What changed in Truist Financial's 2025 10-K compared to 2024?

Across the narrative sections we track, Truist Financial (TFC) added 881 paragraphs, removed 867, and edited 657 between the 2024 and 2025 10-K filings. The biggest movers are Item 7. Management's Discussion & Analysis (+294/−325), Item 1A. Risk Factors (+337/−281), Item 1. Business (+196/−208).

Did Truist Financial add new Risk Factors in the 2025 10-K?

Yes — Item 1A Risk Factors shows 337 new/edited paragraphs and 281 removed paragraphs versus the 2024 10-K.

What changed in Truist Financial's MD&A (Item 7) in 2025?

Item 7 Management's Discussion & Analysis shows 294 new/edited paragraphs and 325 removed paragraphs year-over-year. Read the side-by-side diff to see exactly which revenue, margin, and outlook commentary was rewritten.

Did Truist Financial update its Cybersecurity disclosure (Item 1C) in 2025?

Item 1C Cybersecurity has 34 paragraph-level changes between the 2024 and 2025 filings.

Where does this TFC 10-K diff come from?

The source filings are Truist Financial's official 2024 and 2025 Form 10-K annual reports from SEC EDGAR. 10q10k.net parses each filing, aligns paragraphs by section (Item 1, 1A, 1C, 2, 3, 7, 7A), and highlights every added, removed and edited sentence side-by-side.

What changed in Truist Financial's 10-K — 2024 vs 2025

Paragraph-level year-over-year comparison of Truist Financial's 2024 and 2025 10-K annual filings, covering the Business, Risk Factors, Legal Proceedings, Cybersecurity, MD&A and Market Risk sections. Every new, removed and edited paragraph is highlighted side-by-side so you can see exactly what management changed in the 2025 report.

+881 added−867 removedSource: 10-K (2026-02-24) vs 10-K (2025-02-25)

Top changes in Truist Financial's 2025 10-K

881 paragraphs added · 867 removed · 657 edited across 6 sections

Item 7. Management's Discussion & Analysis+294 / −325 · 227 edited
Item 1A. Risk Factors+337 / −281 · 246 edited
Item 1. Business+196 / −208 · 143 edited
Item 1C. Cybersecurity+34 / −32 · 25 edited
Item 5. Market for Registrant's Common Equity+18 / −19 · 14 edited

Item 1. Business

Business — how the company describes what it does

143 edited+53 added−65 removed25 unchanged

2024 filing

2025 filing

Biggest changeOur 2025 strategic objectives are to: • Leverage our capital position by growing and capturing additional share within our high growth markets and existing client base in key focus areas in WB and CSBB and in areas, markets, and client solutions where we have invested significantly and have momentum. • In WB, deepen and grow existing client relationships in areas like Payments and Wealth, enhance the client digital experience, continue our momentum in Investment Banking and Trading, and capture more share of the commercial middle market. • In CSBB, grow core deposits, deepen existing relationships with Premier clients, enhance the client digital experience, and drive additional fee and loan growth through our differentiated consumer lending solutions. • Continue to invest in important areas like new and existing talent, technology, risk, and cybersecurity, while maintaining our expense discipline with a goal of driving positive operating leverage. • Maintain our credit and risk discipline. • Return capital to shareholders through our common stock dividend and share repurchase authorization.

Biggest changeOur values are: • Trustworthy – we serve with integrity • Caring – everyone and every moment matters • One Team – together we can accomplish anything • Success – when our clients win, we all win • Happiness – positive energy changes lives Truist Financial Corporation 5 Strategy In 2025, our work centered around five core strategic priorities: • Execute strategic growth and profitability initiatives in both WB and CSBB including: ◦ In WB, capture more of the commercial middle market with an industry banking strategy, continue momentum in Investment Banking and Capital Markets, generate additional fee income from existing clients in Wealth, and deepen and grow existing client relationships in Wholesale Payments. ◦ In CSBB, grow deposits with a focus on Premier clients, increase client acquisition, deepen client relationships, and drive digital acquisition and client engagement. • Drive positive operating leverage through revenue growth and expense discipline. • Invest in talent, technology, and our risk infrastructure. • Maintain our credit and risk discipline. • Return capital to shareholders through our common stock dividend and share repurchases.

The SCB is equal to the greater of (i) the difference between Truist’s starting and minimum projected CET1 capital ratios under the severely adverse scenario in the supervisory stress test, plus the sum of the dollar amount of its planned common stock dividends for each of the fourth through seventh quarters of the planning horizon as a percentage of risk-weighted assets, or (ii) 2.5%.

A joint regulation from the FRB, OCC, and FDIC requires a banking organization to notify its primary federal regulators as soon as possible and within 36 hours after identifying a “computer-security incident” that the banking organization believes in good faith has materially disrupted or degraded, or is reasonably likely to materially disrupt or degrade its business or operations in a manner that would, among other things, jeopardize the viability of its operations, result in customers being unable to access their deposit and other accounts, result in a material loss of revenue, profit or stock price, or pose a threat to the financial stability of the U.S.

A joint regulation from the FRB, the OCC, and the FDIC requires a banking organization to notify its primary federal regulators as soon as possible and within 36 hours after identifying a “computer-security incident” that the banking organization believes in good faith has materially disrupted or degraded, or is reasonably likely to materially disrupt or degrade, its business or operations in a manner that would, among other things, jeopardize the viability of its operations, result in customers being unable to access their deposit and other accounts, result in a material loss of revenue, profit or stock price, or pose a threat to the financial stability of the U.S.

The Dodd-Frank Act requires that certain swap dealers and security-based swap dealers register with one or both of the SEC and CFTC, depending on the nature of the swaps business.

The Dodd-Frank Act requires that certain swap dealers and security-based swap dealers register with one or both of the SEC and the CFTC, depending on the nature of the swaps business.

These practices include: • Performance management - goal planning, feedback, check-ins, and performance evaluation. • Succession planning - tools that identify potential interim, near- and longer-term internal successors designed to allow for optionality and business continuity. • Talent assessment - manager evaluation of the forward-looking potential of eligible teammates through the lens of their ability, agility, and aspiration as well as consideration of retention risk. • Progression planning - helps teammates and managers chart a path for teammates to learn, grow, and have meaningful careers. • Enterprise strategic workforce planning and skill assessments – a practice enabling the business to plan for the appropriate workforce capability and capacity in target job profiles.

These practices include: • Performance management - goal planning, feedback, check-ins, and performance evaluation. • Succession planning - tools that identify potential interim, near- and longer-term internal successors designed to allow for optionality and business continuity. • Talent assessment - manager evaluation of the forward-looking potential of eligible teammates through the lens of their performance, ability, agility, and aspiration as well as consideration of retention risk. • Progression planning - helps teammates and managers chart a path for teammates to learn, grow, and have meaningful careers. • Enterprise strategic workforce planning and skill assessments – a practice enabling the business to plan for the appropriate workforce capability and capacity in target job profiles.

Website Access to Truist’s Filings with the SEC Truist’s electronic filings with the SEC, including the Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to these reports filed or furnished pursuant to Sections 13(a) or 15(d) of the Exchange Act are made available at no cost on the Company’s Investor Relations website, IR.Truist.com , as soon as reasonably practicable after Truist files such material with, or furnishes it to, the SEC.

Website Access to Truist’s Filings with the SEC Truist’s electronic filings with the SEC, including the Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to these reports filed or furnished pursuant to Sections 13(a) or 15(d) of the Exchange Act are made available at no cost on the Company’s Investor Relations website, https://ir.truist.com, as soon as reasonably practicable after Truist files such material with, or furnishes it to, the SEC.

The rule also requires data providers holding a consumer account, such as Truist Bank, to establish a developer interface satisfying certain data security specifications and other standards, through which the data provider can receive requests for, and provide, specific types of data covered by the rule in electronic, usable form to authorized third parties, including data aggregators.

The rule also requires data providers holding a consumer account, such as Truist Bank, to establish a developer interface satisfying certain data security specifications and other standards, through which the data provider can receive requests for and provide specific types of data covered by the rule in electronic, usable form to authorized third parties such as data aggregators.

Available stable funding represents a weighted measure of a company’s funding sources over a one-year time horizon, calculated by applying standardized weightings to the company’s equity and liabilities based on their expected stability. Required Stable Funding is calculated by applying standardized weightings to assets, derivatives exposures, and certain other items based on their liquidity characteristics.

Available stable funding represents a weighted measure of a company’s funding sources over a one-year time horizon, calculated by applying standardized weightings to the company’s equity and liabilities based on their expected stability. Required Stable Funding is calculated by applying standardized weighting to assets, derivatives exposures, and certain other items based on their liquidity characteristics.

The market share limitations impose conditions that the acquiring BHC, after and as a result of the acquisition, control no more than 10% of the total amount of deposits of IDIs in the U.S. and no more than 30%, subject to variation by state law, of such deposits in applicable states.

The FRB’s market share limitations impose conditions that the acquiring BHC, after and as a result of the acquisition, control no more than 10% of the total amount of deposits of IDIs in the U.S. and no more than 30%, subject to variation by state law, of such deposits in applicable states.

Talent Development Truist teammates have access to extensive programs and benefits for career advancement. Teammates can partner with a certified coach to help them identify and focus on potential career paths, create clear goals, and remain accountable in achieving those goals.

Talent Development Truist teammates have access to programs and benefits for career advancement. Teammates can partner with a certified coach to help them identify and focus on potential career paths, create clear goals, and remain accountable in achieving those goals.

The FRB’s CCAR framework and the Dodd-Frank Act stress testing framework also require BHCs subject to Category III standards, such as Truist, to conduct company-run stress tests and submit to supervisory stress tests conducted by the FRB.

The FRB’s CCAR framework and the Dodd-Frank Act stress testing framework require BHCs subject to Category III standards, such as Truist, to conduct company-run stress tests and submit to supervisory stress tests conducted by the FRB.

In addition, laws in all 50 U.S. states generally require businesses to provide notice under certain circumstances to individuals whose personal information has been disclosed as a result of a data breach. Moreover, the New York Department of Financial Services Cybersecurity Regulation is driving significant cybersecurity compliance activities for Truist.

Truist also is subject to FRB rules that require certain large BHCs to conduct internal liquidity stress tests over a range of time horizons, maintain a buffer of highly liquid assets sufficient to meet projected net outflows under the BHC’s 30-day liquidity stress test, and maintain a contingency funding plan that meets certain requirements.

Truist is also subject to FRB rules that require certain large BHCs to conduct internal liquidity stress tests over a range of time horizons, maintain a buffer of highly liquid assets sufficient to meet projected net outflows under the BHC’s 30-day liquidity stress test, and maintain a contingency funding plan.

Federal law authorizes interstate acquisitions of banks and BHCs without geographic limitation, and a bank headquartered in one state is authorized to merge with a bank headquartered in another state, subject to market share limitations, regulatory approvals, and any state requirement that the target bank shall have been in existence and operating for a minimum period of time.

Federal law authorizes interstate acquisitions of banks and BHCs without geographic limitation, and a bank headquartered in one state is authorized to merge with a bank headquartered in another state, subject to market share limitations, regulatory approvals, and any state requirement that the target bank must have been in existence and operating for a minimum period of time.

Truist’s SEC filings are also available through the SEC’s website at sec.gov . Truist may use its website to distribute Company information, including as a means of disclosing material, non-public information and for complying with its disclosure obligations under Regulation FD.

Truist’s SEC filings are also available through the SEC’s website at https://www.sec.gov. Truist may use its website to distribute Company information, including as a means of disclosing material, non-public information and for complying with its disclosure obligations under Regulation FD.

Data providers are prohibited from charging consumers or third parties fees for processing these consumer data requests. The rule also places certain data security, authorization, and other obligations on third parties accessing covered data from data providers, which could include Truist and Truist Bank when acting in certain capacities.

Data providers are prohibited from charging consumers or third parties fees for processing these consumer data requests. The rule further places certain data security, authorization, and other obligations on third parties accessing covered data from data providers, which could include Truist and Truist Bank when acting in certain capacities.

Truist competes actively with national, regional, and local financial services providers, including banks, thrifts, credit unions, investment advisers, asset managers, securities brokers and dealers, private-equity funds, hedge funds, mortgage-banking companies, finance companies, and financial technology companies.

If the failure to meet these standards persists, a FHC may be required to divest its IDI subsidiaries or cease all activities other than those activities that may be conducted by BHCs that are not FHCs.

If the failure to meet these standards persists, an FHC may be required to divest its IDI subsidiaries or cease all activities other than those activities that may be conducted by BHCs that are not FHCs.

These factors include the competitive effects of the proposal in the relevant geographic markets; the financial and managerial resources and future prospects of the companies and banks involved in the transaction; the effect of the transaction on the financial stability of the U.S.; the organizations’ compliance with anti-money laundering laws and regulations; the convenience and needs of the communities to be served; and the records of performance under the CRA of the IDIs involved in the transaction.

These factors include the competitive effects of the transaction in the relevant geographic markets; the financial and managerial resources and future prospects of the companies and banks involved in the transaction; the effect of the transaction on the financial stability of the U.S.; the organizations’ compliance with anti-money laundering statutes and regulations; the convenience and needs of the communities to be served; and the records of performance under the CRA of the IDIs involved in the transaction.

Capital Planning and Stress Testing Requirements In addition to the regulatory capital requirements, under the FRB’s CCAR process and related capital plan rule, Truist must submit an annual capital plan to the FRB that reflects its projected financial performance under hypothetical macro-economic scenarios, including stress scenarios designed by Truist and a supervisory severely adverse scenario provided by the FRB.

Capital Planning and Stress Testing Requirements Under the FRB’s CCAR process and related capital plan rule, Truist must submit an annual capital plan to the FRB that reflects its projected financial performance under hypothetical macro-economic scenarios, including stress scenarios designed by Truist and a supervisory severely adverse scenario provided by the FRB.

In addition, once implementing regulations are finalized, the Cyber Incident Reporting for Critical Infrastructure Act (“CIRCIA”) will require, among other things, covered entities to report significant cyber incidents, including ransomware attacks, to the Cybersecurity and Infrastructure Security Agency (“CISA”) within 72 hours from the time the covered entity reasonably believes the incident occurred (and within 24 hours of making a ransom payment as a result of a ransomware attack).

Truist Financial Corporation 13 In addition, once implementing regulations are finalized, the Cyber Incident Reporting for Critical Infrastructure Act (“CIRCIA”) will require, among other things, covered entities to report significant cyber incidents, including ransomware attacks, to the Cybersecurity and Infrastructure Security Agency (“CISA”) within 72 hours from the time the covered entity reasonably believes the incident occurred (and within 24 hours of making a ransom payment as a result of a ransomware attack).

Truist Bank’s uncleared swaps and security-based swaps are subject to variation margin and initial margin requirements. Truist Financial Corporation 15 Broker-Dealer and Investment Adviser Regulation Truist’s broker-dealer and investment adviser subsidiaries are subject to regulation by the SEC. FINRA is the primary self-regulatory organization for Truist’s registered broker-dealer subsidiaries.

Truist Bank’s uncleared swaps and security-based swaps are subject to variation margin and initial margin requirements. Broker-Dealer and Investment Adviser Regulation Truist’s broker-dealer and investment adviser subsidiaries are subject to regulation by the SEC. FINRA is the primary self-regulatory organization for Truist’s registered broker-dealer subsidiaries.

The NCCOB also has the authority to take possession of a North Carolina state bank in certain circumstances, including when it appears that such bank has violated its charter or any applicable laws, is conducting its business in an unauthorized or unsafe manner, is in an unsafe or unsound condition to transact its business or has an impairment of its capital stock.

The NCCOB also has the authority to take possession of a North Carolina state bank in certain circumstances, including when it appears that the bank has violated its charter or applicable law, is conducting its business in an unauthorized or unsafe manner, is in an unsafe or unsound condition to transact its business, or has an impairment of its capital stock.

Certain large banking organizations with trading assets and liabilities above certain thresholds, including Truist, are subject to the Market Risk Rule and must adjust their risk-based capital ratios to reflect the market risk of their trading activities. Refer to the “Market Risk” section of the MD&A for additional disclosures related to market risk management.

Certain large banking organizations with significant trading assets and liabilities, including Truist, are subject to the Market Risk Rule and must adjust their risk-based capital ratios to reflect the market risk of their trading activities. Refer to the “Market Risk” section in MD&A for additional disclosures related to market risk management.

The NSFR rule defines a minimum amount of stable, long-term funding that banking organizations must maintain in relation to their asset composition and off-balance sheet activities. The NSFR, calculated as the ratio of available stable funding to required stable funding, must exceed 1.0x.

(2) Source: FDIC.gov data as of June 30, 2024. (3) As of December 31, 2024. 4 Truist Financial Corporation Competition The financial services industry is intensely competitive and constantly evolving.

(2) Source: www.FDIC.gov data as of June 30, 2025. (3) As of December 31, 2025. 4 Truist Financial Corporation Competition The financial services industry is intensely competitive and constantly evolving.

In 2024, the FDIC adopted a final rule that significantly modified the required frequency and informational content of IDI Resolution Plans. As a result of the rule, Truist Bank must submit a full IDI Resolution Plan to the FDIC every three years and an interim supplement in the years in which a full IDI Resolution Plan is not due.

Truist Bank is registered with the CFTC as a swap dealer and is conditionally registered with the SEC as a security-based swap dealer, subjecting Truist Bank to requirements under the CFTC’s and SEC’s regulatory regimes.

Truist Bank is registered with the CFTC as a swap dealer and is registered with the SEC as a security-based swap dealer, subjecting Truist Bank to the CFTC’s and SEC’s regulatory regimes.

Headquartered in Charlotte, North Carolina, Truist has leading market share in many of the high-growth markets in the U.S. and offers a wide range of products and services through wholesale and consumer businesses, including consumer and small business banking, commercial and corporate banking, investment banking and capital markets, wealth management, payments, and specialized lending businesses.

Headquartered in Charlotte, North Carolina, Truist has leading market share in many of the high-growth markets in the U.S. and offers a wide range of products and services through its WB and CSBB operating segments, including consumer and small business banking, commercial and corporate banking, investment banking and capital markets, wealth management, payments, and specialized lending businesses.

The rule also requires such third parties to limit their collection, use, and retention of the data received from the applicable data provider to only what is reasonably necessary to provide the applicable consumer’s requested product or service, including uses that are reasonably necessary to improve the product or service.

In addition, the rule requires these third parties to limit their collection, use, and retention of the data received from the applicable data provider to only what is reasonably necessary to provide the applicable consumer’s requested product or service, including uses that are reasonably necessary to improve the product or service.

This proposal would also impose a long-term debt requirement on certain categories of insured depository institutions, including insured depository institutions with $100 billion or more in total assets, such as Truist Bank.

This proposal would also impose a long-term debt requirement on certain categories of IDIs, including IDIs with $100 billion or more in total assets, such as Truist Bank.

The FRB also conducts CCAR and Dodd-Frank Act supervisory stress tests employing internal supervisory models on the supervisory stress scenarios. As a Category III banking organization, Truist is subject to supervisory stress testing on an annual basis and company-run stress testing on a biennial basis.

The FRB conducts CCAR and Dodd-Frank Act supervisory stress tests employing internal supervisory models and supervisory stress scenarios. As a Category III banking organization, Truist is subject to annual supervisory stress testing and biennial company-run stress testing requirements.

FRB rules also prohibit a FHC from combining with another company if the resulting company’s liabilities would exceed 10% of the aggregate consolidated liabilities of all financial companies.

FRB rules also prohibit an FHC from combining with another company if the resulting company’s liabilities would exceed 10% of the aggregate consolidated liabilities of all U.S. financial companies.

Corporate Governance Information with respect to Truist’s Board of Directors, Executive Officers, and corporate governance policies and principles is presented on Truist’s Investor Relations website, IR.Truist.com .

Corporate Governance Information with respect to the Board, Executive Officers, and corporate governance policies and principles is presented on Truist’s Investor Relations website, https://ir.truist.com.

Federal regulations require a FHC to act as a source of financial and managerial strength for its subsidiary banks. In times of severe financial stress, the obligation to serve as a source of strength could cause Truist to commit significant resources to supporting Truist Bank that otherwise would be available to Truist’s creditors and shareholders.

