Alert: CFPB publishes proposed rule for data collection on small business loans | Cooley LLP

On September 1, 2021, the Consumer Financial Protection Bureau (CFPB) Posted a Notice of Proposed Regulatory Proposal (NPRM) seeking public comment on its proposed rule to implement Section 1071 of the Dodd-Frank Act on Wall Street Reform and Consumer Protection (Dodd-Frank Act ). The publication of the NPRM in the Federal Register on October 8, 2021, begins the 90-day comment period – and comments on the proposed rule must be received by January 6, 2022.

Section 1071 of the Dodd-Frank Act amended the Equal Credit Opportunity Act to require certain financial institutions to collect and report to CFPB certain data regarding credit applications made by small businesses, including businesses women-owned and minority-owned businesses¹, among other requirements. Section 1071 has two stated objectives: “to facilitate the enforcement of equitable lending laws and enable communities, government entities and creditors to identify the business and community development needs and opportunities of women, minorities and small businesses ”. As proposed, the rule would not require financial institutions to collect and report female-owned business status and minority-owned business status for businesses that are not small.

In the NPRM, the CFPB recognizes the ongoing transformation of the small business lending landscape, including the growing role that FinTech companies and others are playing in financing small businesses. If finalized, the proposed rule would amend Regulation B to implement the requirements of Section 1071. The proposed rule would apply to a range of entities that engage in small business loans and create the first comprehensive database of small business credit applications in the United States.

Financial institutions and transactions covered by the proposed rule

The proposed rule would require a “covered financial institution” to collect and report certain data regarding “covered claims” from “small businesses” for “covered credit transactions”.

What is a “covered financial institution”?

The CFPB proposes to define a “covered financial institution” as a “financial institution that initiated 25 or more small business covered credit transactions in each of the preceding two separate calendar years”. A “financial institution” would include “any partnership, corporation, corporation, association (incorporated or unincorporated), trust, estate, cooperative organization or other entity that engages in financial activity”. According to the CFPB, the definition of a covered financial institution would encompass a range of entities that engage in small business loans, “including deposit-taking institutions (i.e. banks, associations of financial institutions). savings and credit unions), online lenders, financial institutions (depositary and non-depository institutions), lenders involved in equipment and vehicle financing (captive finance companies and independent finance companies), commercial financing, government lending entities and non-profit, non-depository lenders.² The proposed rule would not include an asset-based exemption for deposit-taking institutions or other general exemptions for financial institutions.

What is a “covered app”?

The proposed rule would define a “covered request” as “an oral or written request for a covered credit transaction that is effected in accordance with the procedures used by a financial institution for the type of credit requested”. The CFPB would exempt from the definition of a covered application: “(1) requests for reassessment, extension or renewal on an existing business credit account, unless the request is for additional credit amounts; and (2) inquiries and screening requests.

What is a “covered credit transaction”?

The CFPB proposes to define a “covered credit transaction” as one that meets the definition of “business credit” in Regulation B, which would include, among others, loans, lines of credit, credit cards and cash advances to traders. A “covered credit transaction” would exempt trade credit, utility credit, title credit and ancillary credit, as well as factoring, leases, consumer credit used for business purposes and credit. secured by certain commercial property.

What is a “small business”?

The proposed rule would define a “small business” by reference to the definition of “small business” in the Small Business Act and the regulations of the Small Business Administration (SBA). However, the proposed definition would not apply the SBA size standards to define a small business; instead, it would look to see if the company had generated gross annual revenue of $ 5 million or less in the previous fiscal year.

Data to be collected and reported, and publication of data to be reported

The CFPB would require a covered financial institution to collect and report more than 20 data points regarding small business covered claims for covered credit transactions. (For a summary of the data points that the proposed rule would require covered financial institutions to collect and report, see the CFPB “Suggested data points for data collection on small business loans”). These data points generally fall into three categories:

1. Data points generated or provided by the financial institution.
2. Data points which are or could be provided by the requester (or otherwise determined on the basis of information provided or authorized by the requester).
3. Data points that deal with demographics of primary owners or the property status of the applicant.

In particular, it should be noted that the data points include whether a small business applicant is female or minority, and the ethnicity, race and gender of the “primary owners” of the small business applicant (the CFPB collectively refers to this data as “demographic protected information”).³ However, the proposed rule would not require applicants to respond to requests for protected demographic information from a financial institution. In accordance with the requirements of Section 1071, the proposed rule would require covered financial institutions, unless this is not possible, to limit the access of certain employees and officers to responses to requests containing protected demographic information by creating a “parent”. -fire “.

The proposed rule would require affected financial institutions to collect data on a calendar year basis and report the data to CFPB by June 1 of the following year. A target financial institution would also be required to provide certain information about itself as part of its annual submission. One of these data points is the type of financial institution covered, and the CFPB suggests the inclusion of a “fintech” category.

The CFPB also proposes to make the data submitted by the covered financial institutions available to the public annually on the CFPB website. However, the CFPB would first use a “balance test” to determine whether to modify or delete certain data in the interest of privacy.

Next steps and perspectives

Financial institutions have time to prepare for anticipated requirements. If implemented, the final rule would take effect 90 days after publication in the Federal Register, and would not require compliance until approximately 18 months later. The CFPB also proposes transitional provisions that would facilitate the implementation of the rule by the financial institutions covered.

The early publication by the CFPB of the data collected and reported by the financial institutions covered in accordance with Article 1071 and the CFPB implementation rule is likely to increase fair lending problems with regard to loans to small businesses. businesses, which may become subject to the levels of regulatory and public scrutiny seen with home mortgage lending.

Remarks

1. A business would be considered a “women-owned business” or a “minority-owned business” if (a) more than half of its ownership or control is owned by one or more women or “female-owned persons”. minority ”, respectively, and (b) more than half of its net profits or losses go respectively to one or more women or persons belonging to minorities. A “minority individual” would mean “an individual who is Native American or Alaskan Native, Asian, Black or African American, Native of Hawaii or other Pacific Islander, and / or Hispanic or Latino. “
2. The requirements do not extend to motor vehicle dealers.
3. The “principal owner” would be defined as “a natural person who directly holds 25% or more of the participations in the capital of a company”.

[View source.]