results of the monitoring activity performed under 1(a)(ii), including specification of information and data to be reported to the Board on a periodic, but not less than quarterly, basis.

(b) An adequate number of staff to ensure compliance with subparagraphs (a)(ii) and (a) (iii) above.

[.2] 2. With regard to the STLP, within ninety (90) days of the effective date of this Order, the Board shall establish and implement information systems ("Information Systems") that are appropriate to the size of the institution and the nature, scope and risk of its activities and that specifically allow the Insured Institution to monitor Merchant adherence to the Insured Institution's Loan Policy. At a minimum, the Information Systems shall provide for:

(a) Activation and maintenance of the Insured Institution's Loan Management System ("LMS") settings uniformly for all Merchants;

(b) For any Merchants that do not use the LMS, an alternative method to establish and maintain control over the Merchant's STL application, origination and management system; and

(c) With respect to activation of settings required by (a) and (b) of this Paragraph, any changes and exceptions shall be documented by the Insured Institution and reviewed and ratified by the Board.

[.3] 3. With regard to the STLP, within ninety (90) days of the effective date of this Order, the Board shall establish an Internal Audit System that is appropriate to the size of the institution and the nature and scope of its activities. The Internal Audit System shall provide for:

(a) adequate monitoring of the system of internal controls through an internal audit function;

(b) an audit staff comprised of a sufficient number of qualified persons;

(c) independence and objectivity of the internal auditor, the audit staff, and the audit committee;

(d) adequate testing and review of STLP information systems;

(e) adequate testing and review of the STLP and all Merchants that market, originate, and/or collect STLs on behalf of the Insured Institution, such that the scope and testing are adequate to;

(i) detect substantive deficiencies in the Insured Institution's and Merchant's STLP operations;

(ii) detect signature discrepancies on STL documents created by Merchants; and

(iii) determine the Insured Institution's and each Merchant's level of compliance with the Insured Institution's Loan Policy.

(f) adequate documentation of tests and findings of any corrective actions;

(g) verification and review of management actions to address material weaknesses;

(h) tracking of deficiencies and exceptions noted in audit reports with periodic, but not less than quarterly, status reports to the board. Each deficiency and material exception should be identified, the source of the deficiency or exception and date noted, responsibility for correction assigned, and date for corrective action implemented; and

(i) review by the Insured Institution's audit committee or Board of the effectiveness of the Internal Audit Systems.

[.4] 4. Within sixty (60) days of the effective date of this Order, the Board shall establish, implement, and thereafter ensure adherence to an annual audit schedule approved by the Board.

(a) The Board (or Audit Committee) shall approve for any planned changes to or deviations from the approved audit schedule, scope, or content.

[.5] 5. Within fifteen (15) days of the effective date of this Order, the Board shall require Merchants to adhere to its Loan Policy in all respects, including periodic paydown requirements, cooling off periods, charge-off requirements, and documentation requirements with respect to situations where individuals other than the named borrower executes loan documents, including applications, notes, and renewals.

[.6] 6. Within ninety (90) days from the
{{05-31-05 p.12378.1}}

effective date of this Order, the Board shall review and revise, as appropriate, the Insured Institution's Loan Policy to incorporate the recommendations beginning on page 8 of the Report of Examination (Risk Management) and pages 9-10 of the Report of Examination (Compliance).

[.7] 7. The Insured Institution's Board shall appoint a committee (the "Compliance Committee") composed of at least three directors who are not now and have never been involved in the daily operations of the Insured Institution, and whose composition is acceptable to the Regional Director, to monitor the Insured Institution's compliance with this ORDER.

[.8] 8. Within sixty (60) days from the effective date of this ORDER, and at bi-monthly intervals thereafter, such Compliance Committee shall prepare and present to the Insured Institution's Executive Committee a written report of its findings, detailing the form, content, and manner of any action taken to ensure compliance with this ORDER and the results thereof, and any recommendations with respect to such compliance. Such progress reports shall be included in the minutes of the meeting of the Insured Institution's Board. Nothing contained herein shall diminish the responsibility of the entire Board to ensure compliance with the provisions of this ORDER.

[.9] 9. On the fifteenth day of the second month following the effective date of this ORDER, and on the fifteenth day of every third month thereafter, the Insured Institution shall furnish written progress reports to the Regional Director detailing the form and manner of any actions taken to secure compliance with this ORDER and the results thereof. Such reports may be discontinued when the Regional Director has released the Insured Institution in writing from making further reports.

[.10] 10. Within sixty (60) days from the effective date of this ORDER, the Insured Institution shall send to its shareholders or otherwise furnish a description of this ORDER. The description shall fully describe the ORDER in all material respects. The description and any accompanying communication, statement, or notice shall be sent to the FDIC, Division of Supervision, Registration, Disclosure & Securities Unit, 550 17th Street, N.W., Room F-6043, Washington, D.C., 20429 for review at least 20 days prior to dissemination to shareholders. Any changes requested to be made by the FDIC shall be made prior to dissemination of the description, communication, notice or statement.

The provisions of this ORDER shall be binding upon the Insured Institution, its directors, officers, employees, agents, successors, assigns, and other institution-affiliated parties of the Insured Institution.

This ORDER shall become effective upon issuance.

The provisions of this ORDER shall remain effective and enforceable except to the extent that, and until such time as, any provisions of this ORDER shall have been modified,terminated, suspended, or set aside by the FDIC.

Pursuant to delegated authority.

Dated: March 11, 2005.