Audit Committee Charter

Purpose

The purpose of the Audit Committee of First M&F Corporation is to assist the Board of Directors of First M&F Corporation in fulfilling its oversight responsibilities for the financial reporting process, the system of internal control, the audit process, and the corporation’s process for monitoring compliance with laws and regulations and the code of conduct.

Authority

The Audit Committee of First M&F Corporation has the authority to conduct or authorize investigations into any matters within its scope of authority. It is charged with the following responsibilities and given full authority to:

• Appoint, compensate, and oversee the work of any and all registered public accounting firms employed by the corporation or any of its subsidiaries.



• Resolve any disagreements between management and the auditor(s) regarding financial reporting.



• Pre-approve all auditing and non-audit services



• Retain independent counsel, accountants, or others to advise the committee or assist in the conduct of an investigation.



• Seek any information it requires from employees – all of whom are directed to comply with the committee’s requests – or external parties.



• Meet with company officers, external auditors, or outside counsel as necessary.

Composition

The Audit Committee will consist of at least three and no more than six members of the Board of Directors of First M&F Corporation. The Board or its nominating chair will appoint committee members and the committee chair.

Each committee member will be both independent and financially literate. At least one member will be designated as the “financial expert”, as defined by applicable legislation and regulation. If it is not practical for the committee to have such financial expert, the committee will be responsible for the required disclosures (“A company that does not have an audit committee financial expert must disclose this fact and explain why it has no such expert.”) regarding this matter. The final wording of any such disclosures will be subject to approval by the full Board of Directors.

Meetings

The Audit Committee will meet at least four times a year, with authority to convene additional meetings, as circumstances require. All committee members are expected to attend each meeting. For those members who are unable to attend a specific meeting, an attempt will be made, if possible, for the member to participate in the meeting through a “conference call” setup. The Committee may invite members of management or others to attend meetings and provide pertinent information as deemed necessary by the Committee. It may hold private meetings with auditors and executive sessions, as deemed necessary. Meeting agendas will be prepared and provided in advance to committee members. Minutes will be taken in each meeting.

Responsibilities

The Audit Committee will carry out the following responsibilities:

Financial Statements

• Review significant accounting and reporting issues, including complex or unusual transactions and highly judgmental areas, and recent professional and regulatory pronouncements, and understand their impact on the financial statements.



• Review the results of the audit, including any difficulties encountered, with management and the external auditors.



• Review the annual financial statements, and consider whether they are complete, consistent with information known to committee members, and reflect appropriate accounting principles.



• Review other sections of the annual report and related regulatory filings before release and consider the accuracy and completeness of the information.



• Review with management and the external auditors all matters required to be communicated to the committee under Generally Accepted Auditing Standards.



• Understand how management develops interim financial information, and the nature and extent of internal and external auditor involvement.



• Review interim financial reports with management and the external auditors before filing with regulators, and consider whether they are complete and consistent with the information known to committee members.

Internal Control

• Consider the effectiveness of the company’s internal control system, including information technology security and control.



• Understand the scope of internal and external auditors’ review of internal control over financial reporting, and obtain reports on significant findings and recommendations, together with management’s response.

Internal Audit

• Review with management and the Internal Auditor the charter, plans, activities, staffing, and organizational structure of the internal audit function.



• Ensure there are no restrictions or limitations on the internal audit function and review and concur in the appointment, replacement, or dismissal of the Internal Auditor.



• Review the effectiveness of the internal audit function, including compliance with the Institute of Internal Auditors’ Standards for Professional Practice of Internal Auditing.



• On a regular basis, meet with the internal auditor to discuss any matters that the committee or internal auditors believe should be discussed privately.

External Audit

• Review the external auditors’ proposed audit scope and approach, including coordination of audit effort with internal auditors.



• Review the performance of the external auditors, and exercise final approval on the appointment or discharge of the auditors.



• Review and confirm the independence of the external auditors by obtaining statements from the auditors on relationships between the auditors and the company, including non-audit services, and discussing the relationships with the auditors.



• On a regular basis, meet separately with the external auditors to discuss any matters that the committee or auditors believe should be discussed privately.

Compliance

• Review the effectiveness of the system for monitoring compliance with laws and regulations and the results of management’s investigation and follow-up (including disciplinary action) of any instances of noncompliance



• Review the findings of any examinations by regulatory agencies and any auditor observations.



• Review the process for communicating the code of conduct to company personnel, and monitoring compliance therewith.



• Obtain regular updates from management and company legal counsel regarding compliance matters.

Reporting Responsibilities

• Regularly report to the Board of Directors about committee activities, issues, and related recommendations.



• Provide an open avenue of communication between internal audit, the external auditors, and the Board of Directors.



• Report annually to the shareholders, describing the committee’s composition, responsibilities, and how they were discharged, and any other information required by rule, including the approval of non-audit services.



• Review any other reports the company issues that relate to the committee’s responsibilities.

Compliant Handling

• Create a complaint procedure related to accounting, internal controls, or audit matters. Required attributes of the complaint handling procedure include:



1. Procedures for the receipt of complaints regarding accounting, internal accounting controls, or auditing matters.



2. Procedures for the retention and treatment of related complaints.



3. Procedures for employees to confidentially and/or anonymously submit any concerns regarding questionable accounting or auditing matters.

Other Responsibilities

• Perform other activities related to this charter as requested by the Board of Directors.



• Institute and oversee special investigations as needed.



• Review and access the adequacy of the committee’s charter annually, requesting board approval for proposed changes, and ensure appropriate disclosure as may be required by law or regulation.



• Confirm annually that all responsibilities outlined in this charter have been carried out.

This Audit Committee Charter is hereby approved and adopted by the Audit Committee of First M&F Corporation.

CharlesW. Ritter, Jr. – Chairman