On May 10, 2017, the Consumer Financial Protection Bureau (CFPB) announced steps toward issuing regulations to impose data reporting requirements on the small business lending industry, a rulemaking required under the Dodd-Frank Act of 2010. To help it draft a proposed rule, the CFPB requested public feedback through a Request for Information (RFI) Regarding the Small Business Lending Market. At the same time, the CFPB released a white paper, Key Dimensions of the Small Business Lending Landscape, discussing the data currently available regarding small business lending.

While most of the CFPB’s authority relates to consumer matters, the agency has stated that it considers fair lending issues related to small business lending one of its supervisory priorities, and expects to ramp up its focus in this area. In its 2016 Fair Lending Report, released April 14, 2017, the CFPB stated that it is “focusing on how to make sure small business owners, including women-owned and minority-owned businesses, can better access lending,” and noted too that it has conducted targeted fair lending reviews of small-business lenders, “focusing in particular on the quality of fair lending compliance management systems and on fair lending risks in underwriting, pricing, and redlining.”

The May 10 actions were taken pursuant to a requirement imposed by the Dodd-Frank Act, which amended the Equal Credit Opportunity Act (ECOA) to require financial institutions to report certain information about small business loan applications, including applications from minorities and women, and directed the CFPB to issue regulations to implement those reporting requirements. (Those ECOA amendments would be withdrawn under the Financial CHOICE Act recently passed by the House Financial Services Committee, but that bill’s ultimate fate remains unclear as of this writing.)

The Dodd-Frank amendments to ECOA require financial institutions to compile, maintain, submit annually to the CFPB, and generally make available to the public upon request, the following information about small business loan applications:

  • Application number;
  • Application data;
  • Type and purpose of financing;
  • Amount applied for;
  • Amount approved;
  • Type of action taken and action taken date;
  • Census tract of the principal place of business;
  • Gross annual revenue in the applicant’s last fiscal year preceding the date of the application; and
  • Information about each business principal owner’s race, sex, and ethnicity.

Beyond these data points specified in the ECOA amendments, the CFPB is allowed to add any that it determines would further the purposes of the ECOA amendments. These purposes include facilitating enforcement of fair lending laws and enabling communities, governmental entities, and creditors to identify business and community development needs and opportunities of small businesses owned by women or minorities. Financial institutions are required to restrict underwriters’ access to this information, where feasible.

To implement the data reporting requirements imposed by Dodd-Frank and determine whether the CFPB should require financial institutions to collect additional information, adopt exceptions, or exempt certain financial institutions or types of financial institutions, the CFPB is asking for information from commenters about small business lending issues and current industry practices, including:

  • How to define a “small business,” including challenges that financial institutions or small business loan applicants could face if the CFPB’s rule used the Small Business Administration (SBA)’s definition of a “small business”;
  • What data standards financial institutions currently use to collect and record data;
  • Which data points specifically required under Dodd-Frank financial institutions currently collect and maintain;
  • What information financial institutions currently collect about a small business applicant’s type of business and number of employees;
  • Challenges financial institutions foresee in reporting data around an applicant’s gender, ethnicity, and race, and in identifying principal owners of small business applicants while also limiting underwriter access to these data points;
  • How financial institutions integrate data collection into their application processes;
  • Any concerns financial institutions have about regulators or the public misinterpreting or incorrectly drawing conclusions about data points that would be collected;
  • Whether certain types of financial institutions should be exempt from the small business lending data collection rule;
  • What roles lending marketplaces, brokers, dealers, and other third parties currently play in the small business lending application process;
  • Types of financial products offered to small businesses;
  • How financial institutions define an “application” for business credit products and whether the definition varies across different types of products;
  • When preapprovals, prequalifications, and similar assessments are made and what information is used in those assessments;
  • When a credit review would occur on an existing credit facility;
  • Challenges small businesses may face in accessing credit; and
  • Any privacy and confidentiality concerns applicants and financial institutions have related to collecting the required data points and steps the CFPB can take to address those concerns.

Responses to the RFI are due 60 days after the RFI is published in the Federal Register, which should occur soon. Financial institutions lending to businesses that could potentially be included in a definition of a “small business” should consider responding to the RFI.

The ability to comment on an RFI before any regulation text is proposed can be helpful in that it offers a chance to shape what is eventually proposed. In this case, commenting may be especially important because so much is still unknown about how the data collection could actually work in practice, how the information would be used, and what the costs and benefits might be.

Potential downsides for financial institutions might include the compliance burden that would presumably result from the collection and reporting of data. This burden, in turn, could increase the cost to small businesses of obtaining credit. And the data will presumably invite fair lending scrutiny by regulators and others viewing the data. This makes it particularly important that clear parameters are established regarding data quality and the limitations on the conclusions that may be drawn from the data. Issues to address in this regard would include potential double-counting of an applicant that falls into multiple reportable categories, and the fact that the data may not reflect the entire universe of applicants, since applicants may opt not to provide the requested information.

There could be potential benefits to the reporting of data as well. The data could provide increased transparency around industry trends generally. The data also could reveal information that encourages regulators to reduce obstacles to small business lending. For instance, if the data show that financial institutions approve relatively few applications for certain types of small business loans or certain small business loan amounts, that could fuel arguments that banking regulators should adjust capital adequacy rules for those types or sizes of loans, or that the Small Business Administration (SBA) should ease documentation requirements around those types or sizes of SBA loans.

All these issues are ripe for commentary, and stakeholders in small business lending should consider weighing in on them, as well as continuing to monitor the CFPB’s website and this space for relevant updates.