Skip to Content

Governance Overview

Board of Directors & Corporate Governance

We believe that having a Board of Directors (the “Board”) that is comprised of members of different backgrounds, skills and perspectives ensures an effective governing body. Our Board values the insights brought through diversity in professional experience and diversity in gender, racial, ethnic and national backgrounds. Our Nominating and Corporate Governance Committee assesses these factors in the director selection and nomination process.

Key Demographics of our 2026 Board:

  • Female Board of Directors: 33%
  • Nationality/Ethnic Diversity: 44%
  • Average Age: 65
  • Independence: 89%
  • C-Suite Experience: 89%
  • Average Board Tenure: 10.4 years

Eight of our nine directors are independent. The Board has elected a Lead Independent Director who presides over executive sessions at each regular board meeting with the non-management directors.

The Board members annually complete a self-evaluation with key topics such as board composition and culture; information and resources; and effectiveness and oversight. Through this evaluation process, the directors assess performance, identify areas for improvement and provide feedback.

Board Highlights

  • Only independent directors serve on the Audit, Risk, Compensation, and Nominating and Corporate Governance committees of the Board
  • Directors and named executive officers (“NEOs”) are required to hold Company stock
  • Board and Board committee performance evaluations are completed annually
  • We consider diversity of skills, backgrounds, and perspectives, including diversity with respect to gender, ethnicity and areas of expertise, in Board composition
  • Our directors bring diverse skills and experience aligned with the Company's strategy, supporting effective Board oversight
  • The Board and its committees have access to independent experts and advisors
  • The Compensation Committee utilizes the services of an independent compensation consultant
  • Ongoing risk oversight is performed by the Risk Committee

For additional information, please refer to the 2026 Proxy Statement.

Sound Governance Practices

Our Board of Directors has adopted several governing documents to establish an effective and robust governance framework:

  • The Corporate Governance Guidelines addresses the composition and functions of the Board, director independence, compensation of directors, management succession and review, Board committees and selection of new directors.
  • The Code of Conduct provides a clear statement of our mission and values and applies to all directors, officers, employees, agents (including consultants and contractors) and temporary personnel of the Company.
  • The Code of Ethics for Principal Executive and Senior Financial Officers promotes high ethical standards of conduct and compliance with laws for our principal executive officer, principal financial officer, principal accounting officer and controller (or persons performing similar functions).
  • The Insider Trading Policy governs the purchase, sale and other dispositions of the Company’s securities by our directors, officers, associates, and employees, affiliates, advisors and consultants, including certain family members and related parties.
Risk Management and Oversight

The Board oversees our "three lines of defense" risk management framework, including the company-wide approach to risk management, carried out by management. Our Board determines the appropriate levels of risk for the Company generally, assesses the specific risks faced by us and reviews the steps taken by management to manage those risks. While the full Board of Directors maintains the ultimate oversight responsibility for risk management, the Board committees oversee risk in specific areas.

Risk Governance Key Documents

The Enterprise Risk Management (ERM) Framework establishes enterprise-wide governance and risk management requirements for monitoring the following categories of risk: credit risk, market risk, liquidity risk, strategic risk, operational risk, compliance risk, and BSA/AML risk.

The Risk Appetite Statement sets forth guidelines for the aggregate levels of acceptable risk across multiple dimensions and forms the basis of the Company's enterprise risk management framework. It further defines the boundaries for the type and amount of risk that may be undertaken by the Company in pursuing business objectives and initiatives.

Board Committees and Risk Oversight

The Risk Committee plays a key role in the Board of Directors' exercise of its risk oversight function. The Risk Committee assists the Board in overseeing the ERM Framework, including the Risk Appetite Statement, risk tolerances and limits, and risk management infrastructure. The Risk Committee oversees the risk assessment process to assist the Board and management in identifying emerging risks that could potentially impact the Company's strategic objectives and business plan. The Risk Committee reviews regular reporting related to risk management and governance.

The Audit Committee supports the Board's risk management oversight responsibilities through its oversight of the Company's financial reporting risks and the guidelines, policies and processes for managing such risks, including internal controls over financial reporting. The Audit Committee conducts its risk oversight in a variety of ways, including reviewing management's assessment of the Company's internal control over financial reporting, and reviewing and approving the Company's significant accounting policies. Additionally, the Company's independent registered public accounting firm regularly discusses risks and related mitigation measures that may come to their attention during its regular reviews and audits of the Company's financial statements with the Audit Committee. To ensure candid and complete reporting, the Audit Committee regularly meets in separate executive sessions with the Company's Chief Audit Executive and the Company's independent registered public accounting firm.

The Compensation Committee is responsible for overseeing the management of risks relating to our executive compensation plans and practices, as well as the incentives created by the compensation awards it administers. The Compensation Committee reviews the Company’s incentive plans to ensure that they appropriately balance risk and reward and do not encourage inappropriate risk taking.

