CenterState Bank : Risk Committee Charter

Meetings

The Committee shall meet at least four times annually, and at such additional times as the Committee may deem advisable. The Chair or at least two other members of the Committee have the authority to call meetings of the committee. Members may attend meetings in person or by means of teleconference. The Chair shall be responsible for setting meeting dates and times, setting the agenda, maintaining order (presiding at the meetings) and reporting to the Company's and Bank's full Board of Directors. In addition, the Chief Risk Officer shall have the authority to call a meeting of the Committee. The Committee may invite members of management, outside consultants, or others to attend meetings and provide pertinent information, as necessary. The Secretary, who shall be appointed by the Committee Chair, shall be responsible for taking the minutes, maintaining an ongoing minute book and distributing copies of the minutes to the Committee and the full Board of Directors of the Company and the Bank.

A majority of the number of Committee members shall constitute a quorum for the transaction of business at any meeting of the Committee. If a quorum is present, the affirmative vote of a majority of Committee members present shall constitute the act of the Committee. The Committee may take any action without a meeting if all members of the Committee execute one or more written consents setting forth the action.

The agenda for each Committee meeting shall allow time during which the Risk Committee members can meet separately with the Chief Risk Officer and/or management or other persons in executive session and discuss any matters the members believe should be discussed. The term executive session refers to the practice of meeting without members of management in attendance. The purpose of these sessions is to promote open and active dialogue with those in whom the Committee places trust and confidence to enable the Committee to better preform it oversight role. To ensure the format of these sessions is open and confidential, it is the Committee's policy not to record formal minutes of the executive sessions.

It is the Committee's responsibility to follow up on any matter that arises from an executive session that the Committee deems prudent. The Committee chairman shall take that follow-up role, and shall delegate it to another Committee member if appropriate. The Committee will decide what is considered appropriate follow-up and when and if the matter has been fully resolved or whether additional action is appropriate.

Duties and Responsibilities

To fulfill its responsibilities and duties the Committee shall satisfy itself that sound policies, procedures and practices are implemented for the management of key risks under the Company's and Bank's enterprise risk framework, which includes capital, corporate governance, earnings, liquidity, credit, interest rate, market, operational, compliance and legal, strategic and reputational risk. The Committee also shall oversee the risks associated with the Correspondent and Mortgage Divisions, and any other divisions or lines of business in which the Company or Bank may be engaged. More specifically, the Committee shall:

2

1. Assist in maintaining a risk and governance culture that promotes the open discussion and proactive management of risk.
2. Approve the Company's risk management framework and periodically review and evaluate the adequacy and effectiveness of such framework in light of the Company's strategic objectives, goals and plans.
3. Review and recommend approval to the Board at least annually the Bank's risk appetite statement and related risk tolerances and other metrics and identify and monitor key Bank risks as defined in the Bank's Enterprise Risk Management Policy.
4. Review and discuss the Management Risk Committee's assessment of the Bank's aggregate enterprise- wide profile and the alignment of the Company's risk profile with the Bank's approved risk appetite, strategic plan, goals, and objectives by reviewing the Bank's risk profile against risk appetite metrics and satisfying the Committee that policies are in place to manage the risks to which the Bank is exposed within its risk tolerances for each defined risk category within the Enterprise Risk Management Policy.
5. Review, discuss, and inventory the Bank's major risk exposures across the enterprise, and review the steps the Bank has taken to identify, assess, monitor, and control such exposures so that such exposures remain within the risk tolerances in the Risk Appetite Statement.
6. Receive presentations and other information to understand the significant and emerging risks to which the Bank is exposed. This includes reviewing on an annual basis management's report on credit stress- testing results and identifying material risks and emerging risk issues and trends.
7. Providing Board level oversight of Information Security reporting, Vendor Management, Disaster Recovery Policies and Third Party Relationships, by among other things, reviewing the minutes and periodic presentations from various management level risk committees, including but not limited to, Management Risk, Compliance, CRA and Fair Lending, IT/Cyber Steering, and Disaster Recovery and Business Continuity.
8. As part of the Enterprise Risk Management process, review quarterly loss indicators across the enterprise, including Operational, Overdraft and Fraud losses.
9. Review loan review reports both internal and external.
10. Subject to Director's Loan Committee's role with regard to oversight of the company's credit risk, including compliance with credit policies, concentration and other limits and review of credit trends, and as part of Risk Committee's oversight of Enterprise Risk Management, loan review and credit stress testing function, review key risk indicators surrounding the nature, characteristics, concentration and quality of the Bank's credit portfolio, as well as all significant exposures to credit risk and review of exceptions to risk principles, if any, and trends in portfolio quality (credit and position risk).
11. Subject to the Asset Liability Committee's role with regard to oversight of market risk, liquidity risk, interest rate risk, economic trends and other risk information, review key risk indicators with respect to such risks as part of the Enterprise Risk Management process.
12. Review and oversee matters of non-financial compliance, including, without limitation: the Company's overall compliance programs, policies and procedures; significant legal and regulatory compliance exposure; and material reports or inquiries from regulators or government agencies.

3

1. Subject to the Culture Committee's oversight of the overall training and development functions in the bank, review and oversee appropriate training of officers and employees in the compliance with law and regulation in order to support lawful and ethical business conduct by the Company's officers and employees.
2. Subject to Audit Committee's role with regard to financial noncompliance or potential noncompliance, provide oversight of investigations of (a) any significant instances of noncompliance with the Bank's compliance programs, policies, procedures and applicable laws and regulations, or (b) potential compliance or legal violations reported to the Committee.
3. Subject to Audit Committee's role with regard to financial matters, oversee the review of the Complaint Management Program maintained by the Compliance area.
4. As necessary or advisable, or as may be required to carry out statutory, regulatory, or other responsibilities, coordinate and share information with, or receive information from, other Board committees and executive management.
5. Establish and review a calendar of events to ensure all Committee requirements are performed within the allotted timeframes.
6. Carry out additional duties that may be delegated to it by the Board from time to time.

Responsibilities listed in this Charter should serve as a guide with the understanding that the Committee may perform additional functions and adopt additional policies and procedures as may be appropriate in light of changing business, legislative, regulatory, legal, or other conditions.

Resources; Access to Records and Advisors

The Committee shall have the authority to committee and use corporate funds to fulfill its responsibilities, including but not omitted to training, hiring and compensating external advisors and paying of ordinary administrative expenses. The Committee shall full access to any relevant records of the Company and have the power and authority to obtain, at its discretion, advice and assistance from internal or external financial, legal, accounting, or other advisers.

4

Annual Review of Charter & Committee Performance

The Committee shall annually review and assess the adequacy of its Charter and recommend changes to the Board. The Board may amend this charter from time to time by action at any meeting, or by unanimous written consent.

The Committee shall conduct an annual performance evaluation of the Committee, which shall, among other things, compare the performance of the Committee with the requirements of this Charter. The performance evaluation shall be conducted in such manner as the Committee deems appropriate and the Committee shall report the evaluation results to the Board

Approved June 2015; updated December 2016; updated April 2017; updated April 2018; updated April 2019; updated April 2020.

5