The Consumer Financial Protection Bureau (CFPB) released the anticipated finalized rule for the Dodd-Frank Act section 1071 small-business lending rule. The rule formalized data collection and reporting requirements for lenders that lend to small businesses in the U.S.
According to the CFPB, the rule will work in concert with the Community Reinvestment Act, to analyze how financial institutions are meeting the needs of the communities they serve. The data collected will include geographic and demographic data, lending decisions, and the price of credit, amongt other things.
The collected data will be used by the bureau similarly to how it has utilized Home Mortgage Disclosure Act (HMDA) data. It will allow the CFPB to engage in enforcement actions to combat what it perceives as unlawful discrimination, as well as promoting greater economic development in majority-minority communities.
“Many local businesses were shuttered during the COVID-19 pandemic after they struggled to obtain credit under the Paycheck Protection Program,” CFPB Director Rohit Chopra said in the press release announcing the final rule. “This small-business loan census will give the public key data on this market to ensure that banks and nonbanks are serving small businesses fairly.”
The finalized rule will cover lenders making over 100 covered small-business loans per year. These lenders account for more than 95 percent of small-business loans by banks and credit unions. Like with mortgages, lenders will submit data points required by Congress, as well as additional data points typically already included in lender files.
The rule will cover closed-end loans, lines of credit, business credit cards, online credit products, and merchant cash advances by lenders, including non-depository financial institutions, banks, savings associations, and credit unions. Online lending by nonbanks, which is rapidly becoming a dominate market participant with particular impact for minority borrowers, also will be subject to reporting requirements.
To make it easy for lenders to know on which applications to collect data, the rule defines a small business as one with gross revenue under $5 million in its last fiscal year. The rule also includes a streamlined sample form for lenders to use, if they so choose, to collect demographic data from small business credit applicants.
The CFPB has undertaken significant planning to simplify implementation and prepare for the submission of data from thousands of lenders. While many of these lenders already report mortgage data, the CFPB recognizes small-business lending has a number of key differences. After considering a wide range of feedback and thousands of public comments, the bureau’s finalized rule allows for a streamlined and straightforward implementation process.
In its findings, the CFPB found there were key differences in how large financial institutions would implement the rule, compared with relationship-based local lenders. The final rule requires the largest lenders, which account for most of the small-business lending market, to collect and report data earlier than smaller lenders.
Specifically, lenders that originate at least 2,500 small-business loans annually must collect data starting Oct. 1, 2024. Lenders that originate at least 500 loans annually must collect data starting April 1, 2025. Lenders that originate at least 100 loans annually must collect data starting Jan. 1, 2026.
While the rule requires data collection and reporting for those that make at least 100 loans annually, the rule will still cover the vast majority of bank small-business lending, based on the CFPB’s analysis. Lenders originating less than 100 loans per year will still be required to adhere to fair lending laws.
Small businesses will be able to self-identify as women-, minority-, or LGBTQI+-owned businesses. Lenders will be able to rely on the financial and other information provided by the small business. Lenders and loan officers will not be expected or required to make their own determinations of an applicant’s race, ethnicity, or any other demographic information.
Loans reportable under HMDA will not need to be reported under the section 1071 rule. The rule also is designed to work in concert with rules under the Community Reinvestment Act’s (CRA) reporting requirements. Under the regulators’ CRA proposal, data submitted under the CFPB’s rule would satisfy the relevant CRA requirements.
The rule allows financial institutions to work with third parties, including industry consortia, to develop services and technologies that will aid in collecting and reporting data. While individual lenders are ultimately responsible for ensuring fair and accurate collection and reporting, the rule permits them to work with third parties, including industry consortia and other partners, to collect and report data in ways that are tailored to their business model.
The CFPB intends to issue a supplementary proposal that would, if finalized, provide additional implementation time for small lenders that have demonstrated high levels of success in serving their local communities, as measured by their performance under relevant frameworks like the CRA and similar state laws.
To emphasize financial institutions’ obligations to collect this data, the CFPB is also issuing a policy statement noting it intends to focus its supervisory and enforcement activities in connection with the new rule on ensuring that lenders do not discourage small-business loan applicants from providing responsive data, including responses to the requests to provide demographic information about their ownership.
Look for more, in-depth expert analysis of this new rule in the coming weeks from Dodd-Frank Update.