I will only send any information to auditors or examiners via a secure, encrypted transfer site. Our external auditors have one, and obviously there's FDIC connect and our state regulators' equivalent.
Once upon a time, long ago, in my first external audit, the auditor asked me to throw a couple of policies onto a USB drive for him to walk downstairs and plug into his laptop. Without thinking, I did as he requested. He then turned around and wrote me up for not encrypting the information on the USB drive (as is required by our policy). Entrapment!
But... lesson learned.