Federal law requires an FHC to act as a source of financial and managerial strength for its subsidiary IDIs. In times of severe financial stress, the obligation to serve as a source of strength could cause Truist to commit significant resources to supporting Truist Bank that otherwise would be available to Truist’s creditors and shareholders.

The CFPB examines Truist and Truist Bank for compliance with a broad range of federal consumer financial laws and regulations, including the laws and regulations that relate to deposit products, credit card, mortgage, automobile, student, and other consumer loans, and other consumer financial products and services offered.

The CFPB examines Truist and Truist Bank for compliance with a broad range of federal consumer financial statutes and regulations, including those that relate to credit card, mortgage, automobile, student, and other consumer loans as well as deposit products and other consumer financial products and services.

These risk-weighted assets are used to calculate the following minimum capital ratios for Truist and Truist Bank: • CET1 Risk-Based Capital Ratio, equal to the ratio of CET1 capital to risk-weighted assets.

These risk-weighted assets are the denominator in the following minimum capital ratios for Truist and Truist Bank: • CET1 Risk-Based Capital Ratio, equal to the ratio of CET1 capital to risk-weighted assets.

Truist is required to submit its next capital plan and the results of its own stress tests to the FRB by April 5, 2025. The FRB is required to announce the results of its supervisory stress tests by June 30, 2025.

Truist is required to submit its next capital plan and the results of its internal stress tests to the FRB by April 5, 2026. The FRB is expected to announce the results of its supervisory stress tests by June 30, 2026.

The FRB has indicated generally that it may be an unsafe or unsound practice for BHCs to pay dividends unless a BHC’s net income is sufficient to fund the dividends and the expected rate of earnings retention is consistent with the organization’s capital needs, asset quality, and overall financial condition.

The FRB has indicated generally that paying dividends may be an unsafe and unsound practice unless net income is sufficient to fund the dividends and the expected rate of earnings retention is consistent with the BHC’s capital needs, asset quality, and overall financial condition.

In addition, various U.S. regulators, including the FRB and the SEC, have increased their focus on cybersecurity through guidance, examinations, and regulations. Truist Financial Corporation 13 At the federal level, the Gramm-Leach-Bliley Act requires financial institutions to, among other things, implement policies and procedures regarding the disclosure of nonpublic personal information about consumers to non-affiliated third parties.

In addition, a number of government entities, including the FRB and the SEC, have increased their focus on cybersecurity through guidance, examinations, and regulations. At the federal level, the Gramm-Leach-Bliley Act requires financial institutions to, among other things, implement policies and procedures regarding the disclosure of nonpublic personal information about consumers to non-affiliated third parties.

Truist Financial Corporation 7 Under the Tailoring Rules, Truist is subject to the standards applicable to Category III banking organizations, which generally include BHCs with greater than $250 billion, but less than $700 billion, in total consolidated assets and less than $75 billion in certain risk-related exposures.

Under tailoring rules adopted by the U.S. banking agencies, Truist is subject to the standards and requirements applicable to Category III banking organizations, which generally include BHCs with greater than $250 billion, but less than $700 billion, in total consolidated assets and less than $75 billion in certain risk-related exposures.

Consumer Protection Laws and Regulations In connection with its lending and leasing activities, Truist Bank is subject to federal and state laws designed to protect borrowers and promote lending to various sectors of the economy and population.

Consumer Protection Laws In connection with its lending, leasing and deposit-taking activities, Truist Bank is subject to federal and state laws designed to protect consumers and borrowers and to promote financial services for various sectors of the economy and population.

These requirements are based on the capital framework developed by the BCBS for strengthening the regulation, supervision, and risk management of banks under Basel III rules, as well as certain provisions of the Dodd-Frank Act.

The U.S. risk-based regulatory capital rules are based on the Basel Framework developed by the BCBS for strengthening the regulation, supervision, and risk management of banks as well as certain provisions of the Dodd-Frank Act.

Truist is subject to more stringent liquidity and capital requirements, leverage limits, stress testing, single-counterparty credit limits, resolution planning, and enhanced risk management standards than those applicable to smaller institutions, while certain larger banking organizations are subject to even more enhanced prudential standards than Truist.

Truist Financial Corporation 7 Truist is therefore subject to more stringent liquidity and capital requirements, leverage limits, internal and supervisory stress testing requirements, single-counterparty credit limits, resolution planning requirements, and enhanced risk management standards compared to smaller institutions, while certain larger banking organizations are subject to even more stringent prudential standards and requirements than Truist.

The special assessment will be paid in ten quarterly installments, which began in the second quarter of 2024.

The special assessment will be paid by IDIs in eight quarterly installments, which began in the second quarter of 2024.

The company-run stress tests employ stress scenarios provided by the FRB and incorporate the Dodd-Frank Act capital actions, which are intended to normalize capital distribution assumptions across large U.S. BHCs. In addition, Truist is required to conduct annual stress tests using internally-developed scenarios intended to stress the unique risk profile of the institution.

Company-run stress tests employ stress scenarios provided by the FRB and incorporate Dodd-Frank Act capital actions intended to normalize capital distribution assumptions across large U.S. BHCs. Truist is required to conduct additional stress tests using internally-developed scenarios tailored to its unique risk profile.

These laws and regulations, as well as proposed legislation and regulation, are subject to revision or formal guidance and may be interpreted or applied in a manner inconsistent with the Company’s understanding, which may result in further uncertainty and require Truist to incur additional costs to comply.

These statutes and regulations, as well as proposed legislation and regulation regarding privacy, data protection, and cybersecurity, are subject to revision or formal guidance and may be interpreted or applied in a manner inconsistent with the Company’s understanding, which may result in further uncertainty and require Truist to incur additional costs to comply. Refer to “Item 1A.

Truist Financial Corporation 9 Long-Term Debt and Clean Holding Company Requirements In 2023, the U.S. banking regulators proposed a rule that would require banking organizations with $100 billion or more in total assets to comply with long-term debt requirements and clean holding company requirements that currently apply only to GSIBs.

Long-Term Debt and Clean Holding Company Requirements U.S. banking agencies issued a proposed rule that would require banking organizations with $100 billion or more in total assets to comply with long-term debt requirements and clean holding company requirements that currently apply only to GSIBs.

Capital Requirements Truist and Truist Bank are subject to certain risk-based and leverage capital ratio requirements. These are established by the FRB, for Truist, and by the FDIC, for Truist Bank.

Capital Requirements Truist and Truist Bank are subject to risk-based and leverage regulatory capital requirements, which are established by the FRB for Truist and by the FDIC for Truist Bank.

After a bank has established branches in a state through an interstate merger transaction, the bank may establish and acquire additional branches at any location in the state where a bank headquartered in that state could have established or acquired branches under applicable federal or state law. These regulatory considerations are applicable to privately negotiated acquisition transactions.

There also are a number of obligations and restrictions imposed on BHCs and their IDI subsidiaries by federal law and regulatory policy that are designed to reduce potential loss exposure to depositors and the DIF in the event the IDI is insolvent or is in danger of becoming insolvent.

Truist Financial Corporation 11 Federal law and regulatory policy impose a number of obligations and restrictions on BHCs and their IDI subsidiaries that are designed to reduce potential loss exposure to depositors and the DIF in the event that the BHC or the IDI becomes or is in danger of becoming insolvent.

In addition, FDIC-supervised institutions must monitor overdraft payment programs for “excessive or chronic” client use and undertake “meaningful and effective” follow-up action with clients that overdraw their accounts more than six times during a rolling 12-month period.

Financial institutions must provide consumers with a notice that explains the financial institution’s overdraft services, including associated fees and the consumer’s choices. In addition, FDIC-supervised institutions must monitor overdraft payment programs for “excessive or chronic” client use and undertake “meaningful and effective” follow-up action with clients that overdraw their accounts more than six times during a rolling 12-month period.

Such requests are considered incidental to the normal conduct of business. Human Capital Truist works as One Team—unified by its purpose, mission, and values—to meet clients’ needs, uplift communities, empower teammates, and promote effective risk management and controls to drive performance.

Human Capital Truist works as One Team—unified by its purpose, mission, and values—to meet clients’ needs, uplift communities, empower teammates, and promote effective risk management and controls to drive performance.

In certain instances relating to an undercapitalized banking institution, the BHC, in its capacity as a source of strength would be required to guarantee the performance of the undercapitalized subsidiary’s capital restoration plan and could be liable for civil money damages for failure to fulfill those guarantee commitments.

In certain instances, a BHC acting as a source of strength would be required to guarantee the performance of the undercapitalized subsidiary’s capital restoration plan and could be liable for civil money damages for failing to fulfill those guarantees.

Further, the final rule introduces a new credibility standard for evaluating the adequacy of IDI Resolution Plan submissions, including increased engagement and capabilities testing. The application of this new credibility standard may require the exercise of a meaningful degree of judgment by the FDIC.

The final rule introduced a new credibility standard for evaluating the adequacy of IDI Resolution Plan submissions, set expectations for capabilities testing, and contemplated increased engagement between IDIs and examiners. The application of the new credibility standard may require the exercise of a meaningful degree of judgment by the FDIC.

If the full countercyclical buffer amount is implemented, Truist would be required to maintain a CET1 capital ratio of at least 9.8%, a Tier 1 capital ratio of at least 11.3%, and a Total capital ratio of at least 13.3% to avoid limitations on capital distributions and certain discretionary incentive compensation payments.

Based on Truist’s current SCB, if the maximum CCyB amount is implemented, Truist would be required to maintain a CET1 capital ratio of at least 9.5%, a Tier 1 capital ratio of at least 11.0%, and a total capital ratio of at least 13.0% to avoid limitations on capital distributions and certain discretionary incentive compensation payments.

In addition, if adopted as proposed, the clean holding company requirement would limit or prohibit Truist from entering into certain transactions that could impede its orderly resolution, including, for example, prohibiting Truist from entering into transactions that could spread losses to subsidiaries and third parties, as well as limiting the amount of Truist’s liabilities that are not eligible long-term debt.

The clean holding company requirements would limit or prohibit banking organizations such as Truist from entering into certain transactions that could impede its orderly resolution, including transactions that could spread losses to subsidiaries and third parties or could limit the amount of Truist’s liabilities that are not eligible long-term debt.

Through its risk monitoring and oversight routines, the Enterprise Ethics Office identifies trends and insights related to organizational culture and control environment, which are reported to the Executive-level Enterprise Risk Committee and the Board.

The Enterprise Ethics Office also facilitates the Board’s review and approval of the Code of Ethics. Through its risk monitoring and oversight routines, the Enterprise Ethics Office identifies trends and insights related to Truist’s organizational culture and control environment, which are reported to the Executive-level ERC and the Board.

Furthermore, if an IDI subsidiary of a FHC has not maintained a satisfactory CRA rating, the FHC would not be able to commence any new financial activities or acquire a company that engages in such activities, although the FHC would still be allowed to engage in activities closely related to banking and make investments in the ordinary course of conducting banking activities.

Furthermore, if an IDI subsidiary of an FHC has not maintained a satisfactory CRA rating, the FHC would not be able to commence any new financial activities or acquire a company that engages in such activities, although the FHC would still be allowed to engage in activities that may be conducted by BHCs that are not FHCs.

Liquidity Requirements Certain BHCs and their bank subsidiaries, including Truist and Truist Bank, are subject to a minimum LCR and NSFR. The LCR rule requires that banking organizations maintain an amount of eligible HQLA that is sufficient within the parameters of the rule to meet estimated total net cash outflows over a prospective 30 calendar-day period of stress.

The LCR rule requires that banking organizations maintain an amount of eligible HQLA that is sufficient within the parameters of the rule to meet estimated total net cash outflows over a prospective 30 calendar-day period of stress.

Like other lenders, Truist Bank uses credit bureau data in its underwriting activities. The Fair Credit Reporting Act regulates reporting information to credit bureaus, prescreening individuals for credit offers, sharing of information between affiliates, and using affiliate data for marketing purposes. Similar state laws may impose additional requirements on Truist Bank.

The Fair Credit Reporting Act regulates use of such data, as well as reporting information to credit bureaus, prescreening individuals for credit offers, sharing of information between affiliates, and using affiliate data for marketing purposes. Similar state laws impose additional requirements on Truist Bank.

Institutions are assigned one of four ratings: “Outstanding,” “Satisfactory,” “Needs to Improve,” or “Substantial Noncompliance.” This assessment is considered for any bank that applies to merge or consolidate with or acquire the assets or assume the liabilities of an IDI, or to open or relocate a branch office.

Banks are assigned one of four ratings: “Outstanding,” “Satisfactory,” “Needs to Improve,” or “Substantial Noncompliance.” A bank’s assessment is considered in connection with its application to merge or consolidate with or acquire the assets or assume the liabilities of another bank or to open or relocate a branch office.

Financial institutions must also impose daily limits on overdraft charges, review and modify check-clearing procedures, prominently distinguish account balances from available overdraft coverage amounts, and provide for board and management oversight regarding overdraft payment programs. In response to direct client feedback, Truist offers checking accounts that are not subject to overdraft fees.

CET1 capital primarily includes common shareholders’ equity subject to certain regulatory adjustments and deductions, including with respect to goodwill, intangible assets, certain deferred tax assets, and AOCI. • Tier 1 Risk-Based Capital Ratio, equal to the ratio of Tier 1 capital to risk-weighted assets.

CET1 capital primarily includes common shareholders’ equity and retained earnings, subject to certain regulatory adjustments and deductions, including with respect to goodwill, intangible assets, certain deferred tax assets, and AOCI.

Truist is required to describe its planned capital actions in its CCAR capital plan, but is no longer required to seek prior approval if it makes capital distributions in excess of those included in its CCAR capital plan. Instead, Truist is subject to automatic distribution limitations if its capital ratios fall below its buffer requirements, which include the SCB.

Truist is required to describe its planned capital actions in its CCAR capital plan but is not required to seek prior approval for capital distributions in excess of those included in its CCAR capital plan. Instead, Truist is subject to automatic restrictions on capital distributions if its capital ratios fall below applicable minimum requirements, inclusive of the SCB.

Regulatory and Supervisory Considerations We are subject to significant regulatory frameworks that affect the products and services that we may offer and the manner in which we may offer them, the risks that we may take, the ways in which we may operate, and the corporate and financial actions that we may take.

Regulatory and Supervisory Considerations We are subject to an extensive regulatory framework that affects the products and services that we may offer and the manner in which we may offer them, the risks that we may take, the ways in which we may operate, and the corporate and financial actions that we may take, including our ability to make distributions to shareholders.

This regulation includes phased compliance periods as well as attestation of compliance by certain Truist entities. Truist has undertaken significant efforts to comply with these laws and regulations and continues to assess their requirements and applicability to Truist.

This regulation includes phased compliance periods as well as annual attestations of compliance by these Truist entities. Truist has undertaken compliance activities to address these statutes and regulations and continues to assess their requirements and applicability to Truist.

If Truist receives such a notice and fails to submit a timely revised resolution plan or a revised resolution plan that fails to adequately address the deficiencies, the agencies could subject Truist to more stringent capital, leverage, or liquidity requirements, or restrictions on growth, activities, or operations.

If Truist were to receive such a notice and fail to timely submit a revised 165(d) Resolution Plan or adequately address the identified deficiencies, the agencies may subject Truist to formal or informal enforcement actions, including more stringent capital, leverage, or liquidity requirements or restrictions on growth, activities, or operations.

Stengel Senior Executive Vice President, Chief Legal Officer, and Head of Government Affairs Chief Legal Officer and Head of Government Affairs since December 2023. General Counsel at Ally Financial Inc. from May 2016 to December 2023. 1 53 Kristin Lesher Senior Executive Vice President and Chief Wholesale Banking Officer Chief Wholesale Banking Officer since February 2024.

General Counsel at Ally Financial Inc. from May 2016 to December 2023. 2 54 Kristin Lesher Senior Executive Vice President and Chief Wholesale Banking Officer Chief Wholesale Banking Officer since February 2024. Executive Vice President and Head of Commercial Banking Coverage at Wells Fargo from October 2021 to November 2023.

Under the regulatory capital rules, Truist’s and Truist Bank’s assets, exposures, and certain off-balance sheet items are subject to risk weights under the standardized approach used to determine the institutions’ risk-weighted assets.

Under the standardized approach of the regulatory capital rules that Truist and Truist Bank are required to use, risk weights are applied to their assets, exposures, and certain off-balance sheet items to determine their risk-weighted assets.

Although FHCs may engage in certain acquisitions of nonbank companies without prior approval of the FRB, any acquisition of a nonbank company or voting shares of a nonbank company with total consolidated assets of $10 billion or more would require prior approval of the FRB.

If certain conditions are met, FHCs may acquire shares of nonbank companies, with any acquisition of a nonbank company or voting shares of a nonbank company with total consolidated assets of $10 billion or more subject to the prior approval of the FRB.

The potential impacts on Truist and Truist Bank of a final rule remains uncertain. Refer to the “Capital” section in MD&A for disclosures containing the minimum regulatory capital ratios and well-capitalized minimum ratios applicable to Category III banking organizations.

Refer to the “Capital” section in MD&A for additional information on minimum regulatory capital ratios and well-capitalized minimum ratios applicable to Category III banking organizations.

Tier 1 capital is primarily comprised of CET1 capital, perpetual preferred stock, and certain qualifying capital instruments. • Total Risk-Based Capital Ratio, equal to the ratio of total capital, including CET1 capital, Tier 1 capital, and Tier 2 capital, to risk-weighted assets. Tier 2 capital primarily includes qualifying subordinated debt and qualifying ALLL.

Truist must maintain a minimum Tier 1 capital ratio of 6.0%. • Total Risk-Based Capital Ratio, equal to the ratio of total capital, including CET1 capital, Tier 1 capital, and Tier 2 capital, to risk-weighted assets. Tier 2 capital primarily includes qualifying subordinated debt and qualifying ALLL. Tier 2 capital also includes certain trust preferred securities.

The supplementary leverage ratio is calculated by dividing Tier 1 capital by total leverage exposure, which takes into account on-balance sheet assets as well as certain off-balance sheet items, including loan commitments and potential future exposure of derivative contracts. 8 Truist Financial Corporation The FRB has not yet revised the well-capitalized standard for BHCs to reflect capital requirements imposed under the Basel III Rules.

The information on our website is not incorporated by reference into this report. 18 Truist Financial Corporation Executive Officers Executive Officer Recent Work Experience Years of Service Age William H. Rogers, Jr. Chairman and Chief Executive Officer Chairman since March 2022. Chief Executive Officer since September 2021. President and Chief Operating Officer from December 2019 to September 2021.

Truist Financial Corporation 17 Table 3: Information about our Executive Officers Executive Officer Recent Work Experience Years of Service Age William H. Rogers, Jr. Chairman and Chief Executive Officer Chairman since March 2022. Chief Executive Officer since September 2021. President and Chief Operating Officer from December 2019 to September 2021. 45 68 Michael B.

The Company has recently made significant investments to develop its digital platform, including enhancements to its mobile and online applications to meet its clients’ digital expectations. Legislative, regulatory, economic, and technological changes, as well as continued consolidation within the industry, have resulted in increased competition from new and existing market participants, which is expected to continue in the future.

Legislative, regulatory, economic, and technological changes, as well as continued consolidation within the industry, have resulted in increased competition from new and existing market participants, which is expected to continue in the future.

In addition, the Parent Company’s ability to make capital distributions, including paying dividends and repurchasing shares, is subject to the FRB’s automatic restrictions on capital distributions under the FRB’s capital rules. Truist’s risk-based capital and leverage ratio requirements are discussed above in the “Capital Requirements” section.

In addition, a BHC’s ability to make capital distributions, including dividends and share repurchases, is subject to the FRB’s automatic restrictions on capital distributions if the BHC fails to maintain certain regulatory capital ratios. Truist’s risk-based capital and leverage ratio requirements are discussed above in the “Capital Requirements” section.

Previously SunTrust Chairman and Chief Executive Officer from January 2012 to December 2019. 44 67 Michael B. Maguire Senior Executive Vice President and Chief Financial Officer Chief Financial Officer since September 2022. Chief National Consumer Finance Services and Payments Officer from September 2021 to September 2022. Head of National Consumer Finance and Payments from December 2019 to August 2021.

