A proposed rule driven by Dodd-Frank Section 1071 requires a wide variety of lenders to collect new data on small business loans.
The CFPB's proposed rule applies to any lender with 25 or more covered transactions and many types of credits.
Banks, credit unions, and other creditors would be required to collect more than 20 data points for each application.
Some data points are the same as HMDA, but the rule may require process and culture changes for some lenders.
Financial institutions, fintech companies, and other small business lenders will need to begin collecting a wide array of small business lending data under the Consumer Financial Protection Board’s (CFPB) proposed small business lending data collection rule.
The proposed small business lending data collection rule, unveiled Sept. 1, requires entities that have originated at least 25 “covered credit transactions” for small businesses in the previous two calendar years to collect loan data. The data is intended to help the CFPB enforce fair lending laws and could also be used by the government and small business lenders to identify the needs of businesses, said Michelle Lucci, Abrigo Regulatory Compliance Manager.
“They want to have a database for small businesses in the country, of which minority- and women-owned businesses will be a subset,” Lucci said. “COVID put it front and center that we didn’t have that, so they had no way to monitor how COVID affected those two groups.”
Lucci said all financial institutions should examine the proposed rule and provide feedback to the CFPB on its requirements. They should also consider how they would comply with the regulation, which doesn’t include an asset-based exemption threshold for depository institutions or any other general exemptions for particular types of financial institutions.
“This is much wider than just banks and credit unions,” Lucci said. “This will include any online lender, platform lender, fintech – this is going to be everybody.”
Commenters have until Nov. 30 to provide feedback on the proposed rule, which would be effective 90 days after publication of a final rule. Once the rule is final, lenders would have 18 months to comply.
The CPFB said covered transactions include several different types that are made to a small business, which the bureau would define as a business that had $5 million or less in gross annual revenue for its preceding fiscal year.
trade credit
public utilities credit
securities credit
incidental credit
factoring
leases
consumer-designated credit used for business purposes
credit secured by certain investment properties
motor vehicle dealers
The new rule stems from section 1071 of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (Dodd-Frank). It included a new requirement to collect and report to the CFPB small business lending data regarding applications for credit for women-owned, minority-owned, and small businesses. The bureau does not intend to require data on applications from women- and minority-owned businesses that are not small. It said it should capture data on nearly all women- and minority-owned businesses by covering small businesses since most existing businesses are small.
Banks, credit unions, and other creditors would be required to collect more than 20 data points for each application. The CFPB said covered institutions could rely on borrowers to supply some information, such as the census tract of the business’s location, 6-digit North American Industry Classification System (NAICS) codes, and worker counts.
Chris Friedman and Brian Epling, regulatory compliance lawyers who work with banks, fintechs, and other small business lenders from the Nashville firm of Bradley Arant Boult Cummings LLP, say the proposed rule will require both mechanical and cultural changes for many financial institutions.
Some of the required data points, such as some applicant and demographic data points, are the same as those mandated under the Home Mortgage Disclosure Act (HMDA). Many lenders have something in place to handle that reporting, Epling said.
However, many data points are different. And perhaps more importantly, the proposed rule may require big changes in policies and procedures for some lenders.
“On your business lending side, folks aren’t really all that used to consumer-style regulations that folks on the mortgage side or the unsecured side of the house have to deal with,” Friedman said. Some bankers on the business side of financial institutions, especially the small business side, are surprised that the Equal Credit Opportunity Act applies to the commercial side of lending and are unaware of best practices that can lessen risk in that space, he said.
In addition, some lenders will need operating changes, such as with their application process. Lenders that are used to working out tentative loan deals with business owners “on the backs of napkins” or via other more informal avenues will have to collect a lot more data, Epling said.
“This will be a shock on the lending side,” he said. “Sometimes they sort of operate in the Wild West, where they make a deal and sketch it out and then formalize it in a loan agreement. I don’t think that’s going to be the case anymore.”
“I can see where for the true relationship lenders, this is going to be a challenge,” Lucci said. However, the CFPB seems set on getting this data, and institutions should already be using digital systems to collect small business loan applications anyway, she said. “The days of a handshake and ‘I’ll give you a loan’ are long over. That really was in the smaller, more rural areas where the bank was owned by a family.….You know everybody, and you did this on a handshake. But that doesn’t really work anymore.”
She noted that taxpayers footing the bill for government insurance of financial institutions’ funding sources are driving the changes, because they want to know whether lenders are treating borrowers fairly.
“This information needs to be codified in a computer system,” Lucci said.
Depending on the volume of comments the CFPB receives, the compliance date could be delayed, Lucci said, which might give financial institutions longer to prepare for the changes.
In the meantime, to submit comments on the proposed rule:
Financial institutions should begin now to review the proposed rule and provide input on it, given that the window for comments closes Nov. 30, said Lucci, Epling, and Friedman.
“Agencies want to do the right thing by all stakeholders, but they’re not going to know [something is] a problem unless you know it’s a problem and tell them," Friedman said.
Abrigo enables U.S. financial institutions to support their communities through technology that fights financial crime, grows loans and deposits, and optimizes risk. Abrigo's platform centralizes the institution's data, creates a digital user experience, ensures compliance, and delivers efficiency for scale and profitable growth.
Make Big Things Happen.
