The Consumer Financial Protection Bureau has issued a long-anticipated rule that will require banks and other lenders to report data on small-business lending as part of a government effort to combat discrimination.
The rule, mandated by Congress in 2010, will make lenders start collecting data in 2024 on how many applicants are approved or denied small-business loans. The data will include the cost of credit as well as geographic and demographic details about borrowers.
The CFPB dragged its feet for more than a decade and ultimately was forced to begin the rule after it was
"Having the data set is very, very powerful especially when you can identify … what different lenders are doing," CFPB Director Rohit Chopra said Thursday, drawing applause and cheers at a conference of the National Community Reinvestment Coalition. "By merely asking for the data it changes the way lenders think."
Chopra called the rule a "small-business loan census" that will "ensure that banks and nonbanks are serving small businesses fairly." The bureau said the rule provides "a data-driven approach to detect potential discrimination."
Currently, data on loans to small businesses is limited, an issue that became apparent during the COVID-19 pandemic and the rush to provide loans through the Paycheck Protection Program. The data will cover a wide range of credit products including term loans, lines of credit, business credit cards, online credit products and merchant cash advances.
Community advocacy groups are planning to use the data when it is ultimately released to publicize which banks are doing a poor job of lending to Black- and Hispanic-owned small businesses.
"We think it's past time that it comes into being and that a lot of good will come of it," said Paulina Gonzalez-Brito, the CEO of the California Reinvestment Coalition. "The result will be increased lending and greater scrutiny of banks and who they're lending to, and it allows for fair lending enforcement and for changes in the way [lenders] do business."
The CFPB's final rule includes major changes from its 2021 proposal. The rule applies to banks and lenders that originate at least 100 loans a year, up from 25 loans a year in the proposal. The CFPB simplified the definition of small businesses to companies with gross revenues of under $5 million a year with the aim of easing compliance.
Lenders that originate fewer than 100 small-business loans a year are still required to adhere to fair lending laws, the bureau said. The rule covers nonbank lenders that currently account for roughly $550 billion a year in financing to small businesses, the bureau said.
The data collection is similar to mortgage data that lenders have had to report for the past 50 years under the Home Mortgage Disclosure Act.
The rule, known as 1071 for the section of the Dodd-Frank Act that mandated it, was created to give policymakers insights into credit decisions affecting the country's 33 million small businesses, especially those owned by women and minorities. The CFPB said the rule could work in concert with an updated Community Reinvestment Act, which federal regulators plan to revamp to account for mobile and online banking activities.
In another change, the CFPB is allowing for a two-year phase-in starting in 2024, with large lenders collecting the data earlier than smaller ones. Lenders that originate at least 2,500 small-business loans a year will begin collecting the data on Oct. 1, 2024. Lenders originating at least 500 loans a year annually will start April 1, 2025, and those making at least 100 loans a year will begin Jan. 1, 2026, the CFPB said.
Lindsey Johnson, president and CEO of the Consumer Bankers Association, said banks need more time to comply with such a huge rule.
"We're concerned the final implementation timeline is insufficient for such a massive undertaking," she said in a press release, adding that the bank trade group "will continue urging the bureau to extend the timeline."
Bankers worry the proposed reporting requirements on small-business loans will be used to shame lenders for neglecting minority-owned firms. Community groups are already preparing to use the data to point out racial disparities.
The CFPB also dropped a requirement from its 2021 proposal that would have forced loan officers to identify an applicant's race or ethnicity after it became a major bone of contention with industry. Instead, the CFPB said that small businesses will be able to "self-identify" as "women-, minority- or LGBTQI+-owned."
"Loan officers will not be required to make their own determinations of an applicant's race, ethnicity or any other demographic information," the bureau said in a press release.
Under the statute, small-business applicants have the right to refuse to provide the data. But the bureau intends to use its supervisory and enforcement authority to make sure that lenders are not discouraging applicants from doing so, a senior CFPB official said.
"Privacy is increasingly on people's minds," said Mary Ann Miller, vice president of client experience at Prove Identity, a New York digital-identity solutions provider. "Part of the heavy lift is if there is not a willingness on the part of the small-business applicant to comply."
The CFPB is still studying how to address privacy concerns. In another change from its proposal, the bureau dropped a so-called "balancing test" that was meant to assess the risks and benefits of public disclosure. Instead, the bureau will continue to seek public feedback on privacy issues.
"We're obviously still in the design phase of that," Chopra said. "There's no data yet, so once we get that we're going to look at privacy [and] figure out how we will be able to publish summary data, loan-level data and everything in between."
He continued: "Given how much demographic information we're collecting, what are we going to do and what can we learn from [mortgage data] about how to make sure that individuals don't get reidentified in the process?" he said. "There's more work on this to come."
Consumer advocates have voiced concerns that the CFPB will be sued by a banking trade group to keep the rule from being implemented. In response, the CFPB said it is committed to working with small-business lenders and third parties, has set up a help line to answer lenders' compliance questions and plans to release additional instructional materials.
Rep. Patrick McHenry, chairman of the House Financial Services Committee, responded by calling the rule "disastrous," saying it would limit credit and impose a burden on small lenders. He also threatened to have the rule repealed though such an effort is unlikely to succeed.
"To hold the CFPB accountable for its harmful rulemaking, the House Financial Services Committee will explore all options — including the Congressional Review Act — to ensure it does not take effect," McHenry said in a statement. "By imposing overly burdensome reporting requirements on smaller lenders, Director Chopra is jeopardizing the privacy and security of small-business owners' personal and financial data."
— Polo Rocha contributed to this article