Maguire Senior Executive Vice President and Chief Financial Officer Chief Financial Officer since September 2022. Chief National Consumer Finance Services and Payments Officer from September 2021 to September 2022. Head of National Consumer Finance and Payments from December 2019 to August 2021. 23 47 Brad Bender Senior Executive Vice President and Chief Risk Officer Chief Risk Officer since November 2024.

The federal consumer financial protection laws that are subject to the CFPB’s supervision and enforcement powers include, among others, the Truth in Lending Act, Truth in Savings Act, Home Mortgage Disclosure Act, Fair Credit Reporting Act, Electronic Funds Transfer Act, Real Estate Settlement Procedures Act, Fair Debt Collection Practices Act, and Equal Credit Opportunity Act.

Laws that the CFPB is charged with enforcing include the Truth in Lending Act, Truth in Savings Act, Home Mortgage Disclosure Act, Fair Credit Reporting Act, Electronic Funds Transfer Act, Real Estate Settlement Procedures Act, Fair Debt Collection Practices Act, and Equal Credit Opportunity Act.

These quantitative calculations prescribe minimum capital levels, and the FRB and FDIC may determine that a banking organization, based on its size, complexity, or risk profile, must maintain a higher level of capital to operate in a safe and sound manner.

These rules prescribe minimum capital levels and allow the FRB and the FDIC to impose incremental capital requirements on a banking organization based on its size, complexity, or risk profile to enhance its ability to operate in a safe and sound manner.

… 181 more changes not shown on this page.

Item 1A. Risk Factors

Risk Factors — what could go wrong, per management

246 edited+91 added−35 removed55 unchanged

2024 filing

2025 filing

Biggest changeTechnology Risks • The Company’s operating systems and infrastructure, as well as operational capabilities managed or supplied by third parties on whom we rely, could fail or be interrupted, which could disrupt the Company’s business and adversely impact the Company’s operations, financial condition, prospects, and reputation, and cause significant legal and financial exposure. • Truist is heavily reliant on technology, and a failure to effectively anticipate, develop, and implement new technology could negatively impact our financial results, business, operations, or security. • The Company faces risks associated with the quality, availability, and retention of key data for operational, strategic, regulatory, and compliance purposes. • The Company and its suppliers and service providers face a wide array of cybersecurity risks, which could result in the loss, alteration, or disclosure of confidential, proprietary, personal, and other sensitive information; adversely impact the Company’s operations, financial condition, prospects, and reputation; and cause significant legal and financial exposure.

Biggest changeTechnology and Data Risks • The Company’s applications, operating systems, and infrastructure, as well as operational capabilities managed or supplied by third parties on whom we rely, could fail or be interrupted, which could adversely impact the Company’s business, operations, financial condition, prospects, and reputation and cause significant legal and financial exposure. • Truist is heavily reliant on technology, and a failure to effectively anticipate, develop, and implement new or enhanced technology could negatively impact our financial results, business, operations, security, or ability to compete effectively. • The Company and its clients, suppliers, service providers, and other third parties face a wide array of cybersecurity risks, which could result in the loss, alteration, or disclosure of confidential, proprietary, personal, and other sensitive information; adversely impact the Company’s business, operations, financial condition, results of operations, prospects, and reputation; and cause significant legal and financial exposure. • The Company faces risks associated with the privacy, quality, availability, and retention of key data for operational, strategic, regulatory, and compliance purposes. • Truist faces substantial risks in safeguarding personal and other sensitive information, which may negatively impact the Company’s business, financial condition, results of operations, prospects, or reputation. • The use of AI in our products and services, as well as our business and the industry more broadly, may negatively impact our business, operations, financial condition, results of operations, prospects, and reputation.

Geopolitical conditions, including tensions in foreign relations of the U.S., the outbreak or escalation of hostilities between countries or within a country or region, and acts or threats of terrorism, could have an adverse effect on the global economy, financial markets, and on Truist’s business operations.

There can be no assurance we will be able to maintain our current ratings and outlooks. Truist’s failure to maintain credit ratings could adversely affect funding costs and increase the Company’s cost of capital. A ratings downgrade could affect the Company’s ability to attract or retain funding, including deposits from commercial and corporate clients.

There can be no assurance we will be able to maintain our current credit ratings and outlooks. Truist’s failure to maintain credit ratings could adversely affect funding costs and increase the Company’s cost of capital. A ratings downgrade could affect the Company’s ability to attract or retain funding, including deposits from commercial and corporate clients.

Additionally, actual or alleged misconduct by teammates, including unethical, fraudulent, improper, or illegal conduct, or unfair, deceptive, abusive, or discriminatory practices, can result in litigation, or government investigations and enforcement actions, and cause significant reputational harm to Truist, even if allegations are ultimately unsubstantiated.

Additionally, actual or alleged misconduct by teammates, including unethical, fraudulent, improper, or illegal conduct, or unfair, deceptive, abusive, or discriminatory practices, can result in litigation, government investigations, and enforcement actions and cause significant reputational harm to Truist, even if allegations are ultimately unsubstantiated.

Any of these potential outcomes could harm the Company’s business, results of operations, financial condition, prospects or reputation or could result in collateral or ancillary consequences. In addition, our exposure to legal and regulatory matters can be unpredictable and could, in some cases, exceed the Company’s accruals for those matters.

Any of these potential outcomes could harm the Company’s business, financial condition, results of operations, prospects, or reputation or could result in collateral or ancillary consequences. In addition, our exposure to legal and regulatory matters can be unpredictable and could, in some cases, exceed the Company’s accruals for those matters.

In addition, if one or more financial institutions are found to have violated a law or regulation relating to certain business activities, this could lead to investigations by regulators or other governmental agencies of the same or similar activities by other financial institutions, including Truist, and large fines and remedial measures that may have been imposed in resolving earlier investigations for the same or similar activities at other financial institutions may be used as the basis for future settlements.

In addition, if one or more financial institutions are found to have violated a law relating to certain business activities, this could lead to investigations by regulators or other governmental agencies of the same or similar activities by other financial institutions, including Truist, and large fines and remedial measures that may have been imposed in resolving earlier investigations for the same or similar activities at other financial institutions may be used as the basis for future settlements.

The levels of or changes in interest rates could adversely affect us beyond our net interest income, including by increasing the cost or decreasing the availability of deposits or other variable-rate funding instruments, reducing the yield on or demand for loans or increasing the prepayment speed of loans, increasing client or counterparty delinquencies or defaults, and reducing the value of our loans, retained interests in securitizations, and fixed-income securities in our investment portfolio and the efficacy of our hedging strategies.

Changes in interest rates could adversely affect us beyond our net interest income, including by increasing the cost or decreasing the availability of deposits or other variable-rate funding instruments, reducing the yield on or demand for loans or increasing the prepayment speed of loans, increasing client or counterparty delinquencies or defaults, and reducing the value of our loans, retained interests in securitizations, and fixed-income securities in our investment portfolio and the efficacy of our hedging strategies.

Acquisitions involve numerous risks and uncertainties, including inaccurate financial and operational assumptions, incomplete or failed due diligence, lower than expected performance, higher than expected costs, difficulties related to integration, diversion of management’s attention from other business activities, adverse market or other reactions, changes in relationships with clients or counterparties, the potential loss of key personnel, and the possibility of litigation and other disputes.

Acquisitions involve numerous risks and uncertainties, including inaccurate financial and operational assumptions, incomplete or failed due diligence, lower than expected performance or synergies, higher than expected costs, difficulties related to integration, diversion of management’s attention from other business activities, adverse market or other reactions, changes in relationships with clients or counterparties, the potential loss of key personnel, and the possibility of litigation and other disputes.

Pending or threatened legal proceedings and other matters may adversely affect the Company’s business, financial condition, results of operations, and reputation. In the ordinary course of its business, the Company is subject to lawsuits, claims, and formal and informal enforcement activity, including regulatory investigations, either directly or indirectly through our ownership interests in other entities.

Pending or threatened legal proceedings and other matters may adversely affect the Company’s business, financial condition, results of operations, prospects, and reputation. In the ordinary course of its business, the Company is subject to lawsuits, claims, and formal and informal enforcement activity, including regulatory investigations, either directly or indirectly through our ownership interests in other entities.

Net interest income is significantly affected by market rates of interest, which in turn are influenced by monetary and fiscal policies, general economic and market conditions, including heightened levels of inflation, the political and regulatory environments, business and consumer sentiment, competitive pressures, and expectations about the future, including future changes in interest rates and the frequency and timing of such changes.

Net interest income is significantly affected by market interest rates, which in turn are influenced by monetary and fiscal policies, general economic and market conditions, including inflation levels, the political and regulatory environments, business and consumer sentiment, competitive pressures, and expectations about the future, including future changes in interest rates and the frequency and timing of such changes.

If economic conditions deteriorate, the Company could see lower demand for loans by creditworthy clients, reducing the Company’s interest income. In addition, if unemployment levels increase or if real estate prices decrease, the Company could incur higher charge-offs and could incur higher expenses due to increased credit loss provisions.

If economic conditions deteriorate, the Company could see lower demand for loans by creditworthy clients, reducing the Company’s interest income. In addition, if unemployment or underemployment levels increase or if real estate prices decrease, the Company could incur higher charge-offs and could incur higher expenses due to increased credit loss provisions.

A fractious or volatile political environment in the U.S., including any related social unrest, could negatively impact business and market conditions, economic growth, financial stability, and business, consumer, investor, and regulatory sentiments, any one or more of which in turn could cause our business and financial results to suffer.

Instability in global economic conditions and geopolitical matters, as well as volatility in financial markets, could have an adverse effect on the Company’s results of operations and financial condition. In addition, disruptions in foreign relations of the U.S. could adversely affect industries and markets on which our business depends.

Instability in global economic conditions and geopolitical matters, as well as volatility in financial markets, could have an adverse effect on the Company’s results of operations, financial condition, business, and prospects. In addition, disruptions in foreign relations of the U.S. could adversely affect industries and markets on which our business depends.

Legislation and regulations on cybersecurity and data privacy, as well as related supervisory expectations, can compel us to enhance or modify our systems and infrastructure, invest in new systems and infrastructure, change our service providers, augment our scenario and vulnerability testing, and alter our business practices or our policies on security, data governance, and privacy.

Legislation and regulations on cybersecurity and data privacy, as well as related supervisory expectations, can compel us to enhance or modify our applications, systems, and infrastructure, invest in new applications, systems, and infrastructure, change our service providers, augment our scenario and vulnerability testing, and alter our business practices or our policies on security, data governance, and privacy.

These policies can: • Meaningfully influence the availability and demand for loans and deposits, the rates and other terms for loans and deposits, and the conditions in equity, fixed-income, currency, and other markets; • Significantly impact the cost of funds, as well as the return on assets, both of which can have an impact on interest income; • Adversely affect borrowers through higher debt servicing costs and potentially increase the risk they may fail to repay their loan obligations; and • Artificially inflate asset values during prolonged periods of accommodative policy, which could in turn cause volatile markets and rapidly declining collateral values during times of restrictive monetary and fiscal policies.

These policies can: • Meaningfully influence the availability and demand for loans and deposits, the rates and other terms for loans and deposits, and the conditions in equity, fixed-income, currency, and other markets; • Significantly impact the cost of funds and, the return on assets, both of which can have an impact on interest income; • Adversely affect borrowers through higher debt servicing costs and potentially increase the risk they may fail to repay their loan obligations; and • Artificially inflate asset values during prolonged periods of accommodative policy, which could in turn cause volatile markets and rapidly declining collateral values during times of restrictive monetary and fiscal policies.

Any third-party technology failure, other information or security breach, termination, or constraint could, among other things, adversely affect the Company’s ability to conduct transactions, service the Company’s clients, manage the Company’s exposure to risk, or expand the Company’s business.

Any third-party technology failure, other information or security breach, termination, or constraint could, among other things, adversely affect the Company’s ability to conduct transactions and other business, service the Company’s clients, manage the Company’s exposure to risk, or expand the Company’s business.

Actual legal and other costs arising from claims and legal actions may be greater than the Company’s accruals. Further, the Company may not have accruals for all legal proceedings where we face a risk of significant loss.

Actual legal and other costs arising from claims and legal actions may be greater than the Company’s accruals. Further, the Company may not have accruals for all claims and legal actions where we face a risk of significant loss.

In addition, third-party system breakdowns or failures, could affect their ability to deliver a product or service to the Company or result in lost or compromised information of the Company or its clients.

In addition, third-party breakdowns or failures could affect their ability to deliver a product or service to the Company or its clients or result in lost or compromised information of the Company or its clients.

Transition risks, including changes in consumer preferences, longer-term shifts in market dynamics, additional regulatory requirements or taxes, and additional counterparty or client requirements, could have an adverse impact on asset values and the financial performance of Truist’s businesses, and those of its clients, and could be exacerbated in specific industries that may be more sensitive or vulnerable to a transition to a low carbon economy.

Transition risks, including changes in consumer preferences, longer-term shifts in market dynamics, changes in or additional regulatory requirements or taxes, and additional counterparty or client requirements, could have an adverse impact on asset values and the financial performance of Truist’s businesses, and those of its clients, and could be exacerbated in specific industries that may be more sensitive or vulnerable to a transition to a lower-carbon economy.

Truist can be negatively affected if it fails to identify and address operational risks associated with the introduction of or changes to products, services, and delivery platforms.

Truist can be negatively affected if it fails to identify and address operational and compliance risks associated with the introduction of or changes to products, services, and delivery platforms.

Additionally, transitioning to a low-carbon economy will entail extensive policy, legal, technology, and market initiatives. Transition risks could result in the sudden devaluation of assets, increased costs for energy and operations, and therefore could have unforeseen and negative consequences on business models for us, our clients and other third parties.

Additionally, transitioning to a lower-carbon economy will entail extensive policy, legal, technology, and market initiatives. Transition risks could result in the sudden devaluation of assets, increased costs for energy and operations, and therefore could have unforeseen and negative consequences on business models for us, our clients, and other third parties.

Any cybersecurity breaches, attacks, and other similar incidents, including the compromise of personal information, could significantly harm Truist’s reputation, which could adversely affect the Company’s financial condition and results of operation. Negative public opinion could also result from heightened and differing stakeholder expectations regarding environmental and social considerations that may affect Truist and clients of Truist.

Any cybersecurity breaches, attacks, and other similar incidents, including the compromise of personal information, could significantly harm Truist’s reputation, which could adversely affect the Company’s financial condition and results of operations. Negative public opinion could also result from heightened and differing stakeholder expectations regarding environmental and social considerations that may affect Truist and clients of Truist.

Furthermore, any failure or perceived failure by the Company to comply with applicable data privacy, data protection, or cybersecurity laws, rules, or regulations may subject it to inquiries, examinations, and investigations that could result in requirements to modify or cease certain operations or practices, significant liabilities or regulatory fines, penalties, or other sanctions.

Furthermore, any failure or perceived failure by the Company to comply with applicable data privacy, data protection, or cybersecurity statutes, rules, or regulations may subject it to inquiries, examinations, and investigations that could result in requirements to modify or cease certain operations or practices, significant liabilities, or regulatory fines, penalties, or other sanctions.

The significant risks and uncertainties involved in divestitures may include: • the inability to sell such businesses or assets on satisfactory price and terms and in a timely manner, including potentially long and costly sales processes and unsuccessful attempts by a buyer to receive required regulatory approvals, satisfy other conditions to closing, or obtain equity or debt financing in order to satisfy its payment obligations related to the transaction, • disruption to other parts of our business and distraction of management, • loss of key teammates or clients, • exposure to contingencies, including, among other things, those arising from representations and warranties made to a buyer regarding the businesses being sold, or • ongoing obligations to support the businesses following such divestitures, including through transition services arrangements, and other adverse financial impacts.

The significant risks and uncertainties involved in divestitures may include: • the inability to sell such businesses or assets at satisfactory prices and terms and in a timely manner, including potentially long and costly sales processes and unsuccessful attempts by a buyer to receive required regulatory approvals, satisfy other conditions to closing, or obtain equity or debt financing in order to satisfy its payment obligations related to the transaction, • disruption to other parts of our business and distraction of management, • loss of key teammates or clients, • exposure to contingencies, including, among other things, those arising from representations and warranties made to a buyer regarding the businesses being sold, or • ongoing obligations to support the businesses following such divestitures, including through transition services arrangements, and other adverse financial impacts.

These perceptions about us could cause our business to be negatively affected and exacerbate the other risks that we face.

These perceptions about us could cause our business and operations to be negatively affected and exacerbate the other risks that we face.

The Company may not be successful in introducing new products and services in response to industry trends or developments in technology or those new products may not achieve market acceptance. Truist also competes with nonbank companies and, in some cases, with companies other than those traditionally considered financial sector participants.

The Company may not be successful in introducing new products and services in response to industry trends or developments in technology or those new products may not achieve market acceptance. 36 Truist Financial Corporation Truist also competes with nonbank companies and, in some cases, with companies other than those traditionally considered financial sector participants.

When Truist launches a new product or service, introduces a new platform for the delivery or distribution of products or services (including mobile connectivity, electronic trading and cloud computing), acquires or invests in a business or makes changes to an existing product, service or delivery platform, it may not fully appreciate or identify new operational risks that may arise from those changes, or may fail to implement adequate controls to mitigate the risks associated with those changes.

When Truist launches a new product or service (including digital offerings), introduces a new platform for the delivery or distribution of products or services (including mobile connectivity, electronic trading, and cloud computing), acquires or invests in a business or makes changes to an existing product, service, or delivery platform, it may not fully appreciate or identify new operational and compliance risks that may arise from those changes or may fail to implement adequate controls to mitigate the risks associated with those changes.

Climate change could also present incremental risks to the execution of the Company’s long-term strategy. While material impact from climate change is expected to occur over a longer time horizon, the acceleration of a transition to a low-carbon economy could present idiosyncratic risks for individual companies.

Climate change could also present incremental risks to the execution of the Company’s long-term strategy. While material impact from climate change is expected to occur over a longer time horizon, the acceleration of a transition to a lower-carbon economy could present idiosyncratic risks for individual companies.

The macroeconomic environment in the U.S. is susceptible to geopolitical events and volatility in financial markets. For example, trade and other negotiations between the U.S. and other nations remain uncertain and could adversely impact economic and market conditions for the Company and its clients and counterparties.

A failure to detect, prevent, and address fraud could result in financial loss to the Company or its clients, loss of confidence in the Company’s security measures, client dissatisfaction, litigation exposure, regulatory investigations, fines, penalties or intervention, reimbursement, or other compensatory costs (including the costs of credit monitoring services), additional compliance costs, and harm to the Company’s reputation, all of which could adversely affect the Company.

A failure to detect, prevent, and address fraud has in the past and could in the future result in financial loss to the Company or its clients, loss of confidence in the Company’s security measures, client dissatisfaction, litigation exposure, regulatory investigations, fines, penalties or intervention, reimbursement, or other compensatory costs (including the costs of credit monitoring services), additional compliance costs, and harm to the Company’s reputation, all of which could adversely affect the Company.

Complying with the laws, rules, and regulations applicable to the Company’s disclosure, collection, use, sharing, storage, and other processing of personal information can increase operating costs, impact the development of new products or services, and reduce operational efficiency.

Complying with the statutes, rules, and regulations applicable to the Company’s disclosure, collection, use, sharing, storage, and other processing of personal information can increase operating costs, impact the development of new products or services, and reduce operational efficiency.

Truist will likely be subject to new and evolving data privacy, data protection, and cybersecurity laws, rules, and regulations in the U.S. and abroad, which could result in additional costs of compliance, litigation, regulatory fines, and enforcement actions.

Truist will likely be subject to new and evolving data privacy, data protection, and cybersecurity statutes, rules, and regulations in the U.S. and abroad, which could result in additional costs of compliance, litigation, regulatory fines, and enforcement actions.

Our use of third-party service providers exposes us to the risk that such third parties may not comply with their servicing and other contractual obligations and to the risk that we may not satisfy applicable regulatory responsibilities regarding the management and oversight of third parties.

Our use of third-party service providers exposes us to the risk that such third parties may not comply with their contractual obligations to us and to the risk that we may not satisfy applicable regulatory responsibilities regarding the management and oversight of third parties.

