Skip to main content

Looking for Valuant? You are in the right place!

Valuant is now Abrigo, giving you a single source to Manage Risk and Drive Growth

Make yourself at home – we hope you enjoy your new web experience.

Looking for DiCOM? You are in the right place!

DiCOM Software is now part of Abrigo, giving you a single source to Manage Risk and Drive Growth. Make yourself at home – we hope you enjoy your new web experience.

Dodd/Frank-CFPB small business lending data collection rule

Mary Ellen Biery
September 20, 2021
Read Time: 0 min

Data on loans to small businesses is CFPB's focus 

A proposed rule driven by Dodd-Frank Section 1071 requires a wide variety of lenders to collect new data on small business loans. 

You might also like this CFPB 1071 resources page created just for lenders


Data collection for small business lenders

Financial institutions, fintech companies, and other small business lenders will need to begin collecting a wide array of small business lending data under the Consumer Financial Protection Board’s (CFPB) proposed small business lending data collection rule.

Proposal issued

A broad small business lending data rule

The proposed CFPB small business data collection rule, unveiled Sept. 1, requires entities that have originated at least 25 “covered credit transactions” for small businesses in the previous two calendar years to collect loan data. The data is intended to help the CFPB enforce fair lending laws and could also be used by the government and small business lenders to identify the needs of businesses, said Michelle Lucci, Abrigo Regulatory Compliance Manager.

“They want to have a database for small businesses in the country, of which minority- and women-owned businesses will be a subset,” Lucci said. “COVID put it front and center that we didn’t have that, so they had no way to monitor how COVID affected those two groups.”

Lucci said all financial institutions should examine the proposed CFPB 1071 rule and provide feedback to the CFPB on its requirements. They should also consider how they would comply with the regulation, which doesn’t include an asset-based exemption threshold for depository institutions or any other general exemptions for particular types of financial institutions.

“This is much wider than just banks and credit unions,” Lucci said. “This will include any online lender, platform lender, fintech – this is going to be everybody.”

Commenters have until Nov. 30 to provide feedback on the proposed rule, which would be effective 90 days after publication of a final rule. Once the rule is final, lenders would have 18 months to comply.

What loans are covered

Small businesses: $5 million or less in revenues

The CPFB said covered transactions include several different types that are made to a small business, which the bureau would define as a business that had $5 million or less in gross annual revenue for its preceding fiscal year.

Types of transactions that would be considered "covered transactions" under the CFPB loan data collection rule include:

  • loans
  • lines of credit
  • credit cards
  • merchant cash advances
  • credit transactions for agricultural purposes


Transactions that would be excluded from the small business lending data collection rule include:

  • trade credit

  • public utilities credit

  • securities credit

  • incidental credit

  • factoring

  • leases

  • consumer-designated credit used for business purposes

  • credit secured by certain investment properties

  • motor vehicle dealers

The new rule stems from section 1071 of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (Dodd-Frank). It included a new requirement to collect and report to the CFPB small business lending data regarding applications for credit for women-owned, minority-owned, and small businesses. The bureau does not intend to require data on applications from women- and minority-owned businesses that are not small. It said it should capture data on nearly all women- and minority-owned businesses by covering small businesses since most existing businesses are small.

Stay up to date on small business lending regulation and other lending trends.

Collection requirements

Proposal: 20+ small business lending data points

Banks, credit unions, and other creditors would be required to collect more than 20 data points for each application. The CFPB said covered institutions could rely on borrowers to supply some information, such as the census tract of the business’s location, 6-digit North American Industry Classification System (NAICS) codes, and worker counts.

CFPB 1071 rule required data could include:

  • Application date and method
  • Credit type (product, guarantees, term)
  • Credit purpose (from a list of 15 options)
  • Amount applied for
    Amount approved or originated
  • Action taken and date of action
  • Reasons for denial (from a list of 10 choices)
  • Pricing information (interest rate, introductory rates, multiple rates, index name, and value for variable rates)
  • Origination charges
    Broker’s fees
  • Initial annual charges
  • Prepayment penalties
  • Census tract
  • Gross annual revenue
  • NAICS code
  • Number of people working for the business
  • Time in business
  • Minority-owned business status
  • Women-owned business status
  • Ethnicity, race, and sex of principal owners
  • Number of principal owners

Collection efforts

Business data rule might require process changes

Chris Friedman and Brian Epling, regulatory compliance lawyers who work with banks, fintechs, and other small business lenders from the Nashville firm of Bradley Arant Boult Cummings LLP, say the proposed rule will require both mechanical and cultural changes for many financial institutions.


