CFPB Finalizes Rule on Small Business Lending Data Collection
The Consumer Financial Protection Bureau (CFPB) published a final rule that sets out data collection requirements on small business lending, under section 1071 of the Dodd-Frank Act. The final rule requires covered financial institutions to collect and report certain data about covered applications from small businesses and allows for the creation of the first comprehensive public database that covers small business lending practices.
The final rule defines a small business as one with gross revenue under USD 5 million in its last fiscal year and is applicable to lenders making over 100 covered small business loans per year, which accounts for more than 95% of the small business loans by banks and credit unions. It covers all entities making over 100 small business loans, which include, but are not limited to, depository institutions, online lenders, platform lenders, community development financial institutions, lenders involved in equipment and vehicle financing, farm credit system lenders, commercial finance companies, merchant cash advance providers, governmental lending entities, and nonprofit lenders. The rule covers diverse forms of credit, including closed-end loans, lines of credit, business credit cards, online credit products, and merchant cash advances by banks, credit unions, and other lenders. A financial institution that is not a covered financial institution may voluntarily collect data under the final rule in certain circumstances. The final rule will come in effect after 90 days following that of its publication in the Federal Register. The compliance date in the final rule differs depending on the number of covered originations that a financial institution originated in 2022 and 2023. Largest lenders, which cover the bulk of the market, are required to collect and report data earlier than smaller lenders:
- Lenders that originate at least 2,500 small business loans must collect data starting October 01, 2024.
- Lenders that originate at least 500 loans must collect data starting April 01, 2025.
- Lenders that originate at least 100 loans must collect data starting January 01, 2026.
- In addition, lenders originating less than 100 loans will be required to adhere to fair lending laws.
The rule provides a streamlined sample form for lenders to collect demographic data from small business credit applicants. CFPB has also provided a Filing Instructions Guide, which contains additional information regarding the submission of data. The final rule requires a covered financial institution to report data points that
- the financial institution generates, such as unique identifier; the application date; the application method; the application recipient; the action taken by the covered financial institution on the application, including why the application was denied if that is the case; and the action taken date.
- are based on information that could be collected from the applicant or an appropriate third-party source. These data points include credit type; credit purpose; the amount applied for; a census tract based on an address or location provided by the applicant; gross annual revenue for the applicant’s preceding fiscal year; a three-digit North American Industry Classification System (NAICS) code for the applicant; the number of people working for the applicant; the applicant’s time in business; and the number of the applicant’s principal owners.
- are based solely on the demographic information collected from an applicant. These data points are the applicant’s minority-owned business status, women-owned business status, and LGBTQI+-owned business status; and the applicant’s principal owners’ ethnicity, race, and sex.
Loans reportable under the Home Mortgage Disclosure Act, or HMDA, will not need to be reported under the small business lending rule. Additionally, the rule is designed to work in concert with rules under the reporting requirements of the Community Reinvestment Act or CRA. The rule allows financial institutions to work with third parties, including industry consortia, to develop services and technologies that will aid in collecting and reporting data. CFPB also plans to provide Application Programming Interfaces, or APIs, in an open-source environment to spur the development of accurate and efficient data reporting tools. CFPB intends to issue a supplementary proposal that would, if finalized, provide additional implementation time for small lenders that have demonstrated high levels of success in serving their local communities, as measured by their performance under relevant frameworks like the Community Reinvestment Act and similar state laws. The small business lending data captured by this rule is expected to give investors and lenders more insights to identify new opportunities that support economic growth, help policymakers measure the effectiveness of any government programs, and provide a data-driven approach to detect potential discrimination.
- Press Release
- Final Rule on Small Business Lending
- Executive Summary of the Final Rule (PDF)
- CFPB Policy Statement (PDF)
- Filing Instructions Guide
Keywords: Americas, US, Banking, Lending, Small Business Lending, Credit Risk, Reporting, Data Collection, Dodd Frank Act, Community Reinvestment Act, HMDA, CFPB
Scott is a Director in the Regulatory and Accounting Solutions team responsible for providing accounting expertise across solutions, products, and services offered by Moody’s Analytics in the US. He has over 15 years of experience leading auditing, consulting and accounting policy initiatives for financial institutions.
Advises U.S. and Canadian financial institutions on risk and finance integration, CCAR/DFAST stress testing, IFRS9 and CECL credit loss reserving, and credit risk practices.
Skilled market researcher; growth strategist; successful go-to-market campaign developer
Previous ArticleFASB Proposes Standard on Accounting and Disclosure of Crypto-Assets
ECB Finds Banks Unprepared for Pillar 3 Climate Risk Disclosures
The European Central Bank (ECB) published results of the 2022 supervisory assessment of climate-related and environmental risk disclosures among significant institutions (103) and a selected number of less significant institutions (28).
NCUA Assesses Credit Union Exposure to Climate-Related Physical Risks
The National Credit Union Administration (NCUA) released a Research Note that examines the exposure of credit unions to climate-related physical risks. In a related development
EBA Issues Multiple Regulatory and Reporting Updates for Banks
The European Banking Authority (EBA) is seeking comments, until July 31, 2023, on the draft Guidelines on the proposed common approach to the resubmission of historical data under the EBA reporting framework.
EC Adopts Regulation on Own Funds, Issues Other Updates
The European Commission adopted Delegated Regulations on own funds and eligible liabilities, on requirements for the internal methodology under the internal default risk model
CDP Platform to Report Plastic-Related Impact, Issues Other Updates
The Carbon Disclosure Project (CDP) announced that its global environmental disclosure platform has enabled reporting on plastic-related impact for nearly 7,000 companies worldwide
IASB to Enhance Reporting of Climate Risks, Proposes IFRS 9 Amendments
The International Accounting Standards Board (IASB) updated its work plan to enhance the reporting of climate-related risks in the financial statements,
BIS Addresses Data Gaps and Macro-Prudential Policy for Climate Risks
The Financial Stability Institute (FSI) of the Bank for International Settlements (BIS) published a brief paper that examines challenges associated with the use of macro-prudential policies to address climate-related financial risks.
FCA Sets Out Business Plan, Launches TechSprint on Greenwashing
The Financial Conduct Authority (FCA) published its business plan for 2023-24. The plan sets out details of the work planned for the next 12 months to achieve better outcomes for consumers and markets
UK Committee Sets Out Recommendations for Next Phase of Open Banking
The Joint Regulatory Oversight Committee (JROC), comprising the Financial Conduct Authority (FCA) and the Payment Systems Regulator (PSR) as co-chairs and the HM Treasury and the Competition and Markets Authority (CMA) as members
ECB Publishes Multiple Regulatory Updates for Banking Institutions
The European Central Bank (ECB) published the results of the 2022 climate risk stress test of the Eurosystem balance sheet,