These conditions may adversely affect not only consumer borrowers but also commercial and industrial and commercial real estate borrowers, especially for those businesses that rely on the health of industries or properties that may suffer from deteriorating economic conditions. The ability of these borrowers to repay their loans may be reduced, causing the Company to incur higher credit losses.

These conditions may adversely affect not only consumer borrowers but also commercial and industrial and commercial real estate borrowers, especially for those businesses reliant on industries or properties that suffer from deteriorating economic conditions. The ability of these borrowers to repay their loans may be reduced, causing the Company to incur higher credit losses.

In some cases, the Company could be required to apply a new or revised standard retroactively, resulting in the restatement of prior period financial statements. 38 Truist Financial Corporation Depressed market values for the Company’s stock and adverse economic conditions sustained over a period of time may require the Company to write down all or some portion of the Company’s goodwill.

In some cases, the Company could be required to apply a new or revised standard retroactively, resulting in the restatement of prior period financial statements. Depressed market values for the Company’s stock and adverse economic conditions sustained over a period of time may require the Company to write down all or some portion of the Company’s goodwill.

That scrutiny has in some cases resulted in, and could in the future lead to, the adoption of stricter laws, rules, and regulations relating to the disclosure, collection, use, sharing, storage, and other processing of personal information.

That scrutiny has in some cases resulted in, and could in the future lead to, the adoption of stricter statutes, rules, and regulations relating to the disclosure, collection, use, sharing, storage, and other processing of personal information.

If assumptions or estimates underlying the Company’s financial statements are incorrect or are adjusted periodically, the Company may experience material losses. Management has identified certain accounting policies as being critical because they require management’s judgment to ascertain the valuations of assets, liabilities, commitments, and contingencies.

If assumptions or estimates underlying the Company’s financial statements are incorrect or are adjusted periodically, the Company may experience material losses. 38 Truist Financial Corporation Management has identified certain accounting policies as being critical because they require management’s judgment to ascertain the valuations of assets, liabilities, commitments, and contingencies.

Our net interest income has in the past been adversely affected and could in the future be adversely affected by policies, laws, and events that have the effect of flattening or inverting the yield curve (that is, the difference between long-term and short-term interest rates), depressing the interest rates associated with our earning assets to levels near the rates associated with our interest expense, increasing the volatility of market rates of interest, including the rate of change, or changing the spreads among different interest rate indices.

Our net interest income and other financial results have been in the past and could be in the future adversely affected by policies, laws, and events that have the effect of flattening or inverting the yield curve (that is, the difference between long-term and short-term interest rates), depressing the interest rates associated with our earning assets to levels near the rates associated with our interest expense, increasing the volatility of market rates of interest, including the rate of change, or changing the spreads among different interest rate indices.

Certain of our investment securities, notably MBS, are sensitive to changes in rates. Generally, when rates rise, market values will decline, prepayments of principal will decrease and the duration of MBS will increase. Conversely, when rates fall, market values will rise, prepayments of principal will increase and the duration of MBS will decrease.

Moreover, as the risks that we face continue to evolve, despite our ongoing efforts to improve the design and implementation of our risk-management framework, those efforts may not be adequate or effective.

Moreover, as the risks we face continue to evolve, despite our ongoing efforts to improve the design and implementation of our risk framework, those efforts may not be adequate or effective.

The Company’s credit risk and credit losses can increase if the Company’s loans are concentrated in borrowers engaged in the same or similar activities or in borrowers who as a group may be uniquely or disproportionately affected by economic conditions or market conditions, including as a result of climate change or natural disasters.

The Company’s credit risk and credit losses can increase if the Company’s loans are concentrated in borrowers engaged in the same or similar activities or in borrowers who as a group may be uniquely or disproportionately affected by economic or market conditions, including as a result of climate change or natural disasters or their particular industries.

Technology Risks The Company’s operating systems and infrastructure, as well as operational capabilities managed or supplied by third parties on whom we rely, could fail or be interrupted, which could disrupt the Company’s business and adversely impact the Company’s operations, financial condition, prospects, and reputation, and cause significant legal and financial exposure.

Technology and Data Risks The Company’s applications, operating systems, and infrastructure, as well as operational capabilities managed or supplied by third parties on whom we rely, could fail or be interrupted, which could adversely impact the Company’s business, operations, financial condition, prospects, and reputation and cause significant legal and financial exposure.

The financial system is highly interrelated, and financial or systemic shocks or the failure of even a single financial institution or other participant in the financial system could adversely impact us. Adverse developments affecting the overall strength and soundness of other financial institutions, the financial services industry as a whole, the macroeconomic climate, and the U.S.

Truist Financial Corporation 25 The financial system is highly interrelated, and financial or systemic shocks or the failure of even a single financial institution or other participant in the financial system could adversely impact us. Adverse developments affecting the overall strength and soundness of other financial institutions, the financial services industry as a whole, the macroeconomic climate, and the U.S.

Truist is subject to supervision, regulation, and examination by regulators, including the FRB, FDIC, NCCOB, SEC, CFTC, CFPB, FINRA, MSRB, NFA, and various other federal and state regulatory agencies.

Truist is subject to supervision, regulation, and examination by the FRB, the FDIC, the NCCOB, the SEC, the CFTC, the CFPB, FINRA, the MSRB, the NFA, and various other federal and state regulatory agencies.

As servicer for loans, the Company has certain contractual obligations to the securitization trusts, investors, or other third parties, including foreclosing on defaulted loans or, to the extent consistent with the applicable securitization or other investor agreement, considering alternatives to foreclosure such as loan modifications or short sales.

As servicer for loans, the Company has certain contractual obligations to the securitization trusts, investors, or other third parties, including foreclosing on collateral that secure defaulted loans or, to the extent consistent with the applicable securitization or other investor agreement, considering alternatives to foreclosure such as loan modifications or short sales.

Any mishandling or misuse of personal information by the Company or a third-party affiliated with the Company could expose the Company to litigation or regulatory fines, penalties, or other sanctions.

Any mishandling or misuse of personal information by the Company or a third party affiliated with the Company could expose the Company to reputational damage, litigation, or regulatory fines, penalties, or other sanctions.

In addition, the Company’s business could be adversely impacted by a significant operational breakdown or failure, theft, fraud, or other unlawful conduct, or other negative outcomes caused by human error or misconduct by a teammate of Truist or a teammate of another party on which Truist’s operations depend.

This enforcement and supervisory authority includes, among other things, the ability to assess significant civil or criminal monetary penalties, fines, or restitution; to issue cease and desist or removal orders; to issue formal and informal enforcement orders; and to initiate injunctive actions against banking organizations and institution-affiliated parties.

This enforcement and supervisory authority includes the ability to assess significant civil or criminal monetary penalties, fines, or restitution; to issue cease and desist or removal orders; to issue formal and informal enforcement orders; and to initiate injunctive actions against banking organizations and institution-affiliated parties.

In addition, we may not have adequate insurance coverage to compensate for losses from any of the foregoing, our existing insurance coverage may not continue to be available on acceptable terms or at all, and our insurers may deny coverage as to any future claims. In addition, cybersecurity and data-privacy risks have received heightened legislative, regulatory, and supervisory attention.

In addition, the Company may not have adequate insurance coverage to compensate for losses from any of the foregoing, its existing insurance coverage may not continue to be available on acceptable terms or at all, and its insurers may deny coverage as to any future claims. Cybersecurity and data-privacy risks have received heightened legislative, regulatory, and supervisory attention.

In addition, the public perception that a cyberattack on the Company’s systems has been successful, whether or not this perception is correct, may damage the Company’s reputation with clients and third parties with whom the Company does business.

In addition, the public perception that a cyber-attack on the Company’s systems has been successful, whether or not this perception is correct, may damage the Company’s reputation with clients and third parties with whom the Company does business.

An inability to satisfy other conditions necessary to consummate an acquisition transaction, such as third-party litigation, a judicial order blocking the transaction, or lack of shareholder approval, could also prevent the Company from completing an announced acquisition. In addition, we may decide to divest certain businesses or assets.

An inability to satisfy other conditions necessary to consummate an acquisition transaction, such as third-party litigation, a judicial order blocking the transaction, or lack of shareholder approval, could also prevent the Company from completing an announced acquisition. Truist Financial Corporation 37 In addition, we may decide to divest certain businesses or assets.

Truist has significant operations and clients along the Gulf and Atlantic coasts as well as other regions of the U.S., which could be adversely impacted by hurricanes, wildfires, flooding, tornadoes, and other severe weather in those areas.

The regulatory and supervisory framework applicable to banking organizations is intended primarily for the protection of depositors and other customers, the DIF, the broader economy, and the stability of the U.S. financial system, rather than for the protection of shareholders and non-deposit creditors.

The regulatory and supervisory framework applicable to banking organizations is intended primarily for the protection of depositors and other customers, the DIF, and the role and stability of the U.S. financial system, rather than for the protection of shareholders and non-deposit creditors.

In deciding whether to extend credit or enter into other transactions with clients and counterparties, Truist relies on the completeness and accuracy of representations made by and information furnished by or on behalf of clients and counterparties, including financial statements and other financial information.

Additionally, in deciding whether to extend credit or enter into other transactions with clients and counterparties, the Company relies on the completeness and accuracy of representations made by and information furnished by or on behalf of clients and counterparties, including financial statements and other financial information.

Changes in stock or fixed income market prices or client preferences could affect the trading activity of investors, reducing commissions and other fees earned from the Company’s brokerage business. Poor economic conditions and volatile or unstable financial markets would likely adversely affect the Company’s financial advisory and capital markets-related businesses.

Changes in stock or fixed income market prices or client preferences could affect investor trading activity, reducing commissions and other fees earned from the Company’s brokerage businesses. Poor economic conditions and volatile or unstable financial markets would likely adversely affect the Company’s financial advisory and capital markets-related businesses.

Additionally, a downgrade to Truist’s credit ratings might also adversely impact the Company’s ability to conduct derivatives business with certain clients and counterparties and could trigger obligations to make cash or collateral payments to certain clients and counterparties.

Additionally, a downgrade to Truist’s credit ratings may adversely impact the Company’s ability to conduct derivatives business with certain clients and counterparties and could trigger obligations to make cash or collateral payments to certain clients and counterparties.

Our efforts to identify, measure and monitor reputational risk and communicate, internally and externally, such risks to key stakeholders, may be ineffective, untimely, or otherwise result in adverse effects on the Company.

Our efforts to identify, measure, and monitor brand and stakeholder risk and communicate, internally and externally, such risks to key stakeholders may be ineffective, untimely, or otherwise result in adverse effects on the Company.

Talent Management Risks We could be harmed by an inability to attract, develop, retain, and motivate qualified teammates while effectively managing recruiting and compensation costs amid highly competitive and rapidly changing market conditions.

We could be harmed by an inability to attract, develop, retain, and motivate qualified teammates while effectively managing recruiting and compensation costs amid highly competitive and rapidly changing market conditions.

This would increase the Parent Company’s reliance on capital markets at a time when credit spreads and funding costs are likely elevated due to the stress impacting the Bank and would also impair the Parent Company’s ability to serve as a source of strength to its subsidiaries.

This would increase the Parent Company’s reliance on capital markets and other wholesale funding at a time when credit spreads and funding costs are likely to be elevated due to the stress impacting Truist Bank and would also impair the Parent Company’s ability to serve as a source of strength to its subsidiaries.

Truist cannot be certain that it will receive timely notification of such incidents or be able to exert any meaningful control or influence over how and when they are addressed. The Company’s ability to conduct business may be adversely affected by any such significant disruptions to third parties with whom the Company interacts or relies upon.

Truist cannot be certain that it will receive timely notification of such incidents or be able to exert any meaningful control or influence over how and when they are addressed. The Company’s ability to conduct its business and operations may be adversely affected by these kinds of disruptions to third parties whom the Company interacts with or relies upon.

These companies generally are not subject to the same regulatory oversight as main street financial institutions and may accordingly realize certain cost strategies and offer products and services at more favorable rates and with greater convenience to the client. This competition could result in the loss of clients and revenue in areas where fintechs are operating.

These companies generally are not subject to the same regulatory oversight as main street financial institutions and may accordingly realize certain cost efficiencies and offer bank and bank-like products and services at more favorable rates and with greater convenience to the client. This competition could result in the loss of clients, deposits, and revenue in areas where fintechs are operating.

Changes in monetary and fiscal policies, including those established by the FRB and other central banks, and uncertainty concerning the future path of interest rates, government shutdowns, debt ceilings or funding for the government, and tariffs and other trade policies, can cause volatility in the financial markets and adversely affect our business and operations—for example, the conditions for commercial and consumer lending, the creditworthiness of our clients, the cost of our deposits and other interest-bearing liabilities, and the yield on our earning assets.

Changes in monetary and fiscal policies, including monetary policies established by the Federal Reserve System and other central banks, and uncertainty concerning the future path of interest rates, government shutdowns, debt ceilings or funding for the government, and tariffs and other trade policies can cause dislocations and volatility in the financial markets and adversely affect our business and operations—including, for example, the conditions for commercial and consumer lending, the creditworthiness of our clients, the cost of our deposits and other interest-bearing liabilities, and the yield on our earning assets.

Liquidity Risks • Our inability to retain and grow deposits or a change in deposit costs or mix could negatively impact our funding strategy and financial results. • Truist’s liquidity could be impaired by an inability to access short-term funding, an unforeseen outflow of cash, or an inability to monetize liquid assets. • A disruption in our access to the mortgage secondary market and GSEs for liquidity could negatively affect us. • The Company’s cost of funding or access to the banking and capital markets could be adversely affected if our credit ratings are downgraded or otherwise fail to meet investor expectations. • The Parent Company could have less access to funding sources and its liquidity could be constrained if the Bank becomes unable to pay dividends. • The financial system is highly interrelated, and financial or systemic shocks or the failure of even a single financial institution or other participant in the financial system could adversely impact us.

Liquidity Risks • Our inability to retain and grow deposits or a change in deposit costs or mix could negatively impact our funding strategy and financial results. • Truist’s liquidity could be impaired by an inability to access short-term funding, an unforeseen outflow of cash, or an inability to monetize liquid assets. • A disruption in our access to the mortgage secondary market and GSEs for liquidity could negatively affect us. • The Company’s cost of funding or access to the banking and capital markets could be adversely affected if our credit ratings are downgraded or otherwise fail to meet investor expectations. • The Parent Company relies on dividends from Truist Bank for its liquidity needs, the payment of which is limited by statutes and regulations, and the Parent Company could have less access to funding sources and its liquidity could be constrained if Truist Bank becomes unable to pay dividends. • The financial system is highly interrelated, and financial or systemic shocks or the failure of even a single financial institution or other participant in the financial system could adversely impact us.

In addition, the bank failures in 2023 focused market attention on the industry’s interest rate and deposit risks due to rapidly rising interest rates, which, among other things, resulted in unrealized losses on longer duration securities and loans held by banks.

In addition, the large bank failures in 2023 focused market attention on the industry’s interest rate and deposit risks due to rapidly rising interest rates in an inflationary environment, which, among other things, resulted in unrealized losses on longer duration securities and loans held by banks.

No assurance can be given that applicable statutes, regulations, and other laws will not be amended or construed differently, that new laws will not be adopted, or that any of these laws will not be enforced more aggressively, including as a result of changes to control of branches of the U.S. government.

No assurance can be given that applicable laws and policies will not be amended or construed differently, that new laws and policies will not be adopted, or that any of these laws and policies will not be enforced more aggressively, including as a result of changes to control of branches of the U.S. government.

For example, some of the Company’s methods of identifying and managing risk are based upon the Company’s use of observed historical market behavior and management’s judgment. These methods may not accurately predict future exposures, which could be significantly greater than historical measures indicate.

For example, some of the Company’s methods of identifying, assessing, monitoring, and mitigating risk are based upon the Company’s use of observed market behavior and management’s judgment. These methods may not accurately predict future exposures, which could be significantly greater than historical measures indicate.

In addition, to access the Company’s systems, networks, products, and services, the Company’s clients and other third parties may use personal mobile devices or computing devices that are outside of the Company’s control and network environments.

To access the Company’s systems, networks, products, and services, the Company’s clients and other third parties may use personal devices or other computing devices that are outside of the Company’s control and network environments.

Therefore, the Company cannot ensure that the cybersecurity measures they take will be sufficient to protect information the Company shares with them or prevent disruption arising from a cyberattack.

Therefore, the Company cannot ensure that the cybersecurity measures they take will be sufficient to protect information the Company shares with them or prevent disruption arising from a cyber-attack.

For example, Truist is subject to a requirement to submit capital plans to the Federal Reserve for review that include, among other things, projected dividend payments and repurchases of capital stock.

For example, Truist is subject to a requirement to submit capital plans to the FRB for review that include, among other things, projected dividend payments and repurchases of capital stock.

Truist Financial Corporation 31 Requirements to maintain specified levels of capital and liquidity and regulatory expectations as to the quality of the Company’s capital and liquidity may prevent the Company from taking advantage of opportunities in the best interest of shareholders or force the Company to take actions contrary to their interests.

Requirements to maintain specified levels of capital and liquidity and regulatory expectations as to the quality of the Company’s capital and liquidity may prevent the Company from taking advantage of opportunities in the best interest of shareholders or force the Company to take actions contrary to their interests.

In addition, our ability to maintain, grow, or favorably price deposits may be constrained by gaps in our product and service offerings, changes in consumer trends, our scale relative to other financial institutions, competition from fintech companies and emerging financial-services providers, any failures or deterioration in our client service, or any loss of confidence in our brand or our business.

Our ability to maintain, grow, or favorably price deposits also may be constrained by gaps in our product and service offerings, changes in client trends, our scale relative to other financial institutions, competition from financial technology companies and emerging financial-services providers, any failures or deterioration in our client service, or any loss of confidence in our brand or our business.

The restrictions imposed by any of these actions could have an adverse effect on our operations, strategy, profitability, and reputation. Truist has elected to be treated as an FHC, which permits us to engage in a number of financial and related activities beyond banking, including securities, advisory, and merchant banking activities.

The restrictions imposed by any of these actions could have an adverse effect on our strategy, profitability, and reputation. Truist has elected to be treated as an FHC, which permits us to engage in a number of financial and related activities beyond banking such as securities underwriting and merchant banking.

Proposals have been presented to reform the housing finance market in the U.S., including the role of the GSEs in the housing finance market. The extent and timing of any such regulatory reform of the housing finance market and the GSEs, as well as any effect on the Company’s business and financial results, are uncertain.

Proposals are presented from time to time to reform the housing finance market in the U.S., including the role of the GSEs in the housing finance market. The extent and timing of any such regulatory reform of the housing finance market and the GSEs, as well as any effect on the Company’s business and financial results, are uncertain.

Credit Risks • The Company is subject to credit risk, and the Company’s allowance for credit losses may not be adequate to cover realized and future losses. • The Company could have more credit risk and higher credit losses if our underwriting standards and practices are inadequate, we adopt more liberal underwriting standards for competitive or other reasons, or our concentration and other risk limits are not well calibrated. • The Company may suffer losses if the value of collateral declines in weak, deteriorating, or stressed economic or market conditions.

Credit Risks • The Company is subject to credit risk, and the Company’s allowance for credit losses may not be adequate to cover realized and future losses. • The Company could have more credit risk and higher credit losses if our underwriting standards and practices are inadequate, we adopt more liberal underwriting standards for competitive or other reasons, information provided to us by clients and counterparties is inaccurate, or our concentration and other risk limits are not well-calibrated. • The Company may suffer losses if the value of collateral declines in weak, deteriorating, or stressed economic or market conditions.

The fair value of a reporting unit is impacted by the reporting unit’s expected financial performance and susceptibility to adverse economic, regulatory, and legislative changes.

The fair value of a reporting unit is impacted by, among other factors, the reporting unit’s expected financial performance and susceptibility to adverse economic, regulatory, and legislative changes.

In addition, Truist’s clients, regulators, and other third parties, including other financial services institutions and companies engaged in data processing, have been subject to and will continue to be the target of cyberattacks and other similar incidents.