The Nominating and Corporate Governance Committee assists the Board in establishing and maintaining effective corporate governance policies and practices. The Nominating and Corporate Governance Committee also assists with matters related to Board composition, leadership, independence, and structure and with respect to management succession planning. The Nominating and Corporate Governance oversees Director orientation and continuing education, which may cover current and emerging risks.

Risk Management Execution

At the Board level, the Risk Committee is responsible for the oversight responsibilities over the Company’s execution of the ERM Framework and the overall governance structure that supports it.

The Board has delegated certain risk management functions to specific management level committees at the BankUnited, N.A. (the “Bank”) level.  The primary role of these committees is to oversee the operational implementation of our business strategies and objectives and ensure alignment with the Board's stated risk appetite.

At the Bank level, the Enterprise Risk Management Committee (“ERMC”), composed of executive and senior members of management, provides general oversight, guidance and monitoring related to design, administration and implementation of the policies, processes and controls intended to carry out the purposes of the framework and ensure compliance with applicable laws and regulations.

The Board has delegated certain risk management functions to specific management committees at the Bank level. In addition to the ERMC, which is the main governing committee, the Bank management committees include: Credit Risk Management Committee; Asset-Liability Committee; Operational Risk Management Committee; Financial Crimes Compliance Committee; Ethics Committee; Compliance Committee; and Corporate Disclosure Committee. The primary role of these committees is to oversee the operational implementation of our business strategies and objectives and ensure alignment with the Board's stated risk appetite.

Information Security and Cybersecurity Risk Oversight

Our Board, through its Risk Committee, oversees the management of cybersecurity risk, and ratifies on an annual basis our information security policies and programs, which include the Cybersecurity Framework. The Chief Information Security Officer (“CISO”) has primary operational responsibility for establishing, maintaining and overseeing the Company's cybersecurity program. The CISO reports to our Chief Risk Officer. The Risk Committee receives regular reporting from the CISO on cybersecurity risks and the execution of the cybersecurity program. At the Bank management committee level, the ERMC provides oversight over the governance framework for our information security and cybersecurity programs, and the Operational Risk Management Committee provides oversight over the operational execution of the programs. For more detailed information about our cybersecurity risk management and strategy and our cybersecurity program, see Item 1C “Cybersecurity” in the Company's Form 10-K.

In 2025, Clarium Managed Services, LLC, an independent third-party cybersecurity firm, completed a 2025 Cyber Security Risk Assessment that resulted in a score of 5 on a scale of 0 to 5, with a high score indicating the maturity of the cybersecurity posture. The assessment concluded that the Company maintains a mature and robust cybersecurity posture with low overall risk. The Company has not identified any material cybersecurity incidents during the past three fiscal years. Our Board also engages in oversight related to the Company’s adoption of AI and management of related risks.

In July 2025, the Company established an AI and Data Advisory Group comprised of key stakeholders from business lines and information technology functions. This group supports AI governance, enablement, and data and AI risk management to promote responsible innovation and enhance enterprise-wide data awareness. Management provides regular updates to the Risk Committee regarding the Company’s use of AI models, AI initiatives, and related risk management practices. The CISO also provides periodic updates to the Risk Committee on AI-related matters, and the Audit Committee receives updates on AI initiatives as they relate to matters within its oversight responsibilities.

 
Communications with the Board of Directors

We engage with our shareholders throughout the year. The Board recognizes the importance of maintaining strong relationships with our shareholders and values their perspectives in helping to shape our priorities, policies and practices. We regularly have discussions with shareholders, potential shareholders, proxy advisory services and investment analysts. Our CEO and CFO participate in investor conferences and other one-on-one in person and virtual meetings with shareholders and potential shareholders throughout the year.

Any interested parties desiring to communicate with the Board of Directors or any of the independent directors regarding the Company may directly contact such directors by delivering such correspondence to such directors (or the entire Board) in care of the Company's Corporate Secretary at BankUnited, Inc., 14817 Oak Lane, Miami Lakes, FL 33016.

The Audit Committee has established procedures for the receipt, retention and treatment of complaints received by us regarding accounting, internal control over financial reporting and auditing matters and the confidential, anonymous submission by our employees of concerns regarding questionable accounting or auditing matters. Persons wishing to communicate with the Audit Committee may do so by writing in care of the Chairman, Audit Committee, BankUnited, Inc., 14817 Oak Lane, Miami Lakes, FL 33016.

Responsible Banking

Engagement with Our Regulators

We routinely engage with our regulators through regularly scheduled meetings with senior management, examinations, on-going supervisory activities and an established reporting framework. We believe our regulatory relations are strong.

Protecting our Customers’ Privacy and Data

BankUnited is committed to protecting our customers through our privacy policies. Our Privacy Notice and Online and Mobile Privacy Policy Statement explain what personal information we collect about consumers, why we collect it, how we protect it and how and why in certain cases we may share it.

We maintain security standards and procedures to help prevent unauthorized access to confidential information about our customers and update and test the technology to improve the protection of our information.

Details of our commitment to privacy can be found on our website at https://www.bankunited.com/privacy.