CFPB Finalizes Rule on Small Business Lending Data Collection

The final rule defines a small business as one with gross revenue under USD 5 million in its last fiscal year and is applicable to lenders making over 100 covered small business loans per year, which accounts for more than 95% of the small business loans by banks and credit unions. It covers all entities making over 100 small business loans, which include, but are not limited to, depository institutions, online lenders, platform lenders, community development financial institutions, lenders involved in equipment and vehicle financing, farm credit system lenders, commercial finance companies, merchant cash advance providers, governmental lending entities, and nonprofit lenders. The rule covers diverse forms of credit, including closed-end loans, lines of credit, business credit cards, online credit products, and merchant cash advances by banks, credit unions, and other lenders. A financial institution that is not a covered financial institution may voluntarily collect data under the final rule in certain circumstances. The final rule will come in effect after 90 days following that of its publication in the Federal Register. The compliance date in the final rule differs depending on the number of covered originations that a financial institution originated in 2022 and 2023. Largest lenders, which cover the bulk of the market, are required to collect and report data earlier than smaller lenders:

• Lenders that originate at least 2,500 small business loans must collect data starting October 01, 2024.
• Lenders that originate at least 500 loans must collect data starting April 01, 2025.
• Lenders that originate at least 100 loans must collect data starting January 01, 2026.
• In addition, lenders originating less than 100 loans will be required to adhere to fair lending laws.

The rule provides a streamlined sample form for lenders to collect demographic data from small business credit applicants. CFPB has also provided a Filing Instructions Guide, which contains additional information regarding the submission of data. The final rule requires a covered financial institution to report data points that

• the financial institution generates, such as unique identifier; the application date; the application method; the application recipient; the action taken by the covered financial institution on the application, including why the application was denied if that is the case; and the action taken date. 
• are based on information that could be collected from the applicant or an appropriate third-party source. These data points include credit type; credit purpose; the amount applied for; a census tract based on an address or location provided by the applicant; gross annual revenue for the applicant’s preceding fiscal year; a three-digit North American Industry Classification System (NAICS) code for the applicant; the number of people working for the applicant; the applicant’s time in business; and the number of the applicant’s principal owners.
• are based solely on the demographic information collected from an applicant. These data points are the applicant’s minority-owned business status, women-owned business status, and LGBTQI+-owned business status; and the applicant’s principal owners’ ethnicity, race, and sex.

Loans reportable under the Home Mortgage Disclosure Act, or HMDA, will not need to be reported under the small business lending rule. Additionally, the rule is designed to work in concert with rules under the reporting requirements of the Community Reinvestment Act or CRA. The rule allows financial institutions to work with third parties, including industry consortia, to develop services and technologies that will aid in collecting and reporting data. CFPB also plans to provide Application Programming Interfaces, or APIs, in an open-source environment to spur the development of accurate and efficient data reporting tools. CFPB intends to issue a supplementary proposal that would, if finalized, provide additional implementation time for small lenders that have demonstrated high levels of success in serving their local communities, as measured by their performance under relevant frameworks like the Community Reinvestment Act and similar state laws. The small business lending data captured by this rule is expected to give investors and lenders more insights to identify new opportunities that support economic growth, help policymakers measure the effectiveness of any government programs, and provide a data-driven approach to detect potential discrimination. 

Related Links

• Press Release
• Final Rule on Small Business Lending
• Executive Summary of the Final Rule (PDF)
• CFPB Policy Statement (PDF)
• Filing Instructions Guide