In addition, Truist’s clients, regulators, and other third parties, including other financial institutions and companies engaged in data processing, have been subject to and will continue to be the target of cyber-attacks and similar incidents.

The financial services industry has faced and may continue to face a stricter and more aggressive enforcement of laws at federal, state, and local levels—particularly in connection with business and other practices that may harm or appear to harm consumers or affect the financial system more broadly. Truist expects to remain subject to extensive regulation and supervision.

The financial services industry also has faced and may continue to face varying degrees of enforcement of laws at federal, state, and local levels—particularly in connection with business and other practices that may harm or appear to harm consumers or affect the financial system more broadly. Truist expects to remain subject to extensive regulation and supervision.

Responding to inquiries, investigations, lawsuits, and other proceedings is time-consuming and expensive and can divert senior management attention from Truist’s business. The outcome of any such legal proceedings, as well as the timing of any ultimate resolutions, may be difficult to predict or estimate.

Responding to inquiries, investigations, lawsuits, and other proceedings is time-consuming and expensive and can divert management attention from Truist’s business and operations. The outcome of any claims and legal actions, as well as the timing of any ultimate resolutions, may be difficult to predict or estimate.

A prolonged period of slow growth in the U.S. economy as a whole or in any regional markets that Truist serves, or any deterioration in economic conditions or the financial markets, may disrupt or dampen the economy, which could adversely affect the Company’s financial condition and results.

Any prolonged period of slow growth in the U.S. economy as a whole or in any regional markets that Truist serves, or any deterioration in economic conditions or the financial markets, may disrupt or dampen the economy, which has in the past and may in the future adversely affect the Company’s business, financial results, and financial condition.

Our use of systems and other technologies also depends on rights or interests in the underlying intellectual property, which we or our service providers may own or license.

Truist Financial Corporation 27 Our use of systems and other technologies also depends on rights or interests in the underlying intellectual property, which we or our service providers may own or license.

… 292 more changes not shown on this page.

Item 1C. Cybersecurity

Cybersecurity — threats and controls disclosure

25 edited+9 added−7 removed0 unchanged

2024 filing

2025 filing

Biggest changeOur Cyber Incident Response Team is responsible for identifying, triaging, and containing cybersecurity threats and incidents, including, to the extent possible, those experienced by third-party service providers. Incidents with potential for higher impacts are routed to an enterprise response function that coordinates the response activities across impacted resource groups and business stakeholders.

Biggest changeIncidents with potential for higher impacts are routed to an enterprise response function that coordinates response activities across impacted resource groups and business stakeholders. Through this structure, Truist manages its cybersecurity, business, and legal obligations, including escalation to executive management and the Board, as appropriate, client and regulatory notifications, and remediation activities.

Our CRO previously served as our interim CIO and has more than 20 years of banking experience spanning a variety of roles in both the commercial and consumer segments, including credit risk, portfolio risk management, model management, acquisition integrations, technology, and vertically integrated operations for revenue producing businesses, including leading operational services across Truist for deposits, payments, credit card, capital markets, consumer and wholesale lending, fraud, and care centers across all products.

Our CRO previously served as our interim CIO and has more than 20 years of banking experience spanning a variety of roles in both the commercial and consumer segments, including experience with credit risk, portfolio risk management, model management, acquisition integrations, technology, and vertically integrated operations for revenue producing businesses, including leading operational services across Truist for deposits, payments, credit card, capital markets, consumer and wholesale lending, fraud, and care centers across all products.

Truist’s cybersecurity teams that implement the Information Security Program and the risk partners who oversee the program leverage these committees to report on and escalate current or emerging cybersecurity risks or other changes in the business environment which could affect Truist’s risk profile or control environment.

Truist’s cybersecurity teams that implement the Corporate Information Security Program and the risk partners who oversee the program leverage these committees to report on and escalate to the ERC current or emerging cybersecurity risks or other changes in the business environment which could affect Truist’s risk profile or control environment.

These policies, procedures, and technologies cover a broad range of areas, including identification of internal and external threats, access control, data security, protective controls, detection of malicious or unauthorized activity, incident response, and recovery planning.

These policies, procedures, and technologies cover a broad range of topics, including identification of internal and external threats, access control, data security, protective controls, detection of malicious or unauthorized activity, incident response, and recovery planning.

The primary management committees involved in Truist’s Information Security Program are the Enterprise Technology Risk Committee and the Technology Risk Oversight Committee, each of which is a sub-committee of the ERC.

The primary management committees involved in Truist’s Corporate Information Security Program are the Enterprise Technology Risk Committee and the Information Risk Committee, each of which is a sub-committee of the ERC.

Following an initial assessment of the level of enterprise risk potentially posed by use of the third party, the service provider is then subject to further risk-based assessments on its operational resilience and cybersecurity practices, including disaster recovery and business continuity plans that specify the time frame to resume activities and recover data.

Following an initial assessment of the level of enterprise risk potentially posed by use of the third party, the service provider is then subject to further risk-based assessments of its operational resilience and cybersecurity practices, including disaster recovery and business continuity plans that specify the timeframe to resume activities and recover data.

In addition, as a key part of the Company’s Information Security Program, Truist participates in the federally recognized Financial Services Information Sharing and Analysis Center, as well as other industry organizations and initiatives that promote industry best practices, such as harmonized cybersecurity standards, cyber readiness, and secure consumer financial data sharing.

In addition, as a key part of our Corporate Information Security Program, Truist participates in the federally recognized Financial Services Information Sharing and Analysis Center, as well as other industry organizations and initiatives that promote industry best practices, such as harmonized cybersecurity standards, cybersecurity readiness, and secure consumer financial data sharing.

Our cybersecurity framework strategy, which is overseen by the interim CISO, is informed by various risk and control assessments, control testing, external assessments, threat intelligence, and public and private information sharing. In addition, various management committees assess and manage Truist’s cybersecurity risks. These committees promote visibility and awareness of cybersecurity risks and drive action and escalation as needed.

Our cybersecurity strategy, which is overseen by the CSO, is informed by various risk and control assessments, control testing, external assessments, threat intelligence, and public and private information sharing. In addition, various management committees identify, assess, monitor, and mitigate Truist’s cybersecurity risks. These committees promote visibility and awareness of cybersecurity risks and drive action and escalation as needed.

The CIO’s direct reports have on average over 20 years of experience with technology management and information security at financial institutions, including in the areas of governance, operations, application and data protection, access management, and business information security.

Our CIO’s direct reports average more than 20 years of experience with technology management and information security at financial institutions, including expertise in the areas of governance, operations, application and data protection, access management, and business information security.

The Information Security Program is designed to assess, identify, and manage risks arising from the cybersecurity threats facing Truist. Truist maintains cybersecurity and information security policies, procedures, and technologies that are intended to protect our clients’, teammates’ and our own data against unauthorized disclosure, modification, and misuse.

Processes for identifying, assessing, monitoring, and mitigating material risks from cybersecurity threats Our Corporate Information Security Program is designed to identify, assess, monitor, and mitigate risks arising from cybersecurity threats facing Truist. Truist maintains cybersecurity and information security policies, procedures, and technologies that are intended to protect our clients’, teammates’, and our own data against unauthorized disclosure, modification, and misuse.

As discussed in more detail in the “Risk Management” section of Part II, Item 7, the ERC is a cross-functional executive forum to promote awareness and dialogue on risk matters across the enterprise, including cybersecurity risks, oversee the execution of risk program requirements and sound risk management activities, and enact delegated decision-making authority and oversight routines from the BRC.

The ERC is a cross-functional executive committee to promote awareness and dialogue on risks across the enterprise, including cybersecurity risks, oversee the execution of risk program requirements and sound risk management activities, and enact delegated decision-making authority and oversight routines from the BRC. Our CRO and CIO are members of the ERC.

Our CIO has over 25 years of experience leading technology teams at financial institutions, including in the areas of application development, infrastructure, information technology strategy, risk management, and information security. Following the departure of our CISO in November 2024, the CIO is serving as our interim CISO while our search for a permanent CISO continues.

Our Information Security Program also includes processes for escalating and considering the materiality of incidents that impact Truist, including escalation to executive management and the Board, which are periodically tested through tabletop exercises to assess Truist’s preparedness.

These senior officers are responsible for identifying, assessing, monitoring, and mitigating Truist’s cybersecurity risks. Our Corporate Information Security Program also includes processes for escalating and assessing the severity of cybersecurity incidents, including escalation to executive management and the Board, which are periodically tested through tabletop exercises to assess Truist’s preparedness.

Our CRO and CIO are members of the ERC. The interim CISO provides updates at every ERC meeting on cybersecurity and information security risk. The Enterprise Technology Risk Committee provides business unit oversight of key management activities, including the Company’s Information Security Program.

The CSO provides periodic updates at ERC meetings on cybersecurity and information security risk. Oversight of key risk management activities is provided by both the Enterprise Technology Risk Committee at the business-unit level, including the Company’s Corporate Information Security Program, and the Information Risk Committee at the enterprise level.

Our Information Security Program is assessed periodically to test the effectiveness of key controls through cybersecurity maturity measurements, technology risk oversight, compliance risk management testing and monitoring, internal audit review, and regulatory oversight. In addition, Truist maintains disaster recovery plans that are reviewed, modified, and approved annually.

In our agreements with third-party service providers, Truist also generally requires service providers to adhere to our cybersecurity and operational resilience standards. Truist Financial Corporation 43 Our Corporate Information Security Program is assessed periodically to test the effectiveness of key controls through cybersecurity maturity measurements, technology risk oversight, compliance risk management testing and monitoring, internal audit review, and regulatory oversight.

Truist provides ongoing development and education to its directors with respect to cybersecurity, including presentations at Board meetings on special topics, such as updates on cybersecurity legislation and regulation. The Board also conducts a cybersecurity tabletop exercise at least every other year to simulate Truist’s analysis and response to hypothetical cybersecurity incidents.

The BRC annually reviews and approves our Corporate Information Policy. 44 Truist Financial Corporation Truist provides ongoing development and education to its directors with respect to cybersecurity, including presentations at Board meetings on special topics, such as updates on cybersecurity legislation and regulation, as warranted.

ITEM 1C. CYBERSECURITY The following is a discussion of Truist’s cybersecurity risk management strategy and governance. Refer to the “Risk Management” section of Part II, Item 7 for additional discussion. Cybersecurity risk management and strategy Like other financial services firms, Truist faces an increasingly complex and evolving cybersecurity threat environment.

Cybersecurity risk management and strategy Like other financial services firms, Truist faces an increasingly complex and evolving cybersecurity threat environment. We maintain a risk-based cybersecurity framework that is a part of our ERM framework.

In addition, Truist provides directors with a Board Cybersecurity Handbook that provides details on key Truist practices, resources, and protocols relating to cybersecurity protection, response, and preparedness. Finally, as required by the Gramm-Leach-Bliley Act, the Board receives an update at least annually on Truist’s Information Security Program. 42 Truist Financial Corporation

The Board also conducts a cybersecurity tabletop exercise at least every other year to simulate Truist’s analysis and response to hypothetical cybersecurity incidents. In addition, Truist provides directors with a Board Cybersecurity Handbook that provides details on key Truist practices, resources, and protocols relating to cybersecurity protection, response, and preparedness.

Management also discusses urgent cybersecurity developments with the Chairs of the BRC and BTC between Board and committee meetings, as appropriate. The Board annually reviews and approves our Information Security Program and Information Security Policy. Additionally, the BTC provides oversight of Truist’s technology strategy, including elements of it that involve cybersecurity.

Management discusses cybersecurity developments with the Chairs of the BRC and BTC, as appropriate, between Board and committee meetings as well. The Board receives, as required by the Gramm-Leach-Bliley Act, an update at least annually on Truist’s Corporate Information Security Program, and the Board annually reviews and approves that program.

Through this structure, Truist manages its cyber, business, and legal obligations, including escalation to executive management and the Board, as appropriate, client and regulatory notifications, and remediation activities. Our Information Security Program is also designed to help oversee, identify, and mitigate cybersecurity risks associated with our use of third-party service providers.

Our Corporate Information Security Program and Third Party Risk Management Program are also designed to help oversee, identify, and mitigate cybersecurity risks associated with our use of third-party service providers.

The members of management that lead our Information Security Program and strategy have extensive experience in technology, cybersecurity, and information security.

These sub-committees serve as governing forums for monitoring and escalating significant cybersecurity as well as other technology risk matters to the ERC. The members of management who lead our Corporate Information Security Program and strategy have extensive experience in technology, cybersecurity, and information security.

Truist Financial Corporation 41 Management’s role in assessing and managing material risks from cybersecurity threats Truist’s Information Security Program is operated and maintained by management, including the CIO, interim CISO, and CRO. These senior officers are responsible for assessing and managing Truist’s cybersecurity risks.

Truist also maintains disaster recovery plans that are reviewed, modified, as necessary, and approved annually by management. Management’s role in identifying, assessing, monitoring, and mitigating material risks from cybersecurity threats Truist’s Corporate Information Security Program is operated by and the responsibility of management, including the CIO, CSO, and CRO.

Foundationally, our cybersecurity framework is based upon the National Institute of Standards and Technology for Improving Critical Infrastructure Cybersecurity and is also designed to incorporate elements from additional industry standards, such as those of the Federal Financial Institutions Examination Council, to better suit the Company’s cyber risk profile.

Foundationally, our cybersecurity framework is based on the Cyber Risk Institute Cyber Profile, which tailors the National Institute of Standards and Technology Cybersecurity Framework for the financial sector.

For example, to further mitigate the risks presented by an evolving cyber threat landscape, Truist: • provides data protection guidance to clients; • promotes data protection awareness and accountability through mandatory teammate training; and • conducts scenario-driven test exercises simulating impacts and consequences developed through analysis of real-world incidents as well as known and anticipated cyber threats.

For example, to mitigate the risks presented by an evolving cybersecurity threat landscape, our Corporate Information Security Program provides for: • data protection guidance to clients; • data protection awareness and accountability through mandatory teammate training; and • targeted cybersecurity simulations and exercises that support Truist’s Corporate Cyber Security functions, with a goal of strengthening cybersecurity controls, increasing preparedness, and promoting effective response and recovery capabilities against cybersecurity threats.

See Item 1A, “Risk Factors” for information on risks from cybersecurity threats. We maintain a risk-based cybersecurity framework that is part of our ERM Framework. It is implemented through people, processes, and technology, whereby we assess, identify, and manage material risks from cybersecurity threats, and seek to adapt our risk mitigation activities accordingly.

Our cybersecurity framework utilizes people, processes, and systems to identify, assess, monitor, mitigate, and otherwise address material risks from cybersecurity threats, and Truist seeks to adapt and refine its risk mitigation activities and capabilities based on the cybersecurity risks identified through this framework.

Removed

In addition, our cybersecurity framework incorporates internal and third-party capabilities that drive the development and implementation of our data security strategy, which is designed to reduce cybersecurity risk while enabling Truist’s corporate business objectives. Processes for assessing, identifying, and managing material risks from cybersecurity threats We maintain an Information Security Program that specifies how we execute our cybersecurity framework.

Added

ITEM 1C. CYBERSECURITY The following is a discussion of Truist’s cybersecurity risk management strategy and governance. Refer to “Item 1A. Risk Factors” for information on risks from cybersecurity threats and the “Risk Management” section in MD&A for additional discussion on Truist’s technology risk management.

Removed

These exercises are designed to assess the viability of Truist’s crisis response and management programs and provide the basis for improvement.

Added

Our cybersecurity framework also informs our data security strategy, which is designed to reduce cybersecurity risk while enabling Truist’s corporate business objectives. For the fiscal year ended December 31, 2025, Truist has not identified any cybersecurity incidents that have materially affected, or are reasonably likely to materially affect, its business strategy, results of operations, or financial condition.

Removed

In its agreements with third-party service providers, Truist requires service providers to adhere to Truist’s relevant cybersecurity and operational resilience standards, subject to certain exceptions that are managed on a case-by-case basis.

Added

We expect to continue to be the target of cybersecurity threats with increased frequency and severity due to the evolving threat environment, including the increasing use of machine learning and generative AI, and there can be no assurance that future cybersecurity incidents, including incidents experienced by third parties, will not have a material adverse impact on Truist, including our business strategy, results of operations, or financial condition.

Removed

The Technology Risk Oversight Committee provides oversight of key risk management activities to identify, assess, monitor, mitigate, and report on technology (including core technology, data and cybersecurity) risk across the enterprise. These sub-committees serve as governing forums for monitoring and escalating significant cybersecurity as well as other technology risk matters to the ERC.

Added

Our Cyber Incident Response Team, which includes 24/7 Cyber Fusion Centers and a Cyber Command Center and is a part of the Technology, Data, and Operations team reporting to the CSO and CIO, is responsible for identifying, triaging, mitigating, and containing cybersecurity threats and incidents, including, to the extent possible, those originating from third party service providers.

Removed

Board of Directors’ oversight of risks from cybersecurity threats Our Board has primary responsibility for the oversight of our enterprise risk management and exercises its oversight function in respect of cybersecurity risk through the BRC.

Added

As part of our Corporate Information Security Program, Truist engages third-party experts to evaluate and test elements of its program, to identify vulnerabilities, and to inform program enhancements. Truist also leverages external specialists, as appropriate, to assess cybersecurity risks arising from third-party service providers and to support incident response readiness.

Removed

The BRC is responsible for overseeing Truist’s risk management function, including approving and reviewing Truist’s risk management framework and policies, and overseeing management’s implementation of such framework and policies. The oversight responsibility of our Board and the BRC is facilitated through management-reporting processes designed to provide visibility to the Board on cybersecurity matters.

Added

Our CSO has over 20 years of experience leading cybersecurity and technology risk teams at major financial institutions and global firms, including in the areas of information security, enterprise risk management, technology risk, cybersecurity, and fraud.

Removed

For example, members of the BRC receive regular reports from our CRO and interim CISO related to information technology and cybersecurity risks to Truist. The BRC meets periodically with risk management advisors and discusses with executive management any cybersecurity recommendations received.

Added

Board of Directors’ oversight of risks from cybersecurity threats Our Board oversees the development of, and reviews, approves, and periodically monitors, the Company’s strategy and risk appetite with a long-term perspective on risks and rewards that is consistent with the capacity of our risk management framework.

Added

The BRC assists the Board in overseeing our cybersecurity framework and, in doing so, utilizes management-reporting processes designed to provide directors with information that is sufficient in scope, detail, and analysis to enable them to consider cybersecurity risks.

Added

For example, the BRC receives and discusses regular reports from our CRO and CSO, and also meets periodically with outside advisers to gain additional perspectives on the cybersecurity landscape. Further, the BRC or its Chair meets jointly or communicates with the BTC or its Chair to review and discuss Truist's cybersecurity and other technology risks.

Item 2. Properties

Properties — owned and leased real estate

2 edited+0 added−0 removed1 unchanged

2024 filing

2025 filing

Biggest changeManagement believes that these premises, in the aggregate, are well-located and suitably equipped to serve as financial services facilities. See “Note 6. Premises and Equipment” for additional disclosures. Truist Financial Corporation 43

Biggest changeManagement believes that these premises, in the aggregate, are well-located and suitably equipped to serve as financial services facilities. Refer to “Note 6. Premises and Equipment” for additional disclosures.

Truist owns or leases retail branches and other offices in a number of states, primarily concentrated in the Southeastern and Mid-Atlantic U.S. See Table 2 for a list of Truist’s branches by state. Truist also operates other businesses that occupy facilities throughout the U.S. and Canada.

Truist owns or leases retail branches and other offices in a number of states, primarily concentrated in the Southeastern and Mid-Atlantic U.S. Refer to “Table 1” for a list of Truist’s branches by state. Truist also operates other businesses that occupy facilities throughout the U.S. and Canada.

Item 5. Market for Registrant's Common Equity

Market for Common Equity — stock, dividends, buybacks

14 edited+4 added−5 removed3 unchanged

2024 filing

2025 filing

Biggest changeThe share-repurchase program does not obligate Truist to acquire a specific dollar amount or number of shares and may be extended, modified, or discontinued at any time.

Biggest changeA share-repurchase plan does not obligate Truist to acquire a specific dollar amount or number of shares, and a repurchase plan may be extended, modified, or discontinued at any time. In addition to shares purchased under publicly announced repurchase plans, Truist repurchases shares in connection with the exercise of equity-based awards under equity-based compensation plans.