Some data overlaps with HMDA

Some of the required data points, such as some applicant and demographic data points, are the same as those mandated under the Home Mortgage Disclosure Act (HMDA). Many lenders have something in place to handle that reporting, Epling said.

However, many data points are different. And perhaps more importantly, the proposed rule may require big changes in policies and procedures for some lenders.

“On your business lending side, folks aren’t really all that used to consumer-style regulations that folks on the mortgage side or the unsecured side of the house have to deal with,” Friedman said. Some bankers on the business side of financial institutions, especially the small business side, are surprised that the Equal Credit Opportunity Act applies to the commercial side of lending and are unaware of best practices that can lessen risk in that space, he said.

Abrigo has been closely tracking the development of the CFPB’s requirements to collect and report small business loan data. Product and compliance experts attend all relevant webinars and calls with the CFPB. Abrigo will add functionality to our commercial loan origination system to support upcoming compliance requirements once the final decisions have been made on the CFPB side.

In addition, Abrigo has and will continue to update resources to help banks and credit unions understand and prepare for what is expected to represent the most significant effort of small business lending data collection and reporting for financial institutions in nearly 50 years. Financial institutions can walk through requirements and preparations using a CFPB 1071 resource page for lenders that includes content, links to regulatory guidance, and more. Educational webinars will walk lenders through requirements and preparations. Finally, Abrigo consultants are also available to work with financial institutions to ensure the smooth adoption of the requirements.

Possible operating changes

In addition, some lenders will need operating changes, such as with their application process. Lenders that are used to working out tentative loan deals with business owners “on the backs of napkins” or via other more informal avenues will have to collect a lot more data, Epling said.

“This will be a shock on the lending side,” he said. “Sometimes they sort of operate in the Wild West, where they make a deal and sketch it out and then formalize it in a loan agreement. I don’t think that’s going to be the case anymore.”

“I can see where for the true relationship lenders, this is going to be a challenge,” Lucci said. However, the CFPB seems set on getting this data, and institutions should already be using digital systems to collect small business loan applications anyway, she said. “The days of a handshake and ‘I’ll give you a loan’ are long over. That really was in the smaller, more rural areas where the bank was owned by a family.….You know everybody, and you did this on a handshake. But that doesn’t really work anymore.”

She noted that taxpayers footing the bill for government insurance of financial institutions’ funding sources are driving the changes, because they want to know whether lenders are treating borrowers fairly.

“This information needs to be codified in a computer system,” Lucci said.


Rule comments due Nov. 30

Depending on the volume of comments the CFPB receives, the compliance date could be delayed, Lucci said, which might give financial institutions longer to prepare for the changes.

In the meantime, to submit comments on the proposed rule:

  • Visit the Federal eRulemaking Portal: Follow the instructions for submitting comments.
  • Email: [email protected]. Include Docket No. CFPB-2021-0015 or RIN 3170-AA09 in the subject line of the message.
  • Mail/Hand Delivery/Courier: Comment Intake—Section 1071 Small Business Lending Data Collection, Bureau of Consumer Financial Protection, 1700 G Street NW, Washington, DC 20552.

Financial institutions should begin now to review the proposed rule and provide input on it, given that the window for comments closes Nov. 30, said Lucci, Epling, and Friedman.

“Agencies want to do the right thing by all stakeholders, but they’re not going to know [something is] a problem unless you know it’s a problem and tell them," Friedman said.

““Agencies want to do the right thing by all stakeholders, but they’re not going to know [something is] a problem unless you know it’s a problem and tell them."

See the difference
"Digital Lending & Credit Automation: Before and After"

Download Keep me informed
About the Author

Mary Ellen Biery

Senior Strategist & Content Manager
Mary Ellen Biery is Senior Strategist & Content Manager at Abrigo, where she works with advisors and other experts to develop whitepapers, original research, and other resources that help financial institutions drive growth and manage risk. A former equities reporter for Dow Jones Newswires whose work has been published in

Full Bio

About Abrigo

Abrigo enables U.S. financial institutions to support their communities through technology that fights financial crime, grows loans and deposits, and optimizes risk. Abrigo's platform centralizes the institution's data, creates a digital user experience, ensures compliance, and delivers efficiency for scale and profitable growth.

Make Big Things Happen.