CFPB Proposes Small Business Lending Data Collection Rule as Required by Dodd-Frank Act | Practical Law

CFPB Proposes Small Business Lending Data Collection Rule as Required by Dodd-Frank Act | Practical Law

The Consumer Financial Protection Bureau (CFPB) issued a proposal to require certain financial institutions to collect and report to the CFPB data on small business credit applications. The proposal would amend the CFPB's Regulation B to implement changes to the Equal Credit Opportunity Act (ECOA) required by Section 1071 of the Dodd-Frank Act.

CFPB Proposes Small Business Lending Data Collection Rule as Required by Dodd-Frank Act

by Practical Law Finance
Published on 02 Sep 2021USA (National/Federal)
The Consumer Financial Protection Bureau (CFPB) issued a proposal to require certain financial institutions to collect and report to the CFPB data on small business credit applications. The proposal would amend the CFPB's Regulation B to implement changes to the Equal Credit Opportunity Act (ECOA) required by Section 1071 of the Dodd-Frank Act.
On September 1, 2021, the Consumer Financial Protection Bureau (CFPB) issued a proposed rule (proposed rule) that would require certain financial institutions to collect and report to the CFPB data on small business credit applications. The proposed rule would amend the CFPB's Regulation B (12 C.F.R. §§ 1002.1 to 1002.16) to implement changes to the Equal Credit Opportunity Act (ECOA) (15 U.S.C. §§ 1691 to 1691f) required by Section 1071 of the Dodd-Frank Act (Section 1071). Section 1071 amended ECOA by inserting a new Section 704B (15 U.S.C. § 1691c-2).
The CFPB requests comments to the proposed rule no later than January 6, 2022.

Background

Section 1071:
  • Amended ECOA to require financial institutions to collect and report to the CFPB certain data regarding applications for credit for women-owned, minority-owned, and small businesses.
  • Specified several data points that financial institutions must collect.
  • Authorizes the CFPB to require collection of additional data that the CFPB determines would aid in fulfilling Section 1071's purposes, which are:
    • facilitating enforcement of fair lending laws; and
    • enabling communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.

Proposed Rule

Financial Institutions Covered by the Proposed Rule

The proposed rule would apply Section 1071's requirements to any entity (covered financial institution) that both:
Covered financial institutions would include:
  • Depository institutions (that is, banks, savings associations, and credit unions).
  • Online lenders.
  • Platform lenders.
  • Depository and non-depository community development financial institutions.
  • Lenders involved in equipment and vehicle financing.
  • Commercial finance companies.
  • Governmental lending entities.
  • Nonprofit lenders.

Small Businesses Under the Proposed Rule

A small business would be a business concern or small business concern as set out in the Small Business Act (15 U.S.C. §§ 631 to 657n) and regulations of the US Small Business Administration (SBA). However, subject to SBA approval, instead of using the SBA's size standards, the proposed rule would define a business as small if it had $5 million or less in gross annual revenue for its preceding fiscal year.

Credit Transactions Covered by the Proposed Rule

The proposed rule would require a covered financial institution to collect and report data and satisfy other requirements for any oral or written requests (covered applications) for business credit (as defined in Regulation B) for small businesses (covered credit transaction), including those owned by women and minorities. It would not require collection and reporting of data for applications from women- or minority-owned businesses that are not small businesses.
Under the proposed rule:
  • Covered applications would exclude:
    • any revaluation request, extension request, or renewal request on an existing business credit unless the request seeks additional credit; and
    • inquiries and prequalification requests.
  • Covered credit transactions would include loans, lines of credit, credit cards, and merchant cash advances (including credit transactions for agricultural purposes and those covered by the Home Mortgage Disclosure Act (HMDA) (12 U.S.C. §§ 2801 to 2810)), but would exclude:

Data to be Collected and Reported

For each covered application from a small business, the proposed rule would require a covered financial institution to collect and report data that:
  • Are generated or provided by the financial institution, including:
    • a unique identifier for the covered application or covered credit transaction;
    • the application date;
    • how the small business submitted the covered application;
    • whether the covered application was received directly or indirectly through an unaffiliated third party;
    • the action taken by the covered financial institution;
    • the action taken date;
    • for a denied covered application, the denial reasons; and
    • for an originated or approved covered application that was not accepted by the small business, the amount approved and the pricing information. Pricing information includes the interest rate, total origination charges, broker fees, initial annual charges, additional cost for merchant cash advances or other sales-based financing, and prepayment penalties.
  • Could be provided by the small business or determined by the covered financial institution by reviewing information provided by the small business or a third party, including information related to the credit being applied for and to the small business. The information related to the credit being applied for would be:
    • the credit type (including the credit product, types of guarantees, and loan term);
    • the credit purpose; and
    • the amount applied for.
    The information related to the small business would be:
    • a census tract based on an address or location provided by the small business;
    • the small business's gross annual revenue for its preceding fiscal year;
    • the small business's six-digit North American Industry Classification System (NAICS) code;
    • the number of the small business's non-owner workers;
    • the small business's time in business; and
    • the number of principal owners of the small business.
  • Address the demographics of the small business's principal owners or ownership status, including:
    • the small business's minority-owned or women-owned business status; and
    • the principal owners' ethnicity, race, and sex.
    Generally, a covered financial institution would be required to ask the small business to provide this information. However, if the small business does not provide any ethnicity, race, or sex information for at least one principal owner, the covered financial institution would be required to collect at least one principal owner's race and ethnicity (but not sex) from a visual observation or surname if the covered financial institution meets with any principal owner in person or by electronic media with an enabled video component.
    Minority-owned and women-owned business status would only be reported based on information the small business provides. Financial institutions cannot permit or require the reporting of this status based on visual observation, surname, or any other basis.
The proposed rule includes a sample data collection form with notices to small businesses that:
  • A financial institution cannot discriminate based on a small business's minority-owned or women-owned business status or on any principal owner's ethnicity, race, or sex.
  • A small business is not required to respond to a financial institution's inquiries about the small business's minority-owned or women-owned business status or any principal owner's ethnicity, race, or sex.
The proposed rule:
  • Would require covered financial institutions to maintain procedures to collect data to be provided by a small business at a time and in a manner that is reasonably designed to obtain a response.
  • Addresses how covered financial institutions should report data they cannot obtain from a small business despite these procedures.
  • Would permit covered financial institutions to rely on written or oral statements and on information provided by a small business. However, the covered financial institution:
    • must report verified information if it chooses to verify the information; and
    • cannot verify any responses to inquiries about the small business's minority-owned or women-owned business status or any principal owner's ethnicity, race, or sex.

Reporting of Collected Data

The proposed rule would require a covered financial institution to:
  • Collect data on a calendar-year basis and report it to the CFPB by June 1 of the following calendar year.
  • Make available to the public on its website, or otherwise on request, a statement that the covered financial institution's small business lending application register, as modified by the CFPB to protect privacy interests, is or will be available on the CFPB's website.

Limited Access to Certain Data

The proposed rule would prohibit an employee or officer of a covered financial institution from accessing a small business's responses to inquiries about its minority-owned or women-owned business status or any principal owner's ethnicity, race, or sex if the employee or officer is involved in making any determination regarding the small business's covered application. However, such an employee or officer could access these responses if the covered financial institution:
  • Determines that limiting the employee's or officer's access would not be feasible.
  • Provides the small business with a notice about the access.

Recordkeeping Requirement

Covered financial institutions would be required to:
  • Retain evidence of compliance, including a copy of small business lending application registers, for at least three years.
  • Segregate a small business's responses to inquiries about its minority-owned or women-owned business status or any principal owner's ethnicity, race, or sex from the rest of the small business's application and accompanying information.

Proposed Safe Harbors

The proposed rule has safe harbors for:
  • Incorrect entries of census tracts, NAICS codes, and application dates.
  • Incorrect determinations of small business status. Specifically, if a covered financial institution initially determines an applicant for a covered credit transaction is a small business but later concludes it is not a small business, the covered financial institution would not violate ECOA or the final rule implementing Section 1071 if it collected information about the applicant's minority-owned or women-owned business status or any principal owner's ethnicity, race, or sex.

Proposed Effective Date and Compliance Date

A final rule implementing Section 1071 would be effective 90 days after its publication in the Federal Register, but the compliance date of the final rule would be approximately 18 months after publication in the Federal Register.
However, a financial institution could:
  • Begin collecting minority-owned business status, women-owned business status, and principal owners' ethnicity, race, and sex information before the compliance date.
  • Use either the two calendar years immediately preceding the effective date or the second and third years preceding the compliance date to determine if it meets the origination threshold.