Management’s target common dividend payout ratio (computed by dividing common stock dividends by net income available to common shareholders) is between 30% and 50% during normal economic conditions. Truist paid $2.8 billion, $2.8 billion, and $2.7 billion in common stock dividends during 2024, 2023, and 2022, respectively.

Management’s target common dividend payout ratio (computed by dividing common stock dividends by net income available to common shareholders) is between 30% and 50% during normal economic conditions. Truist paid $2.7 billion, $2.8 billion, and $2.8 billion in common stock dividends during 2025, 2024, and 2023, respectively.

Actions in connection with the share-repurchase program will be subject to various factors, including Truist’s capital and liquidity positions and related internal frameworks, accounting and regulatory considerations (including any restrictions that may be imposed by the FRB and any changes to capital, liquidity, and other regulatory requirements that may be proposed or adopted by the U.S. banking agencies), Truist’s financial and operational performance, alternative uses of capital, the trading price of Truist’s common stock, and general market conditions.

Actions in connection with any share-repurchase program are subject to various factors, including Truist’s capital and liquidity positions and related internal frameworks, accounting and regulatory considerations (including any changes to capital, liquidity, and other regulatory requirements that may be proposed or adopted by the U.S. banking agencies), Truist’s financial and operational performance, alternative uses of capital, the trading price of Truist’s common stock, and general market conditions.

The share-repurchase program enables Truist to acquire shares through open-market purchases or privately negotiated transactions, including through Rule 10b5-1 plans and other programs, at the discretion of management and on terms (including quantity, timing, and price) that management determines to be advisable.

Truist’s share-repurchase programs enable Truist to acquire shares through open-market purchases or privately negotiated transactions, including through Rule 10b5-1 plans and other programs, at the discretion of management and on terms (including quantity, timing, and price) that management determines to be advisable.

This preferred stock redemption was in accordance with the terms of the Company’s Articles of Incorporation. See “Note 12. Shareholders’ Equity” for information about preferred stock.

This preferred stock redemption was in accordance with the terms of the Company’s Articles of Incorporation. Refer to “Note 12. Shareholders’ Equity” for information about preferred stock.

ITEM 5. MARKET FOR REGISTRANT’S COMMON EQUITY, RELATED STOCKHOLDER MATTERS AND ISSUER PURCHASES OF EQUITY SECURITIES Truist’s common stock is traded on the NYSE under the symbol “TFC.” As of December 31, 2024, Truist’s common stock was held by 73,681 registered shareholders.

ITEM 5. MARKET FOR REGISTRANT’S COMMON EQUITY, RELATED STOCKHOLDER MATTERS AND ISSUER PURCHASES OF EQUITY SECURITIES Truist’s common stock is traded on the NYSE under the symbol “TFC.” As of December 31, 2025, Truist’s common stock was held by 69,408 registered shareholders.

Truist expects common dividend declarations, if made, to occur in January, April, July, and October with payment dates on or about the first of March, June, September, and December. A discussion of dividend restrictions is included in “Note 17. Regulatory Requirements and Other Restrictions” and in the “Regulatory Considerations” section.

The graph and table assume an initial investment of $100 was made on December 31, 2019 in each of the Company’s common stock and the two indexes, as well as reinvestment of all dividends without commissions.

The Company is a component of both indexes. The graph and table assume an initial investment of $100 was made on December 31, 2020 in each of the Company’s common stock and the two indexes, as well as reinvestment of all dividends without commissions.

The following table provides additional information on share repurchases as part of publicly announced plans and shares exchanged or surrendered in connection with the exercise of equity-based awards: Table 5: Share Repurchase Activity (Dollars in millions, except per share data, shares in thousands) Total Number of Shares Purchased (1) Average Price Paid Per Share (2)(3) Total Number of Shares Purchased as part of Publicly Announced Plans Approximate Dollar Value of Shares that may yet be Purchased Under the Plans (3)(4) October 1, 2024 to October 31, 2024 11,712 $ 42.69 11,712 $ 4,000 November 1, 2024 to November 30, 2024 — — — 4,000 December 1, 2024 to December 31, 2024 — — — 4,000 Total 11,712 $ 42.69 11,712 (1) Includes shares exchanged or surrendered in connection with the exercise of equity-based awards under equity-based compensation plans.

The following table provides additional information on share repurchases as part of publicly announced plans and shares exchanged or surrendered in connection with the exercise of equity-based awards: Table 3: Share Repurchase Activity (Dollars in millions, except per share data, shares in thousands) Total Number of Shares Purchased (1) Average Price Paid Per Share (2)(3) Total Number of Shares Purchased as part of Publicly Announced Plans Approximate Dollar Value of Shares that may yet be Purchased Under the Plans (3)(4)(5) October 1, 2025 to October 31, 2025 9,972 $ 44.13 9,972 $ 1,810 November 1, 2025 to November 30, 2025 6,942 44.65 6,942 1,500 December 1, 2025 to December 31, 2025 — — — 10,000 Total 16,914 $ 44.34 16,914 (1) Includes shares exchanged or surrendered in connection with the exercise of equity-based awards under equity-based compensation plans.

Share Repurchases Truist has periodically repurchased shares of its own common stock and expects to periodically repurchase shares in the future under publicly announced repurchase plans. In accordance with North Carolina law, repurchased shares cannot be held as treasury stock, but revert to the status of authorized and unissued shares upon repurchase and are therefore available for future issuances.

In accordance with North Carolina law, repurchased shares cannot be held as treasury stock but revert to the status of authorized and unissued shares upon repurchase and are therefore available for future issuances.

At December 31, 2024, Truist had remaining authorization to repurchase up to $4.0 billion of common stock under the Board approved repurchase plan. 44 Truist Financial Corporation Preferred Stock Redemptions During 2024, the Company redeemed all 7,500 outstanding shares of its perpetual preferred stock series L and the corresponding 750,000 depositary shares representing fractional interests in such series at a redemption price of $1,000 per depositary share (equivalent to $100,000 per share of preferred stock) plus any accrued and unpaid dividends, for $750 million.

During 2024, the Company redeemed all 7,500 outstanding shares of its perpetual preferred stock series L and the corresponding 750,000 depositary shares representing fractional interests in such series at a redemption price of $1,000 per depositary share (equivalent to $100,000 per share of preferred stock) plus any accrued and unpaid dividends, for $750 million.

Equity Compensation Plan Information The following table provides information about equity-based awards as of December 31, 2024: Table 6: Equity Compensation Plan Information Plan Category (a) (1)(2) Number of securities to be issued upon exercise of outstanding options, warrants and rights (b) (3) Weighted-average exercise price of outstanding options, warrants and rights (c) Number of securities remaining available for future issuance under equity compensation plans (excluding securities reflected in (a)) Approved by security holders 21,057,484 $ 34.42 23,020,895 Not approved by security holders 2,393,448 33.88 — Total 23,450,932 $ 34.40 23,020,895 (1) Includes 18,157,076 RSUs and PSUs in plans approved by security holders.

Equity Compensation Plan Information The following table provides information about equity-based awards as of December 31, 2025: Table 4: Equity Compensation Plan Information Plan Category (a) (1) Number of securities to be issued upon exercise of outstanding options, warrants and rights (b) (2) Weighted-average exercise price of outstanding options, warrants and rights (c) Number of securities remaining available for future issuance under equity compensation plans (excluding securities reflected in (a)) Approved by security holders 24,195,183 $ 32.10 15,001,419 Not approved by security holders 3,362 35.19 — Total 24,198,545 $ 32.17 15,001,419 (1) Includes 24,039,628 RSUs and PSUs in plans approved by security holders.

Truist Financial Corporation 45 Five-Year Common Stock Performance The following graph and table compare the cumulative total shareholder return of the Company’s common stock, the S&P 500 Index, and the KBW Nasdaq Bank Index for the five-year period ended December 31, 2024. The Company is a component of both indexes.

(2) Excludes RSUs and PSUs because they do not have an exercise price. Truist Financial Corporation 47 Five-Year Common Stock Performance The following graph and table compare the cumulative total shareholder return of the Company’s common stock, the S&P 500 Index, and the KBW Nasdaq Bank Index for the five-year period ended December 31, 2025.

Table 7: Cumulative Total Shareholder Return Invested Cumulative Total Return As of / Through December 31, 2019 2020 2021 2022 2023 2024 Truist Financial Corporation $ 100.00 $ 88.87 $ 112.04 $ 85.70 $ 78.39 $ 96.99 S&P 500 Index 100.00 118.39 152.34 124.73 157.48 196.85 KBW Nasdaq Bank Index 100.00 89.69 124.08 97.53 96.66 132.63 46 Truist Financial Corporation

Table 5: Cumulative Total Shareholder Return Invested Cumulative Total Return As of / Through December 31, 2020 2021 2022 2023 2024 2025 Truist Financial Corporation $ 100.00 $ 126.07 $ 96.43 $ 88.21 $ 109.13 $ 129.86 S&P 500 Index 100.00 128.68 105.36 133.03 166.28 195.98 KBW Nasdaq Bank Index 100.00 138.34 108.74 107.77 147.87 196.02 48 Truist Financial Corporation

Removed

Repurchases may be effected through open market purchases, privately negotiated transactions, trading plans established in accordance with SEC rules, or other means.

Added

Regulatory Requirements and Other Restrictions” and in the “Regulatory and Supervisory Considerations” section in Item 1 “Business.” Share Repurchases Truist has periodically repurchased shares of its own common stock and expects to periodically repurchase shares in the future under publicly announced repurchase plans.

Removed

The quantity, timing, price, and other terms of any repurchases are subject to various factors, including Truist’s capital and liquidity positions and related internal frameworks, accounting and regulatory considerations (including any restrictions that may be imposed by the FRB and any changes to capital, liquidity, and other regulatory requirements that may be proposed or adopted by the U.S. banking agencies), Truist’s financial and operational performance, alternative uses of capital, the trading price of Truist’s common stock, and general market conditions.

Added

Truist repurchased $2.5 billion in common stock in 2025 and $1.0 billion in 2024 pursuant to publicly announced repurchase plans. Truist did not repurchase any common shares under publicly announced repurchase plans in 2023. In December 2025, the Company announced that the Board approved a $10.0 billion share repurchase-program with no expiration date, replacing the previous repurchase authority.

Removed

Any repurchase plan may be extended, modified, or discontinued at any time. In addition to shares purchased under publicly announced repurchase plans, Truist repurchases shares in connection with the exercise of equity-based awards under equity-based compensation plans. Truist repurchased $1.0 billion in common stock in 2024 and $250 million in 2022, pursuant to publicly announced repurchase plans.

Added

(5) In December 2025, Truist announced that the Board had authorized the repurchase of up $10.0 billion of common stock effective immediately with no expiration date, replacing the previous repurchase authority, as part of Truist’s overall capital distribution strategy. 46 Truist Financial Corporation Preferred Stock Redemptions During 2025, the Company redeemed all 40,000 outstanding shares of its fixed rate reset non-cumulative perpetual preferred stock series P and the corresponding 1,000,000 depositary shares representing fractional interests in such series at a redemption price of $1,000 per depositary share (equivalent to $25,000 per share of preferred stock) plus any accrued and unpaid dividends, for $1 billion.

Removed

Truist did not repurchase any commons shares under publicly announced repurchase plans in 2023.

Added

This preferred stock redemption was in accordance with the terms of the Company’s Articles of Incorporation.

Removed

(2) Plans not approved by security holders consist of 10,369 options outstanding with a weighted average exercise price of $33.88 and 2,383,079 RSUs for plans that were assumed in mergers and acquisitions and issued prior to shareholder approval of the Truist Financial Corporation 2022 Incentive Plan. (3) Excludes RSUs and PSUs because they do not have an exercise price.

Item 7. Management's Discussion & Analysis

Management's Discussion & Analysis (MD&A) — revenue / margin commentary

227 edited+67 added−98 removed74 unchanged

2024 filing

2025 filing

Biggest changeExcluding securities losses, noninterest income was up $340 million, or 6.2%, compared to the prior year. • Investment banking and trading income increased due to higher bond and equity originations, structured real estate income, loan syndication fees, and merger and acquisition fees, partially offset by lower trading income. • Wealth management income increased due to higher assets under management, partially offset by the impact of the sale of Sterling Capital Management LLC in 2024. • Service charges on deposits increased due to a prior period reduction in deposit service charge fees for client refund accruals resulting from a revision in deposit service fee protocols, partially offset by a decline as a result of continued growth of Truist One checking. • Other income increased due to higher derivative income and the gain on the sale of Sterling Capital Management LLC, partially offset by lower equity investment income due to gains in 2023 and a valuation decrease for derivatives related to Visa shares. • Lending related fees decreased due to lower leasing-related gains. • Operating lease income decreased due to the runoff of operating lease balances. • Card and payment related fees decreased due to lower interchange rates, higher rebates, and lower volumes. 52 Truist Financial Corporation Noninterest Expense The following table provides a breakdown of Truist’s noninterest expense: Table 11: Noninterest Expense Year Ended December 31, % Change (Dollars in millions) 2024 2023 2022 2024 vs. 2023 2023 vs. 2022 Personnel expense $ 6,506 $ 6,516 $ 6,558 (0.2) % (0.6) % Professional fees and outside processing 1,337 1,192 1,322 12.2 (9.8) Software expense 896 868 887 3.2 (2.1) Net occupancy expense 656 658 690 (0.3) (4.6) Equipment expense 373 381 449 (2.1) (15.1) Amortization of intangibles 345 395 455 (12.7) (13.2) Marketing and customer development 268 260 321 3.1 (19.0) Operating lease depreciation 144 175 184 (17.7) (4.9) Regulatory costs 344 824 183 (58.3) NM Restructuring charges 120 320 466 (62.5) (31.3) Goodwill impairment — 6,078 — (100.0) NM Other expense 1,020 1,011 652 0.9 55.1 Total noninterest expense $ 12,009 $ 18,678 $ 12,167 (35.7) 53.5 Restructuring Charges Noninterest expense was down $6.7 billion, or 36%, for the year ended December 31, 2024 compared to the year ended December 31, 2023 primarily due to the 2023 goodwill impairment of $6.1 billion, lower regulatory charges due to the FDIC special assessment and related adjustments ($64 million in 2024 compared to $507 million in 2023), lower other expense, excluding the charitable contribution to the Truist Foundation, lower amortization of intangibles, and operating lease depreciation, partially offset by a $150 million charitable contribution to the Truist Foundation (other expense) and higher professional fees and outside processing expense.

Biggest changeNoninterest income was up $6.7 billion for the year ended December 31, 2025, compared to the year ended December 31, 2024, primarily due to securities losses resulting from the balance sheet repositioning in 2024 as well as higher other income and card and treasury management fees, partially offset by lower investment banking and trading income. • Other income increased primarily due to higher income from certain solar and other investments, partially offset by the 2024 gain on the sale of Sterling Capital Management LLC. • Card and treasury management fees increased primarily due to higher treasury management fees. • Investment banking and trading income decreased due to lower trading income, merger and acquisition fees, and capital markets activity. 54 Truist Financial Corporation Noninterest Expense The following table provides a breakdown of Truist’s noninterest expense: Table 9: Noninterest Expense Year Ended December 31, % Change (Dollars in millions) 2025 2024 2023 2025 vs. 2024 2024 vs. 2023 Personnel expense (1) $ 6,848 $ 6,587 $ 6,765 4.0 % (2.6) % Professional fees and outside processing (1) 1,420 1,342 1,194 5.8 12.4 Software expense 936 896 868 4.5 3.2 Net occupancy expense (1) 710 695 732 2.2 (5.1) Equipment expense 351 373 381 (5.9) (2.1) Marketing and customer development 299 268 260 11.6 3.1 Amortization of intangibles 290 345 395 (15.9) (12.7) Regulatory costs 163 344 824 (52.6) (58.3) Goodwill impairment — — 6,078 — (100.0) Other expense (1)(2) 1,059 1,159 1,181 (8.6) (1.9) Total noninterest expense $ 12,076 $ 12,009 $ 18,678 0.6 (35.7) (1) Effective December 31, 2025, Truist reclassified the underlying activities of restructuring charges, which were previously reported in a separate financial statement caption, to their natural expense categories of ‘Personnel,’ ‘Net occupancy,’ ‘Professional fees and outside processing,’ and ‘Other expense.’ Prior period balances have been conformed to current period presentation.

Weighted yield is represented on a TE basis with the exception of obligations of state and political subdivisions which are presented on a tax-effected basis. (2) For purposes of the maturity, MBS, which are not due at a single maturity date, have been included in maturity groupings based on the contractual maturity.

Weighted yield is represented on a TE basis with the exception of obligations of state and political subdivisions which are presented on a tax-effected basis. (2) For purposes of maturity, MBS, which are not due at a single maturity date, have been included in maturity groupings based on the contractual maturity.

Interest Rate Market Risk As a financial institution, Truist is exposed to interest rate risk from assets, liabilities, and off-balance sheet positions. Truist primarily monitors this risk through two measurement types, (i) NII at risk and (ii) economic value of equity. Truist manages this risk with securities, derivatives, and broader asset liability management activities.

Market Risk - Interest Rate As a financial institution, Truist is exposed to interest rate risk from assets, liabilities, and off-balance sheet positions. Truist primarily monitors this risk through two measurement types, (i) NII at risk and (ii) economic value of equity. Truist manages this interest rate risk with securities, derivatives, and broader asset liability management activities.

The primary uses of funds by the Parent Company are investments in subsidiaries, advances to subsidiaries, dividend payments to common and preferred shareholders, repurchases of common stock, payments on and, from time-to-time, potential repurchases or redemptions of a portion of an outstanding tranche of the long-term debt of the Parent Company (as may be permitted by the terms of each respective series), and the redemption of preferred stock.

The primary uses of funds by the Parent Company are investments in subsidiaries, advances to subsidiaries, dividend payments to common and preferred shareholders, repurchases of common stock, payments on and, from time to time, potential repurchases or redemptions of a portion of an outstanding tranche of long-term debt of the Parent Company (as may be permitted by the terms of each respective series), and the redemption of preferred stock.

Different assumptions in the application of these policies could result in material changes in the consolidated financial position and/or consolidated results of operations and related disclosures. Understanding Truist’s accounting policies is fundamental to understanding the consolidated financial position and consolidated results of operations.

Different assumptions in the application of these policies could result in material changes in the consolidated financial position or consolidated results of operations and related disclosures. Understanding Truist’s accounting policies is fundamental to understanding the consolidated financial position and consolidated results of operations.

Commitments and Contingencies” for additional information regarding outstanding balances of sources of liquidity and contractual commitments and obligations. Parent Company The Parent Company serves as the primary source of capital for its operating subsidiaries. The Parent Company’s assets consist primarily of cash on deposit with Truist Bank, equity investments in subsidiaries, advances to subsidiaries, and notes receivable from subsidiaries.

Commitments and Contingencies” for additional information regarding outstanding balances of sources of liquidity and contractual commitments and obligations. Parent Company The Parent Company serves as the primary source of capital for its operating subsidiaries. The Parent Company’s assets consist primarily of cash on deposit with Truist Bank, equity investments in subsidiaries, and advances to subsidiaries, including notes receivable from subsidiaries.

Management performs a goodwill impairment analysis on an annual basis as of October 1 or more often if events or circumstances indicate that it is more-likely-than not that the fair value of a reporting unit is below its carrying value. For its annual impairment review, Truist performed a quantitative test of each of its reporting units.

Management performs a goodwill impairment analysis on an annual basis as of October 1 st , or more often if events or circumstances indicate that it is more-likely-than not that the fair value of a reporting unit is below its carrying value. For its annual impairment review, Truist performed a quantitative test of each of its reporting units.

The plan addresses authority for activation and decision making, liquidity options, and the responsibilities of key departments in the event of a liquidity contraction. On a quarterly basis, Truist conducts testing of market access for alternative sources of funds (e.g. discount window, standing repo facility, etc.) to test operational readiness.

The plan addresses authority for activation and decision making, liquidity options, and the responsibilities of key departments in the event of a liquidity contraction. On a quarterly basis, Truist conducts testing of market access for alternative sources of funds (e.g., FRB, discount window, standing repo facility, etc.) to test operational readiness.

Accordingly, Truist’s significant accounting policies and effects of new accounting pronouncements are discussed in detail in “Note 1. Basis of Presentation.” The following is a summary of Truist’s critical accounting policies that are highly dependent on estimates, assumptions, and judgments. These critical accounting policies are reviewed with the Audit Committee of the Board of Directors on a periodic basis.

Accordingly, Truist’s significant accounting policies and the effects of new accounting pronouncements are discussed in detail in “Note 1. Basis of Presentation.” The following is a summary of Truist’s critical accounting policies that are highly dependent on estimates, assumptions, and judgments. These critical accounting policies are reviewed with the Audit Committee of the Board on a periodic basis.

Truist’s key risk indicators are designed to support the following objectives: • maintain (i) a diversified, but customer deposit centric, funding base, (ii) a level of liquid, readily monetized assets sufficient to satisfy business as usual and stressed cash flow needs across multiple liquidity horizons, and (iii) an appropriate level of contingent funding to meet any unexpected needs; • limit concentration risk from individual, correlated counterparties, and funding concentrations in tenors that may negatively impact Truist from an unforeseen idiosyncratic or market event; and • maintain sufficient liquidity in the holding company to serve as a source of strength to its subsidiaries.

Truist’s key risk indicators are designed to support the following objectives: • maintain (i) a diversified, but client deposit centric, funding base, (ii) a level of liquid, readily monetized assets sufficient to satisfy business as usual and stressed cash flow needs across multiple liquidity horizons, and (iii) an appropriate level of contingent funding to meet any unexpected needs; • limit concentration risk from individual, correlated counterparties, and funding concentrations in tenors that may negatively impact Truist from an unforeseen idiosyncratic or market event; and • maintain sufficient liquidity in the holding company to serve as a source of strength to its subsidiaries.

The income approach utilizes a discounted cash flow analysis of multi-year financial forecasts developed for each reporting unit by considering several inputs and assumptions such as net interest margin, expected credit losses, noninterest income, noninterest expense, and required capital.

The income approach utilizes a discounted cash flow analysis of multi-year financial forecasts developed for each reporting unit by considering several inputs and assumptions such as net interest income, expected credit losses, noninterest income, noninterest expense, and required capital.

Truist Financial Corporation 63 Commercial Credit Concentrations Truist has established the following general practices to manage commercial credit risk: • limiting the amount of credit that Truist may extend to a borrower; • establishing a process for credit approval accountability; • initial underwriting and analysis of borrower, transaction, market, and collateral risks; • evaluating the diversity of the loan portfolio in terms of type, industry, and geographical concentration; • ongoing servicing and monitoring of individual loans and lending relationships; • continuous monitoring of the portfolio, market dynamics, and the economy; and • periodically reevaluating the Company’s strategy and overall exposure as economic, market, and other relevant conditions change.

Truist Financial Corporation 65 Commercial Credit Concentrations Truist has established the following general practices to manage commercial credit risk: • limiting the amount of credit that Truist may extend to a borrower; • establishing a process for credit approval accountability; • initial underwriting and analysis of borrower, transaction, market, and collateral risks; • evaluating the diversity of the loan portfolio in terms of type, industry, and geographical concentration; • ongoing servicing and monitoring of individual loans and lending relationships; • continuous monitoring of the portfolio, market dynamics, and the economy; and • periodically reevaluating the Company’s strategy and overall exposure as economic, market, and other relevant conditions change.

Using the risk appetite statements, key risk indicators are developed that represent quantitative metrics which measure current risk exposure relative to Truist’s risk appetite, which help the Board and management monitor liquidity risk taking activity.

Using the risk appetite statements, key risk indicators are developed that represent quantitative metrics which measure current risk exposure relative to Truist’s risk appetite, which help the Board oversee and management monitor liquidity risk-taking activity.

Provided below is a summary of the most significant underwriting criteria used to evaluate new loans and loan renewals: • Cash flow and debt service coverage - cash flow adequacy is a necessary condition of creditworthiness, meaning that loans must either be clearly supported by a borrower’s cash flow or, if not, must be justified by secondary repayment sources. • Secondary sources of repayment - alternative repayment funds are a significant risk-mitigating factor as long as they are liquid, can be easily accessed, and provide adequate resources to supplement the primary cash flow source. • Value of any underlying collateral - loans are generally secured by the asset being financed.

The most significant underwriting criteria used to evaluate new loans and loan renewals are: • Cash flow and debt service coverage - cash flow adequacy is a necessary condition of creditworthiness, meaning that loans must either be clearly supported by a borrower’s cash flow or, if not, must be justified by secondary repayment sources. • Secondary sources of repayment - alternative repayment funds are a significant risk-mitigating factor as long as they are liquid, can be easily accessed, and provide adequate resources to supplement the primary cash flow source. • Value of any underlying collateral - loans are generally secured by the asset being financed.

In determining the buffer, Truist considers cash requirements for common and preferred dividends, unfunded commitments to affiliates, serving as a source of strength to Truist Bank, and being able to withstand sustained market disruptions that could limit access to the capital markets. At December 31, 2024, the Parent Company held cash on hand to meet these requirements.

In determining the buffer, Truist considers cash requirements for common and preferred dividends, unfunded commitments to affiliates, serving as a source of strength to Truist Bank, and being able to withstand sustained market disruptions that could limit access to the capital markets. At December 31, 2025, the Parent Company held cash on hand to meet these requirements.

Truist Financial Corporation 59 The following table presents a summary of the loans and leases by scheduled repayment period and interest rate terms. Determinations of maturities are based on scheduled repayments, except when rollovers or extensions are included for purposes of measuring the ACL. Truist’s credit policy typically does not permit automatic renewal of loans.

Truist Financial Corporation 61 The following table presents a summary of the loans and leases by scheduled repayment period and interest rate terms. Determinations of maturities are based on scheduled repayments, except when rollovers or extensions are included for purposes of measuring the ACL. Truist’s credit policy typically does not permit automatic renewal of loans.

When observable market prices are not available, the Company uses judgment and estimates fair value using internal models that reflect assumptions consistent with those that would be used by a market participant in estimating fair value. Refer to “Note 18. Fair Value Disclosures” for further information on the Company’s trading securities and securities sold short.

When observable market prices are not available, the Company uses judgment and estimates fair value using internal models that reflect assumptions consistent with those that would be used by a market participant in estimating fair value. Refer to “Note 18. Fair Value Disclosures” for further information about the Company’s trading securities and securities sold short.

Truist Bank invests in securities allowable under bank regulations. These securities may include obligations of the U.S. Treasury, U.S. government agencies, GSEs (including MBS), bank eligible obligations of any state or political subdivision, non-agency MBS, structured notes, bank eligible corporate obligations (including corporate debentures), commercial paper, negotiable CDs, bankers’ acceptances, mutual funds, and limited types of equity securities.

Truist Bank invests in securities allowable under bank regulations. These securities may include obligations of the U.S. Treasury, U.S. government agencies, GSEs (including MBS), bank eligible obligations of any state or political subdivision, structured notes, bank eligible corporate obligations (including corporate debentures), commercial paper, negotiable CDs, bankers’ acceptances, mutual funds, and limited types of equity securities.

The projection of net interest margin is the most significant input to the financial projections of the CSBB and WB reporting units, while noninterest income is the most significant input to the financial projections of the Wealth reporting unit.

The projection of net interest income is the most significant input to the financial projections of the CSBB and WB reporting units, while noninterest income is the most significant input to the financial projections of the Wealth reporting unit.

All teammates are responsible for upholding the Company’s purpose, mission, and values, and are encouraged to speak up if there is any activity or behavior that is inconsistent with the Company’s culture. The Truist code of ethics guides the Company’s decision making and informs teammates on how to act in the absence of specific guidance.

All teammates are responsible for upholding the Company’s purpose, mission, and values, and are encouraged to speak up if there is any activity or behavior that is inconsistent with the Company’s culture. The Truist Code of Ethics influences the Company’s decision making and informs teammates on how to act in the absence of specific guidance.

Through active data risk monitoring and accuracy testing, Truist seeks to provide reasonable assurance over data-related processes, risks, and controls, as well as the quality and retention of key data used for operational, strategic, regulatory, and compliance purposes. Management and the Board provide oversight of the data risk management program and receive regular updates from the RMO.

Through active data risk monitoring and accuracy testing, Truist seeks to provide reasonable assurance regarding data-related processes, risks, and controls, as well as the quality and retention of key data used for operational, strategic, regulatory, and compliance purposes. Management and the Board provide oversight of the Data Risk Management program and receive regular updates from the RMO.

There were no off-balance sheet securitization positions during the reporting period. Correlation Trading Positions The trading portfolio of covered positions did not contain any correlation trading positions as of December 31, 2024. VaR-Based Measures VaR measures the potential loss of a given position or portfolio of positions at a specified confidence level and time horizon.

There were no off-balance sheet securitization positions during the reporting period. Correlation Trading Positions The trading portfolio of covered positions did not contain any correlation trading positions as of December 31, 2025. VaR-Based Measures VaR measures the potential loss of a given position or portfolio of positions at a specified confidence level and time horizon.

These sources include unsecured borrowings from the capital markets through the issuance of senior or subordinated bank notes, institutional CDs, overnight and term Federal funds markets, and retail brokered CDs. Truist Bank also maintains access to secured borrowing sources, including FHLB advances, repurchase agreements, and the FRB discount window.

See “Note 22. Parent Company Financial Information” for additional information regarding dividends from subsidiaries and debt transactions. Access to funding at the Parent Company is more sensitive to market disruptions. Therefore, Truist manages cash levels at the Parent Company to exceed a minimum of 12 months of projected cash outflows.

Refer to “Note 22. Parent Company Financial Information” for additional information regarding dividends from subsidiaries and debt transactions. Access to funding at the Parent Company is more sensitive to market disruptions. Therefore, Truist manages cash levels at the Parent Company to exceed a minimum of 12 months of projected cash outflows.

These procedures, which are performed independent of the responsible business unit, include comparison of pricing information received from the third-party pricing service to other third-party pricing sources, review of additional information provided by the third-party pricing service and other third-party sources for selected securities and back-testing to compare the price realized on security sales to the daily pricing information received from the third-party pricing service.

These procedures, which are performed independently of the responsible business unit, include comparison of pricing information received from the third-party pricing service to other third-party pricing sources, review of additional information provided by the third-party pricing service and other third-party sources for selected securities, and back-testing to compare the price realized on security sales to the daily pricing information received from the third-party pricing service.

In addition, certain of the purchase agreements contain clauses that would allow Truist to cancel the agreement with specified notice; however, that impact is not included in determining the total amount of obligations. See “Note 9. Other Assets and Liabilities,” “Note 11. Borrowings,” and “Note 16.

In addition, certain of the purchase agreements contain clauses that would allow Truist to cancel the agreement with specified notice; however, that impact is not included in determining the total amount of obligations. Refer to “Note 9. Other Assets and Liabilities,” “Note 11. Borrowings,” and “Note 16.

The qualitative components are used to adjust for limitations in modeled results related to current economic conditions, and considerations with respect to the impact of current and expected events or risks, the outcomes of which are uncertain and may not be completely considered by quantitative models.

The qualitative components are used to adjust for limitations in modeled results related to current economic conditions, as well as considerations with respect to the impact of current and expected events or risks, the outcomes of which are uncertain and may not be completely considered by quantitative models.

Truist’s baseline scenario relies on assumptions including expectations of the economy and interest rates – which are influenced by market conditions, new business volume, pricing, and customer behavior. In measuring NII at risk, Truist assumes that changes in key factors, such as prepayments and deposit pricing (betas), largely move in line with those it has experienced in prior rate cycles.

Truist’s baseline scenario relies on assumptions including expectations of the economy and interest rates – which are influenced by market conditions, new business volume, pricing, and client behavior. In measuring NII at risk, Truist assumes that changes in key factors, such as prepayments and deposit pricing (betas), largely move in line with those Truist has experienced in prior rate cycles.

In keeping with the belief that consistent values drive long-term behaviors, Truist’s RMO has established four key behaviors all teammates are expected to practice daily – regardless of role: • Awareness: demonstrate an appropriate understanding of enterprise and business unit risks and the controls required to mitigate them. Complete required risk and compliance training within deadlines.

In keeping with the belief that consistent values drive long-term behaviors, Truist’s RMO has established four key behaviors all teammates are expected to practice daily, regardless of role: • Awareness: demonstrate an appropriate understanding of enterprise and business unit risks and the controls required to effectively mitigate those risks. Complete required risk and compliance training within deadlines.

The expected life of MBS will differ from contractual maturities because borrowers may have the right to call or prepay the underlying mortgage loans with or without call or prepayment penalties. Lending Activities Truist strives to meet the credit needs of its clients while pursuing a balanced strategy of loan profitability, loan growth, and loan quality.

The expected life of MBS will differ from contractual maturities because borrowers may have the right to call or prepay the underlying mortgage loans with or without call or prepayment penalties. Truist Financial Corporation 59 Lending Activities Truist strives to meet the credit needs of its clients while pursuing a balanced strategy of loan profitability, loan growth, and loan quality.

Trading Assets and Liabilities Fair value measurements for trading securities and securities sold short are derived from observable market-based information including overall market conditions, recent trades, comparable securities, broker quotes and FINRA’s Trade Reporting and Compliance Engine data when determining the value of a position. Security prices are also validated through actual cash settlement upon the sale of a security.

Trading Assets and Liabilities Fair value measurements for trading securities and securities sold short are derived from observable market-based information, including overall market conditions, recent trades, comparable securities, broker quotes, and FINRA’s Trade Reporting and Compliance Engine data. Security prices are also validated through actual cash settlement upon the sale of a security.

Commercial Community Banking and small business banking generally target small-to-middle market businesses with annual sales between $2 million and $500 million, while Investment Banking and Capital Markets (formerly Corporate and Investment Banking) provides lending solutions to large corporate clients.

Commercial Banking and Small Business Banking generally target small-to-middle market businesses with annual sales between $2 million and $500 million, while Investment Banking and Capital Markets provides lending solutions to large corporate clients.

Data Analytics, AI, and Generative AI Risks Data risk is the risk to current or projected financial condition, operations, strategic objectives, and regulatory compliance arising from inadequate data accuracy, completeness, consistency, timeliness, relevance, integrity, and validity (i.e., data fidelity). Inadequate data fidelity can negatively impact regulatory and management reporting, public disclosures, and business decisions.

Truist Financial Corporation 81 Data Analytics, AI, and Generative AI Risks Data risk is the risk to current or projected financial condition, operations, strategic objectives, and regulatory compliance arising from inadequate data accuracy, completeness, consistency, timeliness, relevance, integrity, and validity (i.e., data fidelity). Inadequate data fidelity can negatively impact regulatory and management reporting, public disclosures, and business decisions.

These loans are homogeneous, and no single loan is individually significant in terms of its size and potential risk of loss. These loans are originated in accordance with underwriting criteria as determined by Truist. 58 Truist Financial Corporation Credit Card Loan Portfolio The credit card portfolio consists of the outstanding balances on credit cards for commercial and consumer clients.

These loans are homogeneous, and no single loan is individually significant in terms of its size and potential risk of loss. These loans are originated in accordance with underwriting criteria as determined by Truist. Credit Card Loan Portfolio The credit card portfolio consists of the outstanding balances on credit cards for commercial and consumer clients.

For Market Risk Rule purposes, the Company calculates VaR using a 10-day holding period and a 99% confidence level. Due to inherent limitations of the VaR methodology, such as the assumption that past market behavior is indicative of future market performance, VaR is only one of several tools used to measure and manage market risk.

Truist Financial Corporation 55 Analysis of Financial Condition Investment Activities Truist’s investment policy is approved and carried out by ALCO, which meets regularly to review the economic environment and establish investment strategies. The ALCO also has much broader responsibilities, which are discussed in the “Market Risk” section in MD&A.

Truist Financial Corporation 57 Analysis of Financial Condition Investment Activities Truist’s investment policy is approved and carried out by the ALCO, which meets regularly to review the economic environment and establish investment strategies. The ALCO also has broader responsibilities, which are discussed in the “Market Risk” section in MD&A.

The long-term growth rate used in determining the terminal value of each reporting unit was 3% as of October 1, 2024, based on management’s assessment of the minimum expected terminal growth rate of each reporting unit.

The long-term growth rate used in determining the terminal value of each reporting unit was 3% as of October 1, 2025, based on management’s assessment of the minimum expected terminal growth rate of each reporting unit.

These changes, when they occur, impact tax expense and can materially affect operating results. Truist reviews tax positions quarterly and adjusts accrued taxes as new information becomes available. Deferred income tax assets represent amounts available to reduce income taxes payable in future years.

These changes, when they occur, impact tax expense and can materially affect operating results. Truist reviews tax positions quarterly and adjusts accrued taxes as new information becomes available. 90 Truist Financial Corporation Deferred income tax assets represent amounts available to reduce income taxes payable in future years.

Continued access to client deposits is highly dependent on public confidence in the stability of Truist Bank and its ability to return funds to clients when requested. Truist Bank maintains a number of diverse funding sources to meet its liquidity requirements.

Continued access to client deposits is highly dependent on public confidence in the stability of Truist Bank and its ability to return funds to clients when requested. Truist Financial Corporation 83 Truist Bank maintains a number of diverse funding sources to meet its liquidity requirements.

Residential Mortgage Loan Portfolio Truist primarily originates conforming mortgage loans, loans under FHA, U.S. Department of Veterans Affairs, or U.S. Department of Agriculture programs, and higher quality jumbo and construction-to-permanent loans for 1-4 family residential properties. Conforming loans are loans that are underwritten in accordance with the underwriting standards set forth by FNMA and FHLMC.

Residential Mortgage Loan Portfolio Truist primarily originates conforming mortgage loans, loans under FHA, U.S. Department of Veterans Affairs, or U.S. Department of Agriculture programs, and higher quality jumbo and construction-to-permanent loans for one- to four-family residential properties. Conforming loans are loans that are underwritten in accordance with the underwriting standards set forth by FNMA and FHLMC.

A portfolio of trading positions is typically less risky than the sum of the risk from each of the individual sub-portfolios, because, under normal market conditions, risk within each category partially offsets the exposure to other risk categories. The following table summarizes certain VaR-based measures for the year ended December 31, 2024 and 2023.

Management reviews stress testing scenarios and makes updates on an ongoing basis. Management also utilizes stress analyses to support the Company’s capital adequacy assessment standards. See the “Capital” section of MD&A for additional discussion of capital adequacy.

Management reviews stress testing scenarios and makes updates on an ongoing basis. Management also utilizes stress analyses to support the Company’s capital adequacy assessment standards. Refer to the “Capital” section in MD&A for additional discussion of capital adequacy.

Table 34: Interest Sensitivity Simulation Analysis Dec 31, 2024 Dec 31, 2023 Up 200bps gradual change in interest rates 1.1 % (1.5) % Up 50bps instantaneous change in interest rates 0.6 (0.4) Down 50bps instantaneous change in interest rates (0.8) (0.1) Down 200bps gradual change in interest rates (2.1) (0.3) Truist performs and monitors sensitivity tests of key assumptions used in NII risk including: • Asset prepayment speeds • New loan volume pricing spreads • Interest-bearing deposit betas • Non-interest-bearing demand deposit balance runoff, replaced by market funding EVE measures changes in the economic value of Truist’s current balance sheet and off-balance sheet hedges under alternate rate scenarios relative to starting economic value.

Table 30: Interest Sensitivity Simulation Analysis Dec 31, 2025 Dec 31, 2024 Up 200bps gradual change in interest rates (0.9) % 1.1 % Up 50bps instantaneous change in interest rates (0.1) 0.6 Down 50bps instantaneous change in interest rates (0.2) (0.8) Down 200bps gradual change in interest rates (0.3) (2.1) Truist performs and monitors sensitivity tests of key assumptions used in NII risk including: • Asset prepayment speeds • New loan volume pricing spreads • Interest-bearing deposit betas • Non-interest-bearing demand deposit balance runoff, replaced by market funding EVE measures changes in the economic value of Truist’s current balance sheet and off-balance sheet hedges under alternate rate scenarios relative to starting economic value.

The valuation of the WB reporting unit as of October 1, 2024 indicated that if the discount rate were increased more than 100 basis points, with other cash flow assumptions unchanged, the reporting unit’s fair value would be less than its carrying value, indicating a goodwill impairment under the income approach.

The valuation of the WB reporting unit as of October 1, 2025 indicated that if the discount rate increased 100 basis points, with other cash flow assumptions unchanged, the reporting unit’s fair value would be less than its carrying value, indicating a goodwill impairment under the income approach.

VaR Model Backtesting In accordance with the Market Risk Rule, the Company evaluates the accuracy of its VaR model through daily backtesting by comparing aggregate daily trading gains and losses (excluding fees, commissions, reserves, net interest income, and intraday trading) from covered positions with the corresponding daily VaR-based measures generated by the model.

Truist Financial Corporation 79 VaR Model Backtesting In accordance with the Market Risk Rule, the Company evaluates the accuracy of its VaR model through daily backtesting by comparing aggregate daily trading gains and losses (excluding fees, commissions, reserves, net interest income, and intraday trading) from covered positions with the corresponding daily VaR-based measures generated by the model.

(Decr.) Change due to Incr. (Decr.) Change due to 2024 2023 2022 2024 2023 2022 2024 2023 2022 Rate Volume Rate Volume Assets AFS and HTM securities at amortized cost: U.S.

(Decr.) Change due to Incr. (Decr.) Change due to 2025 2024 2023 2025 2024 2023 2025 2024 2023 Rate Volume Rate Volume Assets AFS and HTM securities at amortized cost: U.S.

IRR reporting is provided to the BRC quarterly. Truist Financial Corporation 73 IRR measurement is influenced by data, assumptions, and models. Due to their high sensitivity to market rates, mortgage (loan and security) prepayments leverage an industry model that results in varying prepayment speeds across rate scenarios.

IRR reporting is provided to the BRC quarterly. IRR measurement is influenced by data, assumptions, and models. Due to their high sensitivity to market rates, mortgage (loan and security) prepayments leverage an industry model that results in varying prepayment speeds across rate scenarios.

Other tools used to manage market risk include stress testing, scenario analysis, and stop loss limits. The trading portfolio’s VaR profile is influenced by a variety of factors, including the size and composition of the portfolio, market volatility, and the correlation between different positions.

Other tools used to manage market risk include stress testing, scenario analysis, and stop loss limits. 78 Truist Financial Corporation The trading portfolio’s VaR profile is influenced by a variety of factors, including the size and composition of the portfolio, market volatility, and the correlation between different positions.

Truist has defined and adopted a technology risk framework that provides the foundation for its technology risk strategy, program, and oversight and defines key objectives, operating model components, risk domains, and capabilities to manage this risk. Refer to Item 1C, “Cybersecurity” for a discussion regarding Truist’s cybersecurity risk management, strategy, and governance.

Truist has defined and adopted a technology risk framework that provides the foundation for its technology risk strategy, program, and oversight and defines key objectives, operating model components, risk domains, and capabilities to manage this risk. Refer to “Item 1C. Cybersecurity” for a discussion regarding Truist’s cybersecurity risk management, strategy, and governance.

Truist utilizes a historical VaR methodology to measure and aggregate risks across its covered trading positions. For risk management purposes, the VaR calculation is based on a historical simulation approach and measures the potential trading losses using a one-day holding period at a one-tail, 99% confidence level.

Truist utilizes a historical VaR methodology to measure and aggregate risks across its covered trading positions. The VaR calculation is based on a historical simulation approach and measures the potential trading losses using a one-day holding period at a one-tail, 99% confidence level.

As of December 31, 2024, the Company had $1.7 billion in obligations to purchase goods or services that are enforceable and legally binding. Many of the purchase obligations have terms that are not fixed and determinable and are included in the total amount of obligations based upon the estimated timing and amount of payment.

As of December 31, 2025, the Company had $1.3 billion in obligations to purchase goods or services that are enforceable and legally binding. Many of the purchase obligations have terms that are not fixed and determinable and are included in the total amount of obligations based upon the estimated timing and amount of payment.

ITEM 7. MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS MD&A is intended to assist readers in their analysis of the accompanying Consolidated Financial Statements and supplemental financial information.

At December 31, 2024, the ALLL was 2.7x annualized net charge-offs, compared to 3.0x at December 31, 2023. Truist Financial Corporation 67 The following table presents an allocation of the ALLL. The entire amount of the allowance is available to absorb losses occurring in any category of loans and leases.

At December 31, 2025, the ALLL was 3.0x net charge-offs, compared to 2.7x at December 31, 2024. Truist Financial Corporation 69 The following table presents an allocation of the ALLL. The entire amount of the allowance is available to absorb losses occurring in any category of loans and leases.

For additional income tax information, refer to “Note 1. Basis of Presentation” and “Note 14. Income Taxes.” Pension and Postretirement Benefit Obligations Truist offers various pension plans and postretirement benefit plans to teammates.

Refer to “Note 1. Basis of Presentation” and “Note 14. Income Taxes” for additional income tax information. Pension and Postretirement Benefit Obligations Truist offers various pension plans and postretirement benefit plans to teammates.

For the Company’s qualified plans, a decrease of 50 basis points in the discount rate would result in additional pension expense of approximately $20 million for 2025, while a decrease of 50 basis points in the expected return on plan assets would result in an increase of approximately $73 million in pension expense for 2025.

For the Company’s qualified plans, a decrease of 50 basis points in the discount rate would result in additional pension expense of approximately $20 million for 2026, while a decrease of 50 basis points in the expected return on plan assets would result in an increase of approximately $79 million in pension expense for 2026.

On an periodic basis, Truist conducts a table-top test of the Contingency Funding Plan to assess reliability of the plan during liquidity stress events and to simulate the operational elements of the plan such as communications, coordination, and decision-making.

On a periodic basis, Truist conducts a tabletop test of the Contingency Funding Plan to assess reliability of the plan during liquidity stress events and to simulate the operational elements of the plan such as communications, coordination, and decision-making.

The methodology used to determine an estimate for the RUFC is similar to that used to determine the funded component of the ALLL and is measured over the period there is a contractual obligation to extend credit that is not unconditionally cancellable.

The methodology used to determine an estimate of the reserve for unfunded commitments (RUFC) is similar to that used to determine the funded component of the ALLL and is measured over the period for which there is a contractual obligation to extend credit that is not unconditionally cancellable.

Management considers a range of macroeconomic forecast data in connection with the allowance estimation process. Under the range of scenarios considered as of December 31, 2024, use of the Company’s pessimistic scenario would have resulted in an increase to the modeled allowance results of approximately $2.2 billion.

Management considers a range of macroeconomic forecast data in the allowance estimation process. Under the range of scenarios considered as of December 31, 2025, use of the Company’s pessimistic scenario would have resulted in an increase to the modeled allowance results of approximately $2.4 billion.

Truist elects to measure certain loans at fair value for financial reporting where fair value aligns with the underlying business purpose. Trading loans include loans held in connection with the Company’s trading business primarily consisting of commercial and corporate leveraged loans and loans made or acquired in connection with the Company’s TRS business.

Truist elects to measure certain loans at fair value when such reporting aligns with the underlying business purpose. Trading loans include loans held in connection with the Company’s trading business primarily consisting of commercial and corporate leveraged loans and loans made or acquired in connection with the Company’s TRS business.

Table 39: Capital Requirements Minimum Capital Well-Capitalized Minimum Capital Plus Stress Capital Buffer (1) Truist Truist Bank CET1 4.5 % NA 6.5 % 7.3 % Tier 1 capital 6.0 6.0 % 8.0 8.8 Total capital 8.0 10.0 10.0 10.8 Leverage ratio 4.0 NA 5.0 NA Supplementary leverage ratio 3.0 NA NA NA (1) Reflects a SCB requirement of 2.8% applicable to Truist as of December 31, 2024.

Table 35: Capital Requirements Minimum Capital Well-Capitalized Minimum Capital Plus Stress Capital Buffer (1) Truist Truist Bank CET1 4.5 % NA 6.5 % 7.0 % Tier 1 capital 6.0 6.0 % 8.0 8.5 Total capital 8.0 10.0 10.0 10.5 Leverage ratio 4.0 NA 5.0 NA Supplementary leverage ratio 3.0 NA NA NA (1) Reflects an SCB requirement of 2.5% applicable to Truist as of December 31, 2025.

The major components of net interest income and the related annualized yields as well as the variances between the periods caused by changes in interest rates versus changes in volumes are summarized below. 50 Truist Financial Corporation Table 9: Taxable-Equivalent Net Interest Income and Rate / Volume Analysis 2024 vs. 2023 2023 vs. 2022 Year Ended December 31, (Dollars in millions) Average Balances (1) Annualized Yield/Rate (2) Income/Expense (2) Incr.

The major components of net interest income and the related annualized yields as well as the variances between the periods caused by changes in interest rates versus changes in volumes are summarized below. 52 Truist Financial Corporation Table 7: Taxable-Equivalent Net Interest Income and Rate / Volume Analysis Year Ended December 31, (Dollars in millions) Average Balances (1) Annualized Yield/Rate (2) Income/Expense (2) Incr.

The effective duration of the HTM securities portfolio was 7.0 years at December 31, 2024 and 7.3 years at December 31, 2023. 56 Truist Financial Corporation The following table presents the securities portfolio by major category of security holdings with ranges of maturities and average yields: Table 15: Securities Yields by Major Category and Maturity December 31, 2024 (Dollars in millions) AFS HTM Fair Value Effective Yield (1) Amortized Cost Effective Yield (1) U.S.

The effective duration of the HTM securities portfolio was 7.5 years at December 31, 2025, and 7.0 years at December 31, 2024. 58 Truist Financial Corporation The following table presents the securities portfolio by major category of security holdings with ranges of maturities and average yields: Table 12: Securities Yields by Major Category and Maturity December 31, 2025 (Dollars in millions) AFS HTM Fair Value Effective Yield (1) Amortized Cost Effective Yield (1) U.S.

As a market maker across different asset classes, Truist’s trading portfolio also contains other sub-portfolios, including foreign exchange, loan trading, and commodity derivatives; however, these portfolios do not generate material trading risk exposures. Valuation policies and methodologies exist for all trading positions. Additionally, these positions are subject to independent price verification. See “Note 19. Derivative Financial Instruments,” “Note 18.

Average short-term borrowings were $24.5 billion for the years ended December 31, 2024 and 2023, representing 5.5% and 5.2% of total funding, respectively. Long-term debt provides funding and, to a lesser extent, regulatory capital, and primarily consists of senior and subordinated notes issued by the Parent Company and Truist Bank.

Average short-term borrowings were $28.1 billion and $24.5 billion for the years ended December 31, 2025 and 2024, respectively. Long-term debt provides funding and, to a lesser extent, regulatory capital, and primarily consists of senior and subordinated notes issued by the Parent Company and Truist Bank.

Truist is also subject to risk-based capital guidelines for market risk under the Market Risk Rule. Covered Trading Positions Covered positions subject to the Market Risk Rule include trading assets and liabilities, specifically those held for the purpose of short-term resale or with the intent of benefiting from actual or expected short-term price movements or to lock in arbitrage profits.

Covered Trading Positions Covered positions subject to the Market Risk Rule include trading assets and liabilities, specifically those held for the purpose of short-term resale or with the intent of benefiting from actual or expected short-term price movements or to lock in arbitrage profits.

Ultimately, future potential changes in management’s assumptions may impact the estimated fair value of a reporting unit and cause the fair value of the reporting unit to be below its carrying value.

Ultimately, adverse performance in relation to management’s projections or potential future changes in management’s assumptions may impact the estimated fair value of a reporting unit and cause the fair value of the reporting unit to be below its carrying value.

The discount rate assumption used to measure the postretirement benefit obligations is set by reference to an AA Above Median corporate bond yield curve and the individual characteristics of the plans such as projected cash flow patterns and payment durations.

The discount rate assumption used to measure the postretirement benefit obligations is set by reference to a high-quality corporate bond yield curve and the individual characteristics of the plans such as projected cash flow patterns and payment durations.

Excluding government guaranteed loans, the ratio of loans 90 days or more past due and still accruing as a percentage of loans and leases HFI was 0.05% at December 31, 2024, up one basis point compared to December 31, 2023.

Excluding government guaranteed loans, the ratio of loans 90 days or more past due and still accruing as a percentage of loans and leases HFI was 0.05% at December 31, 2025, flat compared to December 31, 2024.

Table 14: Composition of Securities Portfolio (Dollars in millions) Dec 31, 2024 Dec 31, 2023 AFS securities (at fair value): U.S.

Table 11: Composition of Securities Portfolio (Dollars in millions) Dec 31, 2025 Dec 31, 2024 AFS securities (at fair value): U.S.

Truist Financial Corporation 83 ACL Truist’s ACL represents management’s best estimate of expected future credit losses related to the loan and lease portfolios and off-balance sheet lending commitments at the balance sheet date. Estimates of expected future loan and lease losses are determined by using statistical models and management’s judgement.

Allowance for Credit Losses (ACL) Truist’s ACL represents management’s best estimate of expected future credit losses related to the loan and lease portfolios and off-balance sheet lending commitments at the balance sheet date. Estimates of expected future loan and lease losses are determined by using statistical models and management’s judgment.

The fair value of interest rate lock commitments, which are related to mortgage loan commitments, is based on quoted market prices adjusted for commitments that Truist does not expect to fund and includes the value attributable to the net servicing fee. Refer to “Note 19. Derivative Financial Instruments” for further information on the Company’s derivatives.

The NSFR rule defines a minimum amount of stable, long-term funding that Truist and Truist Bank must maintain in relation to their asset composition and off-balance sheet activities. Truist and Truist Bank are subject to the Category III reduced NSFR requirements.

The other consumer loan portfolio includes: secured and unsecured loans originated through the Truist branch network marketed to qualifying clients and other creditworthy candidates in Truist’s market areas; LightStream, an online platform which originates fixed-rate, unsecured lending to consumers with strong credit; secured indirect installment loans to consumers for the purchase of new and used boats and recreational vehicles; Sheffield, a small ticket consumer lending division related to the purchase of power sports and outdoor power equipment; other indirect and point-of-sale lending to consumers, including through Service Finance, to finance home improvements, furniture purchases, certain elective health-care services; and unsecured loans originated via third-party partnerships, which are in run-off.

In addition to its normal underwriting due diligence, Truist uses application systems and scoring systems to help underwrite and manage the credit risk in its indirect auto portfolio. 60 Truist Financial Corporation Other Consumer Loan Portfolio The other consumer loan portfolio includes: secured and unsecured loans originated through the Truist branch network marketed to qualifying clients and other creditworthy candidates in Truist’s market areas; LightStream, an online platform which originates fixed-rate, unsecured lending to consumers with strong credit; secured indirect installment loans to consumers for the purchase of new and used boats and recreational vehicles; Sheffield, a small ticket consumer lending division related to the purchase of power sports and outdoor power equipment; other indirect and point-of-sale lending to consumers, including through Service Finance, to finance home improvements, furniture purchases, certain elective health-care services; and unsecured loans originated via third-party partnerships, which are in runoff.

Loans 30-89 days past due and still accruing totaled $1.9 billion at December 31, 2024, down $22 million compared to the prior year due to declines in the commercial and industrial, indirect auto, and other consumer portfolios, partially offset by increases in the residential mortgage and CRE portfolios.

Loans 30-89 days past due and still accruing totaled $2.0 billion at December 31, 2025, up $31 million compared to the prior year due to increases in the indirect auto, other consumer, and commercial construction portfolios, partially offset by declines in the commercial and industrial, CRE, and residential mortgage portfolios.

This estimate reflects the sensitivity of certain factors considered in calculation of pension expense but does not consider all factors that could increase or decrease estimates calculated. Refer to “Note 15. Benefit Plans” for disclosures related to the benefit plans. Truist Financial Corporation 87

These estimates reflect the sensitivity of certain factors considered in calculation of pension expense but does not consider all factors that could increase or decrease estimates calculated. Refer to “Note 15. Benefit Plans” for disclosures related to the benefit plans.

Table 20: Asset Quality Ratios Dec 31, 2024 Dec 31, 2023 Loans 30-89 days past due and still accruing as a percentage of loans and leases HFI 0.64 % 0.63 % Loans 90 days or more past due and still accruing as a percentage of loans and leases HFI 0.19 0.17 NPLs as a percentage of loans and leases HFI 0.47 0.44 NPLs as a percentage of total loans and leases (1) 0.46 0.46 NPAs as a percentage of: Total assets (1) 0.28 0.28 Loans and leases HFI plus foreclosed property 0.48 0.46 ALLL as a percentage of loans and leases HFI 1.59 1.54 Ratio of ALLL to NPLs 3.4x 3.5x Loans 90 days or more past due and still accruing as a percentage of loans and leases HFI, excluding government guaranteed (2) 0.05 % 0.04 % (1) Includes LHFS.

Table 17: Asset Quality Ratios Dec 31, 2025 Dec 31, 2024 Loans 30-89 days past due and still accruing as a percentage of loans and leases 0.60 % 0.64 % Loans 90 days or more past due and still accruing as a percentage of loans and leases 0.21 0.19 NPLs as a percentage of loans and leases 0.48 0.47 NPLs as a percentage of total loans and leases (1) 0.48 0.46 NPAs as a percentage of: Total assets (1) 0.30 0.28 Loans and leases plus foreclosed property 0.50 0.48 ALLL as a percentage of loans and leases 1.53 1.59 Ratio of ALLL to nonperforming loans and leases 3.2x 3.4x Loans 90 days or more past due and still accruing as a percentage of loans and leases, excluding government guaranteed (2) 0.05 % 0.05 % (1) Includes LHFS.

The ratio of loans 30-89 days or more past due and still accruing as a percentage of loans and leases HFI was 0.64% at December 31, 2024, up one basis point compared to the prior year. 62 Truist Financial Corporation Problem loans include NPLs and loans that are 90 days or more past due and still accruing as disclosed in Table 19.

The ratio of loans 30-89 days past due and still accruing as a percentage of loans and leases HFI was 0.60% at December 31, 2025, down four basis points compared to the prior year. 64 Truist Financial Corporation Problem loans include NPLs and loans that are 90 days or more past due and still accruing as disclosed in Table 16.

Eligible HQLA, for purposes of calculating the LCR, is the amount of unencumbered HQLA that satisfy operational requirements of the LCR rule. Truist and Truist Bank are subject to the Category III reduced LCR requirements. Truist held average weighted eligible HQLA of $89.6 billion and Truist’s average LCR was 109% for the three months ended December 31, 2024.

Eligible HQLA, for purposes of calculating the LCR, is the amount of unencumbered HQLA that satisfies operational requirements of the LCR rule. Truist and Truist Bank are subject to the Category III reduced LCR requirements. Truist held average weighted eligible HQLA of $91.7 billion and Truist’s average LCR was 111% for the three months ended December 31, 2025.

Truist paid $2.8 billion in common stock dividends, or $2.08 per share, during 2024 and for 2023. Truist repurchased $1.0 billion in common stock for 2024 and had no share repurchases for 2023. In early 2025, Truist declared common dividends of $0.52 per share for the first quarter of 2025.

Truist paid $2.7 billion in common stock dividends, or $2.08 per share, during 2025 and $2.8 billion, or $2.08 per share, during 2024. Truist repurchased $2.5 billion and $1.0 billion in common stock during 2025 and 2024, respectively. In early 2026, Truist declared common dividends of $0.52 per share for the first quarter of 2026.

Basis of Presentation.” Fair Value of Financial Instruments The vast majority of assets and liabilities measured at fair value on a recurring basis are based on either quoted market prices or market prices for similar instruments. Refer to “Note 18. Fair Value Disclosures” for additional disclosures regarding the fair value of financial instruments.

… 312 more changes not shown on this page.

Top changes in Truist Financial's 2025 10-K

Item 1. Business

Item 1A. Risk Factors

Item 1C. Cybersecurity

Item 2. Properties

Item 5. Market for Registrant's Common Equity

Item 7. Management's Discussion & Analysis

Other TFC 10-K year-over-year comparisons